Europol Identifies The Top Cyber Threats

Uploaded on 2023-09-22 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Europol has just published a new threat report that highlights malware-based ransomware cyber attacks that are a major threat, and that ransomware affiliate programs have become the main form of crime for ransomware groups.

The report states: “Cyber criminals usually gain initial access through compromised user credentials or by exploiting vulnerabilities in the targeted infrastructure... Malware-based cyber-attacks, specifically ransomware, remain the most prominent threat with a broad reach and a significant financial impact on industry."

Of particular importance is how ransomware affiliate programs have become established as the main business model for ransomware groups who continue deploying multi-layered extortion methods, with indications that the theft of sensitive information might become the core threat.” 

The most common intrusion tactics include phishing emails containing malware, remote desktop protocol (RDP) brute forcing, and virtual private network (VPN) vulnerability exploitation.

The report details that after Microsoft blocked the option to deliver macros over the Internet in their applications, cyber criminals have shifted to using container files. Nevertheless, victims can still be infected with droppers through Internet search engines, where users are lured with search engine optimisation (SEO) keywords to download malware disguised as a legitimate program or tool.

It is also important to note the impact of Russia’s war against Ukraine on the process, which according to the report has led to a “significant boost” in DDoS attacks against targets in the EU and the highest profile attacks were politically motivated and coordinated by pro-Russian hacker groups. Recent examples include large-scale assaults on Poland and Lithuania.

Furthermore, the war in Ukraine, mass mobilisation in Russia, and Western sanctions have pushed some previously untouchable cyber criminals in the region to flee to jurisdictions in the EU. Among these was the creator of a data theft malware called “RacoonStealer”. This was a malware-as-a-service product sold to clients for $200 a month in crypto currencies and is thought to have been used to steal data and empty the digital currency wallets of more than two million victims.

Europol is also now making sexual exploitation a cyber crime priority as the web has enabled offenders to interact with each other online and obtain indecent material of children in volumes that were unimaginable 10 years ago.

The report concludes with a warning that cyber attacks are expected to increase as a criminal threat affecting the EU and that cyber criminals are likely to further embrace new technologies and maximise the reach of their services, with sensitive data as a core target.

Europol:      Europol:    Interpol:      I-HLS:    Professioanl Security:     Cybernews:     Computer Weekly:

You Might Also Read:

Qakbot Malware Taken Down:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Jargon Buster: Untangling The Complexity In Cybersecurity 
Zero-Trust: Protecting From Insider Threats »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Get Cyber Safe

Get Cyber Safe

Get Cyber Safe is a national public awareness campaign created to educate Canadians about Internet security and the simple steps they can take to protect themselves online.

Sepior

Sepior

Our vision is to make Sepior the leading provider of cloud-encryption software in the world.

DirectDefense

DirectDefense

DirectDefense is an information security services and managed services provider.

GreenWorld Technologies

GreenWorld Technologies

GreenWorld has a proven track record in industry leading IT asset management, secure data destruction and remarketing.

Fortalice

Fortalice

Fortalice provide customizable consulting services built on proven methodology to strengthen your business cyber security defenses.

Industrial Cybersecurity Center (CCI)

Industrial Cybersecurity Center (CCI)

CCI is the first center of its kind that comes from industry without subsidies, independent and non-profit, to promote and contribute to the improvement of Industrial Cybersecurity.

Drawbridge

Drawbridge

Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry.

Cyral

Cyral

Easily observe, control, and protect your data endpoints in a cloud and DevOps-first world. Discover Data Mesh Security with Cyral.

NXM Labs

NXM Labs

NXM is a leader in a leader in advanced cybersecurity software for connected devices.

American Technology Services (ATS)

American Technology Services (ATS)

American Technology Services provides unparalleled services in information technology to support small and mid-sized business. From top-level strategy, to managed services and infrastructure support.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

Systal Technology Solutions

Systal Technology Solutions

Systal is a global managed network and security service and transformation specialist. We help enterprise-level businesses maximise the security and business value of their complex IT infrastructure.

Nagomi Security

Nagomi Security

Nagomi is changing the way security teams balance risk and defense, empowering customers to focus on what matters now.

Cloud Native Computing Foundation (CNCF)

Cloud Native Computing Foundation (CNCF)

CNCF seeks to drive adoption of cloud native technologies by fostering and sustaining an ecosystem of open source, vendor-neutral projects.

System360

System360

System360 is one of Houston's top suppliers of network administration, design, security, and support services.

Exertis Cybersecurity

Exertis Cybersecurity

Exertis Cybersecurity is a sub-division of Exertis Enterprise. We provide market-leading cybersecurity solutions that help to address the cybersecurity challenges that organisations face today.