Forget the hacker in a hoodie, cybercrime is big business

Hidden Hacker In Sweatshirt And Hoodie Hacking Security Systems. Concept Of Cyber Attack And Malware — Image by CarlosBarquero | Bigstockphoto

Forget the cliché of a solitary hacker in a hoodie hunched over a keyboard in a dark room crunching lines of codes. It is an image that no longer accurately reflects today’s cybercrime landscape, where criminals operate as business-like syndicates across borders.

Europol’s ninth Internet Organised Crime Threat Assessment (IOCTA), whose first module has just been published, takes an in-depth look into the online criminal ecosystem, examining notable actors, their attack vectors and victims.

Forget the hacker in a hoodie, cybercrime has become a big business

Cybercrime has become a big business, with an entire illicit economy set up to support it with service providers, recruiters and financial services. This makes investigating cyber-attacks ever more challenging for law enforcement, with multiple specialised actors working on parts of the criminal process from every corner of the globe.

Cybercrime services are widely available and have a well-established online presence, with a high
level of specialisation inside criminal networks and collaboration between illicit providers. The services offered to perpetrate cybercrime are often intertwined, and their efficacy is, to a degree, co-dependent. The illicit service providers cater to a large number of criminal actors by offering monitoring, delivery and obfuscation services. Such services are often offered for sale or advertised on dark web forums and marketplaces.

Defence against cybercrime as strong as the weakest link

The defence against different forms of cybercrime is as strong as the weakest link, which continues
to be human oversight. Phishing emails, malicious document files, social engineering techniques and unpatched soft- and hardware are the most common ways criminals introduce themselves into their victims’ systems.

Europol’s IOCTA aims to provide and understand modern cybercrime to equip law enforcement with the knowledge to fight back. This report and accompanying modules are based on operational information contributed to Europol’s European Cybercrime Centre, combined with expert insights and open-source intelligence.

The full report is available here.