Europol’s latest Internet Organised Crime Threat Assessment (IOCTA) for 2024 highlights the increasing use of cryptocurrencies and artificial intelligence in cybercrime within the European Union (EU).
Description
The report warns of a rapidly evolving criminal landscape where cyberattacks are becoming more sophisticated and targeting a wider range of victims [4], including small and medium-sized businesses [3] [4], e-commerce platforms [4], adults [4], and children [3] [4]. Ransomware groups have become more fragmented due to recent law enforcement action [3], leading to the rebranding and dispersing of these groups, resulting in a multiplication of cyber threats [4]. Cybercriminals are now utilizing cryptocurrencies for a broader spectrum of criminal activities [4], with concerns about the abuse of financial products tied to cryptocurrencies like Bitcoin exchange-traded funds (ETFs) [4]. The report also details significant issues such as cyber-attacks [3], online fraud [1] [3], and child exploitation [1] [3], as well as predicting future challenges related to new technologies [3], cryptocurrencies [3] [4], and illicit online content [3]. Law enforcement crackdowns on cybercriminal forums have led to shorter lifecycles for these sites [1], resulting in increased fragmentation of criminal marketplaces and a rise in exit scams [1]. The abuse of legitimate end-to-end encryption messaging applications by cybercriminals has also increased [1]. Multi-layered extortion models are becoming more common [1], and ransomware groups are disbanding and reorganizing in response to law enforcement actions [1], making it challenging to distinguish between different ransomware brands and threat actors [1]. The report also notes a substantial increase in online sexual extortion aimed at vulnerable minors [3], as well as the growing use of multi-layered extortion tactics and AI-assisted criminal activities [3]. Regulatory frameworks aimed at enhancing digital systems and user security have been adapted [1], but the human factor remains the weakest link in cyber defense scenarios [1]. Artificial Intelligence (AI)-based technologies are enhancing social engineering tactics [1], and the criminal market for malware and phishing services mirrors legitimate industries [1]. Malicious large language models (LLMs) are prominent tools in the crime-as-a-service (CaaS) market [1], offering services on the dark web to assist online fraudsters [1]. Deepfakes are also a growing concern in the cybercriminal arsenal [1], used in online fraud and expected to increase in popularity [1]. Law enforcement faces new challenges in identifying victims and perpetrators due to the use of artificial intelligence in criminal activities [3], as well as the complications posed by the growing use of cryptocurrencies and mainstream end-to-end encryption communication platforms [3]. Continuous takedowns of dark web forums and marketplaces have also contributed to the instability in the criminal sites’ lifecycle [2]. Europol is actively pursuing crimes involving cryptocurrencies [4], with recent operations resulting in arrests and the recovery of stolen funds [4].
Conclusion
The report emphasizes the need for international cooperation and collaboration to develop a comprehensive strategy for combating cybercrime in the digital age [4], as well as the impacts, mitigations, and future implications of the growing role of cryptocurrencies and artificial intelligence in cybercrime within the EU.
References
[1] https://www.hstoday.us/subject-matter-areas/cybersecurity/europol-warns-of-fragmentation-and-multiplication-of-cyber-threats-in-latest-assessment/
[2] https://www.association-secure-transactions.eu/europol-publishes-iocta-2024/
[3] https://www.infosecurity-magazine.com/news/ransomware-groups-fragment-rising/
[4] https://iclg.com/news/21099-cryptocurrencies-fuel-cybercrime-surge-spurred-by-ai