Connect with us

Cyber

Cyber criminals targeting more profitable ransomware attack victims, Europol report reveals

Published

on

ransomware attack victims

A new report from Europol has revealed that cyber criminals are increasingly seeking out more profitable targets while using new forms of technology.

The law enforcement agency’s latest Internet Organised Crime Threat Assessment (IOCTA) found that ransomware remains the top cyber threat, even though the number attacks recorded over the past year has declined as hackers focus on more profitable victims.

Ransomware is likely to remain the top cyber crime threat over the next 12 months, Europol said.

According to the report, phishing and vulnerable remote desktop protocols are the primary malware infection vectors, while data remains a key target, commodity and enabler for cyber criminals.

The study notes that while new forms of technology provide fresh opportunities for hackers to seek out additional revenue streams, cyber criminals continue to routinely take advantage of known vulnerabilities in existing systems that have remained unpatched for extended periods of time.

Away from ransomware, Distributed Denial of Service (DDoS) attacks were also one of the most prominent threat forms reported to Europol last year, with many banks identifying DDoS attacks as a significant ongoing problem.

Elsewhere, Europol said the sheer volume of child sexual exploitation material being distributed online is in danger of overwhelming law enforcement agencies, noting that the use of deepfake AI-technology is becoming an emerging problem for investigators focussed on the online circulation of indecent images of minors.

Commenting on the report, European Commissioner for Migration, Home Affairs and Citizenship, Dimitris Avramopoulos said: “Cybercriminals are becoming bolder than ever and so should we in our common European response.

“I am glad to see that Europe’s efforts to tackle large-scale cyber-attacks across borders are bringing results.

“But I am distraught by the fact that child sexual abuse material continues to thrive online.”

Europol said continuous efforts are required to “further synergise the network and information security sector and the cyber law enforcement authorities to improve the overall cyber resilience and cyber security”.

Launched on the same day as the report, Interpol yesterday announced a new campaign designed to raise awareness of so-called CEO fraud.

Also known as BEC fraud, CEO fraud involves hackers targeting a company’s low-level employees or middle managers while pretending to be a senior executive.

After gaining a victim’s trust, CEO fraud hackers attempt to convince them to transfer large sums of company money to a bogus bank.

Craig Jones, Interpol’s Director of Cyber Crime, commented: “With more than $1 billion lost to BEC fraud last year alone, this relatively unknown crime is fast becoming a global phenomenon.”

Continue Reading

Articles

UK charities warned to look out for social engineering spear phishing emails

Published

on

social engineering spear phishing emails

The UK’s Charity Commission has warned that scammers are impersonating charity workers via email and attempting to change employees’ bank details.

After receiving several reports of spear phishing campaigns targeting people who work at charitable organisations, the commission cautioned that fraudsters are using spoofed email addresses to pose as staff with authority to update employees’ banking information.

The fraudsters behind the social engineering scam typically write in their emails that they have changed their bank details or opened a new account.

Alan Bryce, head of development, counter fraud and cyber crime at the commission, said: “We know several charities have been targeted by this fraud and we want to ensure others are equipped to protect themselves.

“So, our message to charities is clear: read and understand our guidance on fraud, and check who’s sending an email whenever you receive a message about changes to staff bank details.”

In advice on how charities can protect themselves, the commission said organisations should review internal procedures regarding how employee details are amended and approved, and train staff not to click on links or open attachments in suspicious emails.

A report published by the commission to coincide with the UK’s Charity Fraud Awareness Week, which took place in October, revealed that over half of fraud carried out against charities is committed by perpetrators known to the organisation affected.

The study found that while over two-thirds of UK charities consider fraud to be a major risk, less than 9% offer fraud awareness training to their staff members.

More than half (58%) of charitable organisations surveyed for the study said they believe cyber crime poses a major threat to the sector.

In a separate report also published in October, the commission and the UK Fraud Advisory Panel revealed that one in every six major organisations that make up Britain’s £80 billion ($105.4 million). charity sector will be affected by cyber crime over the course of the next two years.

Twenty-two percent of charities said they believe that cyber crime is a greater risk to the sector than any other threat, with larger charities typically being more likely to appreciate the risk of cyber crime.

“This may be because larger charities generally have a greater capability to detect cyber crime,” the report concluded.

“Many small and medium sized charities are less aware of the cyber crime threat, yet are probably more at risk.”

