A new report from Europol has revealed that cyber criminals are increasingly seeking out more profitable targets while using new forms of technology.
The law enforcement agency’s latest Internet Organised Crime Threat Assessment (IOCTA) found that ransomware remains the top cyber threat, even though the number attacks recorded over the past year has declined as hackers focus on more profitable victims.
Ransomware is likely to remain the top cyber crime threat over the next 12 months, Europol said.
According to the report, phishing and vulnerable remote desktop protocols are the primary malware infection vectors, while data remains a key target, commodity and enabler for cyber criminals.
The study notes that while new forms of technology provide fresh opportunities for hackers to seek out additional revenue streams, cyber criminals continue to routinely take advantage of known vulnerabilities in existing systems that have remained unpatched for extended periods of time.
Away from ransomware, Distributed Denial of Service (DDoS) attacks were also one of the most prominent threat forms reported to Europol last year, with many banks identifying DDoS attacks as a significant ongoing problem.
Elsewhere, Europol said the sheer volume of child sexual exploitation material being distributed online is in danger of overwhelming law enforcement agencies, noting that the use of deepfake AI-technology is becoming an emerging problem for investigators focussed on the online circulation of indecent images of minors.
Commenting on the report, European Commissioner for Migration, Home Affairs and Citizenship, Dimitris Avramopoulos said: “Cybercriminals are becoming bolder than ever and so should we in our common European response.
“I am glad to see that Europe’s efforts to tackle large-scale cyber-attacks across borders are bringing results.
“But I am distraught by the fact that child sexual abuse material continues to thrive online.”
Europol said continuous efforts are required to “further synergise the network and information security sector and the cyber law enforcement authorities to improve the overall cyber resilience and cyber security”.
Launched on the same day as the report, Interpol yesterday announced a new campaign designed to raise awareness of so-called CEO fraud.
Also known as BEC fraud, CEO fraud involves hackers targeting a company’s low-level employees or middle managers while pretending to be a senior executive.
After gaining a victim’s trust, CEO fraud hackers attempt to convince them to transfer large sums of company money to a bogus bank.
Craig Jones, Interpol’s Director of Cyber Crime, commented: “With more than $1 billion lost to BEC fraud last year alone, this relatively unknown crime is fast becoming a global phenomenon.”
California man jailed for soliciting murder of stepmother on dark web
A man from California has been sentenced to three years behind bars after being found guilty of attempting to hire an assassin on the dark web to kill his stepmother.
Beau Evan Brigham, a 33-year-old from the city of San Luis Obispo, was jailed on Monday after being found guilty of soliciting the murder of the woman by a jury last month.
Judge Jesse Marino sentenced Brigham to the lowest possible prison sentence for the crime, meaning he will likely be released from jail in around four months once the amount of time he has spent behind bars already has been taken into consideration.
Speaking after sentencing, District Attorney Dan Dow said: “While we recommended more than three years, a prison sentence is the only appropriate punishment for the extraordinary steps Beau Brigham took to anonymously have someone killed.
“Brigham tried to anonymously plot and secure the death of his stepmother on the ‘dark web’ when he extensively researched, found, and attempted to secure a hitman.
“This cowardly criminal used the latest technology to prevent his detection, but he could not successfully hide.”
Under Californian law, Bingham could have faced a maximum custodial sentence of nine years.
Brigham’s plot was brought to the attention of local investigators by CBS News’s 48 Hours programme, which received a tip-off from UK cyber security expert Chris Monteiro, who had caught wind of what he was planning during his research.
After launching an investigation, San Luis Obispo Police Department established that Brigham had solicited the murder of his stepmother through the Cosa Nostra dark web illicit marketplace in April of last year.
Brigham and his brother sued their stepmother in 2015 for taking part of their inheritance after their father died in 2011 and secured a large judgement against her.
When questioned, it was put to Brigham that he had requested that any attempt on his stepmother’s life must be made to look an accident on account of the fact he would be a likely suspect if she met a suspicious end.
He later indicated to police that he had only used the website as a means by which to attract the attention of his stepmother, but maintained that he could not remember having sought to solicit a hitman to carry out her murder.
Despite Brigham saying in a statement that he was sorry for the “huge mess” he had caused, Judge Marino noted his lack of remorse during sentencing.
Pyongyang denies UN claims North Korean hackers stole $2 billion in attacks on banks and cryptocurrency exchanges
The North Korean government has denied allegations that it had illegally acquired $2 billion through cyber attacks on cryptocurrency exchanges and financial institutions.
Responding to allegations made in an upcoming UN report that was leaked to Reuters last month, Pyongyang said the US was to blame for the circulation of “fabricated information”, describing the dissemination of the allegations as “the same old trick as the Hitler fascist propagandists”.
In its report, which is due to be published later this week, the United Nations Security Council’s Panel of Experts on North Korea reportedly claims that the $2 billion was raised during “widespread and increasingly sophisticated” cyber attacks, and that the funds raised are being used to fund the country’s nuclear weapons programme.
