The cliché of a lonely hacker in a hoodie, hunched over a keyboard in a dark room, hacking away at lines of code, is no longer true in the cybercrime realm. This emerges from the current assessment of the threat situation in the area of organized crime on the Internet, which Europol published on Monday.
For the ninth time, Europol takes a detailed look at the criminal online ecosystem and highlights well-known actors, their attack vectors and victims. According to the report, cybercrime has “become big business, with an entire illicit economy of service providers, recruiters and financial services being built to support it.”
This makes investigating relevant cyber-attacks increasingly difficult for law enforcement agencies, as organized online crime involves multiple specialized actors from every corner of the globe dividing the work and taking individual steps. The Federal Criminal Police Office (BKA) has already described this development as “Cybercrime-as-a-Service”.
The services offered to commit cybercrime are often intertwined and their effectiveness is to some extent interdependent. The providers of such illegal monitoring, provisioning and obfuscation services feed a large number of criminal actors. Such services can often be rented and advertised on dark web forums and underground marketplaces.
The core asset of this illicit economy is stolen personal data that is bought and produced for various cyber attacks.
“All of these providers need infrastructure that gives them resilience to disruptions and hides their tracks from law enforcement,” the authors write.
Many Internet service providers, which are often used by criminals, do not operate comprehensive data storage for the purpose of customer identification and the provision of user and metadata such as IP addresses. This facilitates criminal activities. Some providers would not pass on any customer information to investigators’ requests, except for an automatic confirmation of an e-mail address. As a result, the options for identifying suspects are limited.
In addition, hosting is a complex international business where servers are often resold to other data centers in other regions. It does not stop with the indirect call for data retention.
With the paper, Europol is once again mobilizing towards end-to-end encryption. Among other things, this allows providers of virtual private networks (VPN) to guarantee criminals “complete anonymity”. In addition, especially with such service providers, there is a “lack of cooperation when the law enforcement authorities request information”.
The Hague authority also points to the successes of European investigators, such as the beatings against VPNLab, RaidForums and iSpoof. (ds)
