The European law enforcement agency (Europol) has issued a warning that says cybercriminals are adapting faster than organisations to the new online ecosystem, stating that comapnies of all shapes and sizes are vulnerable to cyber attacks and data breaches from hackers.
We’ve reported recently that the increase in the number of employees working remotely from home has presented cybercriminals with a host of new avenues to direct their cyber attacks. While working from home, employees lack the protections of an organisation’s secure servers, and represent a prime target for cybercriminals to take advantage of employees becoming complacent when it comes to information security.
Now, Europol has published a report detailing the fact that cybercriminals are increasingly adapting faster than organisations to the ‘new normal’ of 2020, looking to exploit vulnerabilities and complacency from organisations and their employees to launch their cyber attacks.
Europol’s EU Commissioner for Home Affairs, Ylva Johansson has said that “the coronavirus pandemic has slowed many aspects of our normal lives. But it has unfortunately accelerated online criminal activity. Organised crime exploits the vulnerable, but it the newly unemployed, exposed businesses, or worst of all, children. This report shows the urgent need for the EU to step up the fight against organised crime online.”
Specific to cybercriminals adapting faster than organisations to the ‘new normal’ of COVID-19 and cybercrime as a whole, Europol warned that “negative publicity leading to reputational fallout may lead to re-victimization, which may prevent victims from coming forward to law enforcement authorities with information which could be crucial in identifying and catching the perpetrators.”
The agency continued to explain that “victims prefer to engage with private sector security firms for investigating the attack or negotiating with extortionists to manage the crises triggered by ransomware (some IT security firms hire specialist negotiators, some of whom get discounts from organised crime groups).”
“Some of the companies that negotiate the ransom payment are working on the edge of legality, as they have developed a trusted business relationship with the ransomware actors,” Europol said.
Yesterday we published an article detailing the annual cost of data breaches on organisations around the globe, which the author of one report said comes at a cost of $7.6 billion each year, with ransomware and business email compromised – BEC – attacks representing the most popular types of cyber attacks being launched at organisations by cybercriminals, according to figures from Kroll.
The agency says that after closing a number of key dark web marketplaces, cybercriminals were looking for new avenues. “Darkweb administrators have been observed pulling together and showing a collaborative spirit to maintain the environment under challenging circumstances,” Europol says.
“When faced with similar challenges, forum and service administrators have been seen working more closely together over sharing code and security methodologies (i.e. anti-DDoS measures, avoiding scams, creating trust-building sites to help users navigate vendors across different marketplaces.)”