Europol calls for cross-sector monitoring of cryptocurrencies to ensure check cybercrimes. Cybercrime is the new threat to the world.
Europol’s European Cybercrime Centre (EC3) recently released its annual report on cyber threat. The “Internet Organized Crime Threat Assessment” (IOTCA) which highlighted areas of cyber-attacks also proffered recommendations. Just as in the previous year, IOTCA 2017 had revelations that would interest crypto enthusiasts.
While addressing Cross-Cutting Crime Factors, the report stated that Ethereum alongside other cryptocurrencies like Moreno and Zcash were gaining popularity in the digital underground. Bitcoin however still remained the favorite for Cybercrime perpetrators.
It recommended an inter-agency engagement with the private sector, academia, and developers to seek solutions and share information. It also suggested training with a special focus on emerging cryptocurrencies which have additional security measures that hamper investigations. Europol had in February organized a workshop to train participants on investigations concerning cryptocurrencies. The idea was to stay one step ahead of cybercriminals.
Such collaborations are not entirely new, the report cited the takedown of AlphaBay and Hansa Darknet Markets as success achieved through joint efforts. AlphaBay takedown was possible through contributions from FBI, DEA, Dutch National Police and Europol. Both DNMs transacted using bitcoins and other cryptocurrencies.
Europol’s Concern – Cybercrime As A Service
The 2016 IOTCA report had flagged one of Ethereum’s feature, the “smart contracts” as a possible crime-as-a-service business model, there has not been any such activity to verify the claim. This year’s report shows concern for a plan to run a decentralized darknet market on the Ethereum blockchain after a spokesperson for a group made claims in July, about a DNM “Tralfamadore” in development.
Other areas addressed in this year’s edition of the cybercrime watch report are; Cyber dependent crime, Payment Fraud, Online Child Sexual Exploitation, Online criminal markets, and Cyberterrorism.
The WannaCry and Petya/NotPetya incidents earlier this year placed a special focus on ransomware. Ransomware attacks had far outpaced other forms of cyber attack, affecting victims on an unprecedented scale. Unlike Trojan attacks which were usually limited to their target profile, ransomware attack vector cut across multiple industries, in both private and public sectors.
Recall that WannaCry ransomworm attack affected an estimated 300,000 victims in 150 countries in May. The victims included UK’s National Health Service, Telefonica, FedEx and Deutsche Bahn. The success of WannaCry was attributed to two major factors; its ability to self-propagate to spread infection, and its use of ‘EternalBlue’, a Windows SMB (Server Message Block) allegedly leaked from the NSA. The code for the exploits was publicly leaked by ShadowBrokers in April. Microsoft released a patch for it before the attacks but many were yet to update their software.
Finally, European Union Agency for Law Enforcement, Europol called for compliance with the Network Information Security (NIS) directive on the security of network and information systems in data protection of July 2016.