Blog

Europol SOCTA 2021: Cybercrime Security & Malware Protection

Written by ForeNova | August 13, 2021

Malware has become a pervasive evil in 2021, branching out widely into a world of technology that is often ill-equipped to deal with it. Malware protection has simultaneously become significantly more complex. Advanced Persistent Threat malware and ransomware attacks are two of the biggest threats facing enterprises today. According to DataProt.com, there are over 1 billion malware programs available, and more are being created daily, with trojans accounting for over half of all computer malware. There are a few sources CIOs look towards for information on threat and malware protection, such as law enforcement organizations like the FBI for those within the USA, but where does the EU look for information on the latest threats to their cyber safety?

What is Europol? 

Europol, the European Union Agency for Law Enforcement Cooperation, is a law enforcement agency, founded in 1998, to gather intelligence that could help protect EU citizens from domestic and international organized crime and terrorism. Europol cooperates with 21 EU member states, and non-EU partner states across the world, to collect intelligence, making Europol a valuable source of information on all organized crime, including cyber-crime and ransomware groups. A few of the crimes Europol focuses on are:

  • Cybercrime
  • Drug trafficking
  • Human trafficking
  • Intellectual property crime
  • VAP fraud
  • Counterfeit Euros
  • Mobile organized-crime groups
  • Terrorists & motorcycle gangs
What is SOCTA? 

SOCTA, or the Serious and Organised Crime Threat Assessment,  is a report created by Europol using data and intelligence from across the EU and the globe to report on known criminal networks and their operations in EU member states and abroad. The latest threat intelligence is compiled into the SOCTA 2021, focusing on specific criminals, their processes, and providing a better understanding of how organized crime works to reduce its effect and make law enforcement curtailment of their activities easier and faster. In addition to SOCTA, Europol releases other threat analysis publications including the EU Terrorism Situation and Trend Report (TE-SAT), Internet Organised Crime Threat Assessment (IOCTA), and the Europol Review. It is critical for organizations like Europol to compile information, like what is found in SOCTA, to help network security solution developers and IT decision-makers deploy the best malware protection available.

Why Does SOCTA Track Cyber-Crime like Malware? 

The SOCTA 2021 report focuses heavily on cyber-crime, as “the threat from cyber-dependent crime has been increasing over the last years, not only in terms of the number of attacks reported but also in terms of the sophistication of attacks. Cyber-dependent crime is likely significantly underreported.” Businesses have experienced significant financial reputation losses due to cyber-crime in recent years, while the impact of cyber-crime can even lead to loss of life, as with the cyber-attack on a German hospital which resulted in the loss of a female patient. 

If this were not scary enough for Europol and SOCTA to take notice, COVID-19 created a massive swell in the number of cyber-attacks experienced by every enterprise from the largest multi-national, to the smallest branches and independent businesses, and made ransomware-as-a-service and crime-as-a-service as recognizable as any brand name.  And organized cybercriminals do not differentiate between ordinary citizens, global enterprises, or critical infrastructure that daily lives depend on.  SOCTA 2021 gives information on DDoS attacks, online child sexual exploitation, non-cash payment scams like business email compromise (BEC), SIM Swapping, online investment fraud, and of course, malware and ransomware attacks. 

Why is Malware Protection Important? 

Ransomware and malware protection is essential in today’s digital world. Europol studies and statistics say “The use of corruption and the abuse of legal business structures are key features of serious and organized crime in Europe.  Two-thirds of criminals use corruption regularly. More than 80% of the criminal networks use legal business structures.”  In terms of cyber-crime, corruption could mean insider threat, and legal business structures like Bitcoin are used to make anonymous ransomware payments. 

The world was watching as the ill-fated 
Colonial Pipeline oil pipeline fell victim to ransomware, leaving the East Coast of the USA struggling to find gas for their vehicles, the primary mode of transportation in the USA. Gas stations in North Carolina were particularly hard-hit, with gas running out during the first day of the disruption, and many people panic about buying gas in preparation for a long time without fuel. 

The cybercriminals responsible for the attack quickly realized that they were no longer flying under the radar, disrupting travel and daily life for millions of Americans, and causing a national state of emergency. Communication from the attackers made it clear that they were aware that their attack had been ill-advised, as businesses that fail due to ransomware attacks can no longer afford to pay massive ransom payments. Colonial Pipeline paid the hackers USD 4.4 million to recover their files and get back to business and still had to restore backups because the decryption tool the attackers provided was ineffective.

While ransomware and malware have been a constant presence in our lives for years, they are now at the forefront – and average citizens are taking notice. 
Many countries continue to be top targets for ransomware and crypto-mining. Malaysia spent 2020 dealing with similar issues related to the malware and the famous Anonymous Malaysia threat, a threat made in hopes of spurring Malaysian government officials and governing bodies to place more emphasis on the cyber-security solutions necessary to protect Malaysia’s citizens from cyber-theft of their information and money. While the police arrested 11 people thought to be associated with Anonymous Malaysia, the threat is far from over, as Anonymous is widely known to be a multi-headed hydra with far-reaching and borderless capabilities. 

It’s critical to know when you have suffered a malware or ransomware attack, but many businesses are finding it takes hours, days, and sometimes months or years to detect an attack or any malware in the system. ForeNova HCI also provides much-needed 
continuous data protection, automating the mechanics of data, malware, and ransomware protection, making it 24/7, 365. Continuous data protection provides an extra layer of security and stability for those who have experienced hardware failure, data corruption, data breach, malware, and human error. 

ForeNova Technologies is a Europe-based, global leading vendor of IT infrastructure and security solutions specializing in Network Security and Cloud Computing. Visit us at www.ForeNova.com to learn more about ForeNova’s Security solutions and ransomware protection, and let ForeNova make your IT simpler, more secure, and valuable. 

----

Source
Europol (2021), European Union serious and organized crime threat assessment, A corrupting influence: the infiltration and undermining of Europe's economy and society by organized crime, Publications Office of the European Union, Luxembourg.