The panel also alleges that Pyongyang used “cyberspace” to launder the money it stole during these attacks, adding: “Democratic People’s Republic of Korea cyber actors, many operating under the direction of the Reconnaissance General Bureau, raise money for its [weapons of mass destruction] programmes, with total proceeds to date estimated at up to two billion US dollars.”
According to the report, investigators have identified at least 35 instances of suspected North Korean hackers being involved in cyber attacks on banks and cryptocurrency exchanges, as well as mining activities designed to earn foreign currencies in 17 countries.
Responding to the allegations in a statement published by KCNA, North Korea’s state news agency, Pyongyang denied the claims.
“The United States and other hostile forces are now spreading ill-hearted rumours that we have illegally forced the transfer of two billion US dollars needed for the development of WMD programs by involving cyber actors,” said a spokesperson from North Korea’s National Coordination Committee of the DPRK for Anti-Money Laundering and Countering the Financing of Terrorism.
“Such a fabrication by the hostile forces is nothing but a sort of a nasty game aimed at tarnishing the image of our Republic and finding justification for sanctions and pressure campaign against the DPRK.”
A separate UN report published back in March linked hackers from North Korea to attacks on cryptocurrency exchanges across the world that resulted in the theft of $571 million.
The majority of this was said to have been stolen in the January 2018 hack of Coincheck, a cryptocurrency exchange based in Japan.
The UN study also accused hackers from North Korea of being behind the 2016 theft of $81 million from Bangladesh Bank.
Speaking with CyberScoop when the latter report was published, Hugh Griffiths, who heads the UN panel, said: “What stands out [from the report] are the amounts of money involved and the sheer scope of the operations, [which are] highly coordinated and disciplined.
“The ability to breach banking security is extremely worrying and raises broader questions.”
US prosecutors charge 80 alleged members of $46 million online fraud and romance scam gang
Prosecutors in the US have charged 80 members of a mainly Nigerian fraud and romance scam gang with scores of offences.
Members of the network, which is said to have been involved in the theft and laundering of millions of dollars, allegedly targeted mostly elderly victims in one of the largest cases of its kind ever seen in the US.
The 80 defendants were charged by a court in Los Angeles last week after police arrested 14 suspected gang members, 11 of whom were detained in the Los Angeles area.
As well as romance scams, the gang is also said to have carried out business email compromise frauds and several other schemes in which victims were convinced to hand over money under false pretences.
The two lead defendants, Valentine Iro and Chukwudi Christogunus Igbokwe, both Nigerian citizens living in the US, are said by prosecutors to have conspired with others in the US, Nigeria and other locations to set up bank and money service accounts to be used to receive funds conned out of the gang’s victims.
Iro and Igbokwe, who were among those arrested last week before charges were laid, stand accused of being involved in a series of scams that resulted in the fraudulent transfer of at least $6 million of stolen funds.
In total, the wider conspiracy is said to have involved the attempted theft of at least an additional $40 million.
According to prosecutors, Iro and Igbokwe fraudulently set up and provided bank accounts, sometimes with the assistance of money mules, into which the proceeds of the network’s scams could be paid.
The pair are said to have taken a cut of the monies transferred as a commission for their services.
Paul Delacourt, Assistant Director in Charge of the FBI’s Los Angeles Field Office, commented: “Today’s announcement highlights the extensive efforts that organized criminal groups will engage in to perpetrate BEC schemes that target American citizens and their hard-earned assets.
“Billions of dollars are lost annually, and we urge citizens to be aware of these sophisticated financial schemes to protect themselves or their businesses from becoming unsuspecting victims.
“The FBI is committed to working with our partner agencies worldwide to continue to identify these cyber criminals and to dismantle their networks.”
All 80 defendants said by police to have been involved with the fraud network have been charged with conspiracy to commit fraud, conspiracy to launder money and aggravated identity theft.
- Spanish police and Europol help smash counterfeit currency networks in Madrid and Bogota
- Britain’s ‘worst-ever’ paedophile found stabbed to death in his jail cell
- Police in Bolivia arrest Lima Lobo family drugs clan boss in Interpol-supported operation
- US porn site owners charged with sex trafficking offences after ‘coercing young women to appear in adult videos’
- UNODC holds meeting in Vienna on organised firearms trafficking across EU member states
9 February 2018
9 February 2018
8 February 2018
28 November 2017
28 November 2017
Follow us on Twitter
Articles4 weeks ago
EU customs authorities saw fake goods seizures soar last year after counterfeiters sent more parcels through post
Articles3 weeks ago
Greek police bust gang that trafficked human eggs, pregnant women and babies
Articles3 weeks ago
US border inspectors seize fake bracelets and jewellery worth $90 million at Kentucky cargo centre
Opinion4 weeks ago
The mystery of why people continue to fall for dark web hitmen-for-hire scams
Articles4 weeks ago
Argentine police arrest gang selling plastic penises filled with cocaine
Opinion2 weeks ago
The US trade war with Beijing will do little to prevent counterfeit items flooding out of China
Articles4 weeks ago
Interpol closes drug trafficking conference in South Africa with call for increased global law enforcement cooperation
Opinion3 weeks ago
Why are young people continuing to take banned diet drugs that kill?