Continue Reading

Articles

International coalition of anti-child abuse charities call Instagram a ‘predator’s paradise’

Published

on

charities call Instagram a ‘predator’s paradise’

An international coalition of organisations that fight the sexual exploitation of children has labelled Facebook’s photo-sharing service Instagram a “predator’s paradise”.

In a joint statement issued earlier this month, the National Centre on Sexual Exploitation in the US, Australia’s Collective Shout and Defend Dignity in Canada called Instagram out for facilitating sex trafficking, child sexual grooming, and the adult fetishisation of young girls.

Launching the #WakeUpInstagram, the three organisations called on the social media platform to change its settings so that strangers cannot direct message children, and fix its algorithm to proactively remove sexualising or sexually graphic comments on images posted by minors.

The groups are also calling on Instagram to update its reporting system so that anybody who wishes to report inappropriate comments on minors’ profiles can so more easily.

They note that the “harassment/bullying” selection in Instagram’s reporting process does not currently capture the fact that such comments come from adults who are grooming a child.

Lyn Kennedy, a Collective Shout campaigner, commented: “Since July, we have collected hundreds of samples of sexual, predatory comments on underage girls’ Instagram posts.

“What we’ve found shows that sexualisation and harassment of underage girls on Instagram is rampant.

“By giving adults unfettered access to children and facilitating the transmission of sexual comments—including requests for sexual content—from adults to children, Instagram is complicit in the harm of underage girls.

“If technology and social media companies are going to allow minors on their platform in any capacity, then they must provide adequate measures to keep children safe from sexual predators.”

The charities are asking people to post on social media using the hashtags #WakeUpInstagram and #InstaPimpsKids, remembering to tag @Instagram into their posts.

Back in March of this year, UK child protection charity the NCPCC warned that paedophiles in England and Wales were using Instagram to groom children more than any other social media platform.

The charity noted a 200% rise in recorded instances in the use of Instagram to target and abuse children over the preceding six-month period.

In response to the NSPCC’s findings, a spokesperson for Facebook and Instagram said: “Keeping young people safe on our platforms is our top priority and child exploitation of any kind is not allowed.

“We use advanced technology and work closely with the police and [the UK’s] CEOP (Child Exploitation and Online Protection Command) to aggressively fight this type of content and protect young people.”

Continue Reading

Articles

One child sex offence involving online indecent images recorded every seven minutes in UK

Published

on

Child sex offence involving online indecent images

One child sex offence with an online element is recorded in the UK every seven minutes, according to new data obtained by the NSPCC.

After submitting freedom of information requests to police forces across the country for the latest figures relating to the sexual exploitation of children under the age of 18, the child protection charity discovered that recorded sex crimes against minors and young people have increased by more than 60% since 2014/15 to 76,204.

In cases in which the age of victims was provided, 16,773 offences were recorded against children aged 10 and under, while 341 were recorded against babies under the age of one.

Responding to the data, the NSPCC has called for the greater provision of specialised services for victims of child sexual exploitation across the UK, a more joined response to the problem from public services such as the police, healthcare providers, children’s services and advocacy groups, and the establishment of child-friendly spaces for children who have experienced sexual abuse.

Commenting on the figures, NSPCC boss Peter Wanless said: “Record numbers of child sexual offences means we are facing a nationwide crisis in the help available for tens of thousands of children.

“These children are bravely disclosing what happened to them but in too many cases there is not enough timely, joined up and child-friendly support. Instead they are shunted from overstretched service to service.

“We need a radical rethink in the way we help these young people, otherwise they could struggle for the rest of their lives with long term, deep seated trauma.”

Back in April, Britain’s Internet Watch Foundation (IWF) revealed that it took down more than 100,000 webpages containing indecent images of children and young people aged under 18 in 2018.

The IWF said it discovered and took down a record 105,047 webpages featuring indecent material last year, many of which contained hundreds of illegal images and videos.

This figure was up from 78,589 pages the organisation identified and removed from the internet in 2017.

Earlier this month, Europol warned in its latest Internet Organised Crime Threat Assessment (IOCTA)  that the increasing volume of child sexual exploitation material being distributed online is in danger of overwhelming law enforcement agencies.

“The online solicitation of children for sexual purposes remains a serious threat with a largely unchanged modus operandi,” the report read.

“Self-generated explicit material is more and more common, driven by growing access of minors to high quality smartphones and a lack of awareness of the risks.”

Continue Reading

Newsletter

Sign up for our mailing list to receive updates and information on events

Social Widget

Latest articles

Press review

Follow us on Twitter

Trending

Shares