Europol publishes report on malware-based cyber attacks

Europol has published a spotlight report “Cyber Attacks: The Apex of Crime-as-a-Service”, which sheds light on malware and DDoS attacks and unveils ransomware groups’ business structures as observed by Europol’s operational analysts.  The report, that follows Europol’s Internet Organised Crime Assessment (IOCTA) 2023, also outlines the types of criminal structures that are behind cyber-attacks, and how these increasingly professionalised groups are exploiting changes in geopolitics as part of their modi operandi.

This report is the first in a series of Spotlight Reports released by Europol as part of the IOCTA 2023.  Each takes a closer look at emerging trends in a specific area of cybercrime.  Other modules within the IOCTA 2023 look at online fraud and child sexual exploitation.

Key findings of the Report

• Malware-based cyber attacks remain the most prominent threat to industry;
• Ransomware affiliate programs have become established as the main form of business organisation for ransomware groups;
• Phishing emails containing malware, Remote Desktop Protocol (RDP) brute forcing and Virtual Private Network (VPN) vulnerability exploitation are the most common intrusion tactics;
• The Russian war of aggression against Ukraine led to a significant boost in Distributed Denial of Service (DDoS) attacks against EU targets;
• Initial Access Brokers (IABs), droppers-as-a-service and crypter developers are key enablers utilised in the execution of cyber-attacks;
• The war of aggression against Ukraine and Russia’s internal politics have uprooted cybercriminals, pushing them to move to other jurisdictions.

Europol’s response to Cybercrime

Europol provides dedicated support for cybercrime investigations in the EU and thus helps protect European citizens, businesses and governments from online crime.  Europol offers operational, strategic, analytical and forensic support to Member States’ investigations, including malware analysis, cryptocurrency-tracing training for investigators, and tool development projects.  Based in Europol’s European Cybercrime Centre (EC3), the Analysis Project Cyborg focuses on the threat of cyber-attacks and supports international investigations and operations into cyber criminality affecting critical computer and network infrastructures in the EU.

EAST response to Cybercrime

EAST focusses on tackling cybercrime through two of its Expert Groups – the EAST Expert Group on Payment and Transaction Fraud (EPTF) and the EAST Expert Group on All Terminal Fraud (EGAF).