Ransomware – a Top Concern for the European Police (IOCTA 2016)



Europol released the “Internet Organized Crime Threat Assessment” Report for 2016. Produced by the European Cybercrime Centre (supported by the contribution of several EU IT security organizations and private companies), the report presents the findings of Europol’s specialists, based on their hands-on experience during the year to date. The aim of the report is to help decision makers stay informed about the latest cybercrime activity and trends, in an effort to fight the phenomenon.

The report concentrates on three areas of concern for Europol: cyberattacks, child abuse, and payment fraud but also provides information on other sectors that contribute to the cybercrime landscape, such as malware and social engineering.

“Ransomware continues to be the dominant concern for EU law enforcement.”

The malware section presents Ransomware as the most significant malware threat and a top concern for Europol. Ransomware attacks allow organized crime to generate bitcoin revenues that are difficult or impossible to track. This money is used to sponsor criminal activities in the EU and worldwide, hence Europol’s interest in controlling the phenomenon. Activity has increased both targeting end-users with common Ransomware variants, and targeting companies, healthcare and even governmental institutions with custom, advanced variants. The “most wanted” in this section include Cryptowall- because of its spread in the EU, CTB-Locker because of its impact on the financial sector, Teslacrypt and Locky. The latter is of particular interest because of its damaging and reach potential for 2016, with Germany, France, Italy and Spain among the top 10 targets for cybercrime campaigns using Locky variants.

Europol IOCTA 2016 Malware Table

Another significant concern as highlighted by the report covers data-stealing malware and highlights its potential of bringing more revenue than Ransomware activity. With the increase consumption of IT comes an increase in the amounts of data being generated worldwide, leading to more opportunities and higher revenue potential for cybercriminals. This section covers Dridex, Citadel, Zeus and Dyre – all specialized in targeting financial institutions.

“While ransomware provides easy money for cybercriminals, the data which information stealing malware can harvest can be of significantly greater value,”

The report also presents other malware threats like mobile malware, remote access tools, etc., together with recommendations for the European law enforcement agency.

How we can help

TEMASOFT will support the effort to fight off Ransomware by releasing a Ransomware protection tool with data recovery abilities, allowing users and companies to detect, block and recover from Ransomware attacks.

This tool can detect all top Ransomware threats mentioned in Europol’s IOCTA 2016.

Read the entire Europol IOCTA 2016 report here: https://www.europol.europa.eu/iocta/2016/

Liked this article? Follow us on LinkedIn for more, or subscribe to our newsletter.