Ransomware remains the dominant threat for business now, and will continue to be in the future.
Speaking at the NTT Security Information Security World 2019 conference in London, Nicole van der Meulen, head of strategy and development at Europol’s European Cybercrime Centre (EC3) reflected upon the top cyber-threats impacting the security of data today.
van der Meulen Highlighted the five top current threats as:
- Ransomware
- Compromised data
- DDoS attacks
- Card not present fraud
- The Dark Web
Van der Meulen said that whilst ransomware was not new and efforts are often determined to be “amateur,” there is a move to more sophisticated attacks “and it is the most dominant threat when it comes to what is reported.”
She added that ransomware reports from law enforcement and the private sector are not different from last year, there has been a “decline in volume” of attacks. However, the next step is to target more profitable targets who are willing to pay, and this is a more efficient approach.
She also said that DDoS attacks are becoming more professional with a financial focus. Meanwhile, card not present fraud continues to rise “and is the most stable” as compromised data is readily available. “The cost of doing business has been accepted, and it is a facilitator for other crimes.”
While there are changes in terms of threats and threat actors, Van der Meulen pointed out that there is a terminology problem, as “we call it cybersecurity, but talk about information security, and confidentiality, integrity and availability” and everything still begins with unauthorized access and the next stage is down to the motive of the attacker.
She also said that there is a lot of focus on the future threats and technology, and while there is a need to predict the emphasis on attackers using AI, it is still cheap to get and use ransomware: “We haven’t solved today’s problems, so why focus on tomorrow? Don’t get too far ahead when threats are the same, but just wearing new clothes.”