UK cybercrime activity rose again in “scale and complexity” last year, with the lines between nation state and criminal groups increasingly blurred, according to the National Crime Agency (NCA).
The NCA claimed in its annual National Strategic Assessment report out today that serious and organized crime (SOC) “affects more UK citizens, more often, than any other national security threat,” with a daily impact on UK public services and infrastructure.
Technology is a key driver and enabler of SOC, offering new opportunities for cyber-criminals, with encryption and dark web highlighted by the NCA as offering significant law enforcement challenges.
“The use of technologies such as the dark web, encryption, virtual private networks (VPN) and virtual currencies will support fast, ‘secure’ and anonymous operating environments, facilitating all levels of criminality,” it claimed. “The increasingly ubiquitous ‘by default’ nature of these enabling technologies will continue to lower the barriers to entry for some types of cyber-enabled crime.”
Bromium CEO, Gregory Webb, agreed, claiming it would result in “more sophisticated, costly and disruptive attacks” on enterprises and governments.
“It is equally easy for them to wash that money and convert it into cash, and the rise in use of unregulated, virtual currencies is making this even easier,” he added.
“We can’t solve this problem using old thinking or outdated technology. By focusing on new methods of cybersecurity that protect rather than detect, we believe we can make cybercrime a lot harder, allowing organizations and the security industry to disrupt this web of profit.”
The report also highlighted the growing threat facing firms from their supply chains, just as a joint NCA-NCSC paper did last month.
Network intrusions remained the number one category of reported crime incident, although IoT-fueled DDoS, botnets, spamming and phishing emails, ransomware, social engineering, cryptojacking and exploitation of known vulnerabilities were all cited as major threats and challenges facing UK firms.
Malware-as-a-service and online forums appear as key facilitators not only of organized crime but also teen hackers.
Many cybercrime groups are Russian speaking. However, “the distinction between nation states and criminal groups in terms of cybercrime is becoming frequently more blurred, making attribution of cyber-attacks increasingly difficult,” the NCA claimed.
“Our understanding of UK-based criminals has developed and intelligence now points to organized cybercrime groups operating in the UK that communicate directly with international criminal groups behind the most impactful malware strains," it added. “These UK groups are themselves capable of significant international disruption, and appear to be motivated by profit.”
Under-reporting of incidents is actively “putting victims at risk” by eroding the ability of the NCA to assess the scale and cost of network intrusions, although the GDPR should improve things in this regard, the NCA claimed.