Fragmented and multiplied cybercriminal landscape, warns new Europol report

The report highlights relevant trends in crime areas such cyber-attacks, child sexual exploitation and online and payment fraud schemes. It also provides an outlook of what can be expected in the near future, especially regarding new technologies, payment systems, AI, cryptocurrencies and illicit content online. 

Millions of victims exploited across the EU on a daily basis

Recent law enforcement operations have prompted ransomware groups to splinter and rebrand under different disguises. Furthermore, continuous takedowns of forums and marketplaces on the dark web have shortened the lifecycle of criminal sites. This instability, combined with the surge of exist scams, has contributed to the fragmentation and multiplication of cyber threats. 

In 2023, millions of victims across the EU were attacked and exploited online on a daily basis:

• Ransomware groups increasingly target small and medium-sized businesses because they have lower cyber defences;
• E-merchants and banking institutions are the preferred targets of digital skimming attacks; 
• Users continue to fall victim to phishing campaigns, business email compromise (BEC), investment and romance fraud; 
• The number of cases of online sexual extortion targeting vulnerable minors is increasing.

Multi-layered extortion tactics are increasingly common throughout the entire spectrum of cybercrime threats, as stolen data are at risk of being published and auctioned, making re-victimisation a threat. Offenders appear to be underage in many cases, and some have started leveraging AI, which is already becoming a component in their toolbox. The use of cryptocurrencies in a wider variety of crime areas has also become more noticeable. 

Cybercrime assisted by AI: what to expect in the near future?

AI-assisted cybercrime has only begun: AI-assisted child sexual abuse material (CSAM) is a worrisome threat that will need close monitoring. Instances of AI-altered and completely artificial CSAM will pose growing challenges to law enforcement investigations, not only in terms of the volume of CSAM in circulation, but also to the ability of investigators to identify the true identity of victims and offenders.

Abusing technologies: Mainstream end-to-end encryption (E2EE) communication platforms are increasingly used by offenders. The current regulatory framework for the protection of personal communications via E2EE creates digital challenges for law enforcement authorities’ lawful access to criminal communications. 

The future of crypto threats: The use of cryptocurrencies in a number of areas of crime has become more evident. Several developments in the cryptocurrency market are set to have a significant impact on criminals’ abuse of cryptocurrencies in the near future. Scammers could abuse the rise of exchange traded funds (ETFs) related to cryptocurrencies. 

Digital challenges: law enforcement need to stay ahead

To tackle the main threats highlighted in the IOCTA 2024 quickly effectively, law enforcement needs the right knowledge, tools and legislation in place. As criminals adapt, law enforcement and legislators must also innovate to stay ahead, and seek to capitalise on new and developing technologies. This in turn requires training to produce the specialised capabilities required to investigate technically challenging or complex cybercrimes, such as those involving the abuse of cryptocurrencies or the dark web.

Europol is addressing these digital challenges with its Strategy Delivering Security in Partnership. The agency is at the forefront of law enforcement innovation and acts as a knowledge platform for the provision of EU policing solutions in relation to encryption, cryptocurrencies and other issues. In doing so, Europol expands the toolbox available to law enforcement officers across Europe and beyond, increasing their technical and forensic capabilities. The European Cybercrime Centre (EC3) at Europol is the first port of call for cybercrime investigators.