The most recent cyber threat of 2021 unveiled by Europe IOCTA
Internet Organized Crime Threat Assessment (IOCTA) revealed the annual crime report prioritising ransomware findings and shaping the digital economy. Ransomware pushed a pivotal point where government agencies had no option but to take action in favour of the victims. Being digitally captive has its drawbacks, but being careful is not always an option on the table. Of course, many would differentiate with what we said but let's be honest, how many times a typical person whose business depends on digital communication regularly pushes virus and threat scans before jumping into the work scenario?
Romanian authorities arrested two suspects for being in understanding with REvil/ Sodinokibi ransomware gang. The arrest took place on 4th November as the suspects were allegedly responsible for over 5,000 infections. In Laymen's terms, it's half a million in ransom in the form of cyber threats. Yes, the scene is this dangerous at the moment. We highlighted the US governments publishing report on $590 million grasped within the first half of 2021 due to ransomware attacks. Later bounty has been set for information regarding Colonial Pipeline hackers for $10 million and $5 million, respectively. It easily made it to the top bounty list in terms of cybersecurity. Law enforcement authorities have arrested three others for involvement with GandCrab as part of the GoldDust operation involving 17 countries. REvil/ Sodinokibi is seen as the successor of GandCrab, partaking in wiretapping, infrastructure identification theft.
In May 2021, Bitfinder developed a tool collaborating with law enforcement agencies of different countries for the "No More Ransom website" tackling REvil/ Sodinokibi ransom agents. IOCTA released by the European law enforcement agencies shows the latest trend in ransomware hitting organizations and important assets to cripple them for profit. Since February 2021, a total of seven suspects have been arrested for being affiliated with a large ransomware gang. It included previously mentioned two by Ukrainian law enforcement, one Ukrainian national for affiliation with Kaseya attack costing €70 million as part of the 1500 downstream business target. Three affiliates were involved in the GandCrab and REvil/ Sodinokibi in South Korea and in November in Kuwait. Kuwaiti law enforcement arrested suspect was also in affiliation with GandGrab. They are suspected of making 7000 people victims of cybercrime, which is quite devastating.
Catherine De Bolle, EU's Executive Director, highlighted "worldwide operations, such as the successful takedown of EMOTET botnet, have demonstrated the effectiveness of international cooperation. Ransomware groups have attempted to disrupt critical infrastructures such as service providers and government institutions to increase their profits with no concern of the possible damages such interceptions may cause to public safety and security."
A few key threats have also been marked as affiliate programs with ransomware enables to form larger groups than the one they already built and targeting larger infrastructure than they would. It includes public institutions, multi-layered extortion methods similar to DDoS attacks. DDoS itself is a dangerous form of attack and can result in divesting service downtime. Mobile malware is the key to multi-factor authentication or physical authentication, online shopping where people use personal information and bank information. Also, VPN, encrypted communication services, payments in crypto all combined makes a critical way for attackers to get away easily from the crime they committed with little to no trace.
From recent surveys and findings, it is confirmed that high-value targets are most lucrative for ransomware gangs. It won't make sense to milk out regular people for the risk they take as they will not gain much. High-value targets, on the other hand, can lead to a deeper source of manipulated income.
There is also a rise in child abusers, according to the report. Wheatear's online gaming platform or communication medium, children, are also a threat as the attackers try to manipulate every system possible to use data on the dark web.