Key Findings
Global Trends
- Globally an estimated 2.8 billion people and over 10 billion Internet-enabled devices access the Internet. The growing adoption of the Internet provides increasing opportunities to commit crime facilitated, enabled or amplified by the Internet.
- The advent of the Internet of Everything (IoE) combined with the ever increasing number of Internet users globally creates a broader attack surface, new attack vectors and more points of entry, including social engineering methods, for criminals to exploit, making endpoint security even more important.
- As the scale of Internet connectivity, including mobile access, continues to spread, EU citizens and organisations will be subjected to a larger volume of attacks from previously under-connected areas of the world.
- The EU will remain a key target for cybercrime activities because of its relative wealth, high degree of Internet penetration, its advanced Internet infrastructure and increasingly Internet-dependent economies and payment systems.
- Attacks predominantly originate from jurisdictions outside of the EU, particularly from countries where the proceeds of online crime notably outweigh income from legitimate activities.
- In general cybercrime is increasing in scale and impact; while there is a lack of reliable figures, trends suggest considerable increases in scope, sophistication, number and types of attacks, number of victims and economic damage.
- Cybercriminals need not be present in target countries and are able to conduct crime against large numbers of victims across different countries simultaneously with minimum effort and risk.
- The trans-national nature of cybercrime creates challenges for law enforcement to secure and analyse electronic evidence in countries from where the attacks originate, where there may be no or ineffective legal tools in place or insufficient capacity.
A Service-Based Criminal Industry
- A professional, continuously evolving, service-based criminal industry drives the innovation of tools and methods used by criminals and facilitates the digital underground through a multitude of complementary services, extending attack capacity to those otherwise lacking the skills or capabilities.
- Traditional organised crime groups (OCGs), including those with a mafia-style structure are beginning to use the service-based nature of the cybercrime market to carry out more sophisticated crimes, buying access to the technical skills they require. This trend towards adopting the cybercrime features of a more transient, transactional and less structured organisational model may reflect how all serious crime will be organised in the future.
- Underground forums provide cybercriminals with a nexus for the trade of goods and services and a hub for networking, creating an organised set of criminal relationships from an otherwise disparate population.
- A number of legitimate features of the Internet are being exploited by cybercriminals such as anonymisation, encryption and virtual currencies, creating challenges for law enforcement especially in regards to tracing the sources of criminal activity.
- Malware is becoming increasingly sophisticated, intelligent, versatile, available, and is affecting a broader range of targets and devices.
- E-commerce related fraud has increased in line with the growing number of online payments, affecting major industries such as airlines and hotels. Key factors fuelling the increase are large-scale data breaches supplying compromised card data to underground forums and a low prevalence of preventive measures implemented by merchants and the financial industry, such as 3D Secure.
- There is a value chain of e-commerce fraud which includes trading compromised credit card details on underground forums, using these to make online purchases and monetising the goods via money mules.
The Abuse of Anonymisation
- Darknets and other environments offering a high degree of anonymity are increasingly hosting hidden services and marketplaces devoted to traditional types of crime, such as the drug trade, selling stolen goods, weapons, compromised credit card details, forged documents, fake IDs, and the trafficking of human beings.
- Child sex offenders and producers make increasing use of the Darknet and other similar areas. The nature of child sexual exploitation forums on the Darknet promotes the abuse of new victims as the provision of new child abuse material is typically used as an entry token.
- New forms of child sexual exploitation online such as the live streaming of on-demand abuse of children present new challenges for law enforcement.
- Through the mainstream use of social media and availability of Internet-connected devices, the creation and online dissemination of sexually explicit images, sometimes self-generated, and the use of such images for sexual extortion is becoming increasingly common.