Europol issued 2014 iOCTA report on evolution of cybercrime

The Europol issued 2014 Internet Organised Crime Threat Assessment (iOCTA) report to provide details about on-going developments in the cyber criminal ecosystem.

The Europol European Cybercrime Centre (EC3) has issued the 2014 Internet Organised Crime Threat Assessment (iOCTA) which describes the evolution of cybercrime an the models of sales adopted in the criminal ecosystem.

This ‘Crime-as-a-Service‘ business model is considered a winning choice for the cybercrime ecosystem, the model in fact is able to ensure “innovation and sophistication” of the solutions offered. With the adoption of this business model, the entry barriers into cybercrime are being lowered, allowing criminals with low technical expertise to venture into cybercrime.

“These days, almost anyone can become a cyber-criminal. This puts an ever increasing pressure on law enforcement authorities to keep up. We need to use our new knowledge of how organised crime operates online to launch more transnational operations. We need to ensure that investigations into payment card fraud and online child abuse don’t stop at national borders,” says Cecilia Malmström, Commissioner Home Affairs.”

The document explains how the organised crime is leveraging underground forums, black markets, deep web and crypto currency schema to conduct illicit activities. Money laundering, data theft and child pornography, are a few examples of the illegal activities contrasted by the Europol.

“A professional, continuously evolving service-based criminal industry drives the innovation of tools and methods used by criminals and facilitates the digital underground through a multitude of complementary services, extending the attack capacity to those otherwise lacking the skills,” states the iOCTA report.“Traditional organised crime groups (OCGs), including those with a mafia-style structure are beginning to use the service-based nature of the cyber crime market to carry or more sophisticated crimes [by] buying access to the skills they require.”

The document issued by the Europol remarks the important role of Europol’s EC3 in the fight against cybercrime, highlighting its crucial role in the joint, multi-national operations that modern cybercrime investigations demand.

The Darknets are privileged places in the cyberspace to offer any kind of illegal products and services, a growing number of criminal gangs exploit anonymity offered by such networks to arrange their activities.

“Child sex offenders and producers make increasing use of the dark net and other similar areas. New forms of child sexual exploitation online such as the live streaming of on-demand abuse of children present new challenges for law enforcement.”

Anonymizing networks, like Tor, are used to host black market places where criminals sale drugs, weapons and hacking services.

New paradigms like the Internet of Things (IoT) and cloud computing are offering new opportunity for criminals:

“The advent of the Internet of Everything, combined with the ever-increasing number of internet users globally creates a broader attack surface, new attack vectors and more points of entry,” read the report.

I have reached Troels Oerting, Head of Europol’s European Cybercrime Centre (EC3) requesting for a comment.

“The Internet is a wonderful invention. It will create growth and prosperity and enable all levels of society to access and share. But it is also a very dangerous place and crime in cyberspace is booming. The area attracts new and old criminal networks taking advantage of the easy access to victims, high profit and low risk of being caught. We need to change this. And we need to start discussing how. Freedom is never free.” said Troels Oerting.

The 2014 iOCTA also provides a set of recommendations for law enforcement to successfully address cyber criminal activities, it highlights the importance for a public and private partnerships and co-operation in the fight to the cybercrime. The recommendations include:

Prevention – Awareness
Prevention – Capacity Building & Training
Partnerships
Protection
Investigation

Information sharing is a crucial aspect of the challenge to the cybercrime, cooperation with other entities it essential in this delicate moment.

Pierluigi Paganini

(Security Affairs – Europol, iOCTA)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.