Updates

Cybercrime

2018

The UK’s Information Commissioner’s Office fined Facebook with its maximum sanction (€565,000) for its part in the Cambridge Analytica scandal. Euractiv reports that this decision was publicly welcomed by EU officials, such as Justice Commissioner Vĕra Jourová. The UK watchdog indicated that Facebook processed users’ data unfairly by allowing applications to access them without clear consent between 2007 and 2014. Though the GDPR provides for greater sanctions, this regulation only entered in to force in 2018, and was thus not applicable.

Paysafe launched a report entitled Lost in Transaction: The Future of Payments for small and medium-sized businesses (SMBs), an international research investigating the attitudes of businesses in the UK, US, Canada, Germany and Austria to the evolution of payment types. According to the report, more than 52% of online SMBs worry that the move to frictionless payments, such as transactions that take place in apps, is leaving them more exposed to fraud and will negatively impact revenues. These businesses evaluate that security is the most important factor when considering their e-commerce plans. Abandoned transactions are also a source of concern. Around 9% of purchases is not completed. While 28% believe this reflects successful fraud checks, 33% say abandoned transactions have a major impact on business performance, and 15% believe purchases are abandoned purely because of a lack of payment options at the checkout phase.

Facebook revealed it had discovered a security issue affecting millions of accounts on 25 September 2018. The attackers exploited a vulnerability in Facebook’s code that impacted 'View As', a feature that lets users see what their own profile looks like to someone else. When composing a birthday wish message with video, as of July 2017, the attacker could exploit the 'View as' option of the video uploader to get access to the profile of the user being looked up, including their login details. The access token was then available in the HTML of the page and extracted by the attackers who exploited it to login as another user. Facebook reset the access tokens of almost 50 million accounts thought to be affected, and temporarily disabled the 'View As' feature. On 12 October, Facebook announced hackers actually stole access tokens of about 30 million users, 20 million less than previously thought. For 15 million users, attackers accessed name and contact details (phone number, email, or both). For 14 million users, the attackers accessed name and contact details, as well as other details people had on their profiles, including username, gender, religion, birth date, etc. For 1 million users, the attackers did not access any information.

 

The National Cyber Security Centre (NCSC) of the United Kingdom has attributed a “campaign of indiscriminate and reckless cyber attacks” to the GRU, the Russian military intelligence service. UK Foreign Secretary Jeremy Hunt stated that the GRU’s actions demonstrate “their desire to operate without regard to international law or established norms and to do so with a feeling of impunity and without consequences”. The NCSC associated 12 threat groups with the GRU, among them APT 28, Fancy Bear, Sofacy, Voodoo Bear and CyberCaliphate (previously thought to be affiliated with ISIS). NCSC assessed with “high confidence” that the GRU was “almost certainly responsible” also for the BadRabbit ransomware of 2017, the release of confidential files of international athletes stolen from the World Anti-Doping Agency (WADA) in 2016, and attacks on the servers of the US Democratic National Committee in 2016. The NSCS also claimed the GRU attempted to compromise the UK Foreign and Commonwealth Office (FCO) computer systems via a spearphishing attack and gain access to the UK Defence and Science Technology Laboratory (DSTL) computer systems. At the same time, the UK Prime Minister May and the Netherlands Prime Minister Rutte issued a joint statement attributing the cyber attacks on the Organisation on the Prevention of Chemical Weapons (OPCW) to the GRU. Australia and New Zealand supported NCSC’s findings. Russia's ambassador in London has denied the claims since. As some specialists point out, the attributions come at a time of heated debates at the UN General Assembly around Russian proposals for the future of the UN Group of Governmental Experts and possible international treaties on cybersecurity and cybercrime.

EUROPOL published its Internet Organised Crime Threat Assessment (IOCTA) 2018, which provides an overview of past and future trends of cybercrime in Europe. According to the report, ransomware is the key malware threat in 2018. Distributed-Denial-of-Service (DDoS) attacks are still one of the most frequent types of cyber-attacks. An emerging cybercrime trend is cryptojacking and as criminal abuse of cryptocurrencies grows, currency users and exchangers become targets of cyber criminals. Payment fraud is dominated by card-not-present fraud and online criminal markets are unstable but will continue to exist. The significance of social engineering for cybercrime continues to grow.  The amount of online Child Sexual Exploitation Material continues to increase. Islamic State (IS) continues to use the internet to spread propaganda and to inspire acts of terrorism, but its sympathisers are not skilled enough to create cyber-attack tools.

According to a new FireEye report, 1 in 101 e-mails is sent with malicious intent. FireEye examined over half-a-billion e-mails between January and June 2018, and concluded that the majority of emails organizations receive daily are considered spam or malicious, with only 32% of traffic considered clean and sent to an inbox. 90% of the attacks blocked were malware-less while 10% of attacks blocked contained malware, FireEye found, showing that cybercriminals are adapting their attacks. The report also named impersonation e-mails as the go-to method of cybercriminals and included information on a new type of attack: impersonation e-mails containing links leading to phishing sites.

Pages

 

The GIP Digital Watch observatory is provided by

 

 

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top