Certain strains of cybercrime are growing in Europe, according to an annual threat assessment report.
Europol, the European Union’s law enforcement arm, found that cyberattacks on company executives and other high-profile targets rose in 2016. The agency’s European Cybercrime Centre assisted 131 successful operations last year, up from 72 operations in 2014. Following the report, Europol has called for an increased emphasis on cybercrime – both in law enforcement and policy.
"Europol is concerned about how an expanding cybercriminal community has been able to further exploit our increasing dependence on technology and the internet," Rob Wainwright, director of the agency, said in a statement. "We have also seen a marked shift in cyber-facilitated activities relating to trafficking in human beings, terrorism and other threats."
Improvements in encryption technology at least partially facilitated the trend, the agency reported. But the trend itself is as diverse as real-world crime.
Ransomware attacks, which lock company databases then demand payments in exchange for unlocking them, increased in 2015. So did so-called “CEO fraud” attempts, where hackers target high-level employees with phishing attacks to obtain sensitive data.
Europol also found an uptick in contract hackers who offer their services to militant groups, such as the self-proclaimed Islamic State. However, “crime as a service” trends have yet to manifest in major attacks, the agency said.
"There is currently little evidence to suggest that their cyberattack capability extends beyond common website defacement," the assessment stated. "[But] the availability of cybercrime tools and services, and illicit commodities (including firearms) on the Darknet, provide ample opportunities for this situation to change."
And large companies and governments aren’t the only potential victims of cybercrime in Europe. Malware attacks on ATMs and healthcare systems rose as well, the report finds, even as traditional credit card scams decreased. Filmed child abuse and exploitation, which can be streamed online from digitally obscured locations, also increased. Europol said that combating the online sexual abuse was a “high priority” for law enforcement internationally.
The report did yield some positives. Increased communication between businesses and government proved successful in many cybercrime cases, the report found.
“Partnerships between industry and law enforcement have improved significantly,” Steve Wilson, head of the European Cybercrime Centre, said in a statement, “leading to the disruption or arrest of many major cybercriminal syndicates and high-profile individuals associated with child abuse, cyber intrusions and payment card fraud, and to innovative new prevention programmes such as the no more ransom campaign.”
In a op-ed for The Christian Science Monitor, cybersecurity expert Larry Clinton called for a similar spirit of collaboration in the United States:
The traditional regulatory model is ill suited for cyberspace. Instead of the current backward-looking, finance-based, pass-fail, blame-the-victim model, we need to create a forward-looking, risk-management model powered by growth and incentives, not penalties and compliance. The new administration must work collaboratively with the private sector to develop this model.
This report contains material from Reuters.