Declassified information about cybercrime in open threat reports from leading authorities, as Europol’s IOCTA report, will have a positive effect on businesses and their ability to secure themselves better, which also will benefit our digital society.
As society has become more digitized, it has also become more complexed. So has the threat picture in terms of cybercrime that has no boundaries.
Over the past five years, this has resulted in more openness from intelligence services in Europe, who has begun to share more declassified information about the threat situation relevant for businesses. For the fifth year in a row, Europol has produced the Internet Organized Crime Threat Assessment (IOCTA). The aim of this Assessment is to provide a comprehensive overview of the current, as well as anticipated future threats and trends of crimes conducted and/or facilitated online.
Highlights from IOCTA
For instance, is social engineering still the engine of many cybercrimes. The significance of social engineering for cyber-dependent and cyber-enabled crime continues to grow. Phishing remains the most frequent form of social engineering. Criminals use social engineering to achieve a range of goals: to obtain personal data, hijack accounts, steal identities, initiate illegitimate payments, or convince the victim to proceed with any other activity against their self-interest, such as transferring money or sharing personal data.
This year’s report also describes a number of key legislative and technological developments, such as the introduction of the General Data Protection Regulation (GDPR), the Network and Information Security (NIS) directive and 5G technology.
Why do we need reports like IOCTA?
The value of a threat report, such as IOCTA, is that it gives businesses the opportunity to establish a common digital security understanding within their organization and update their actions against cybercrime. Especially since many businesses are not capable of conducting their own intelligence to prevent cybercrime. The use of treat reports from authorities will also provide the basis for proper preventive security measures and strengthen the dialog between businesses and authorities. It will also contribute to more reports from businesses to authorities about cybercrime incidents, which can be of importance to see the early stages of new trends from cybercriminals. And, threat reports are for free!
Trust, threats, and temptations are what often make us click on links we shouldn’t have clicked on. We all need reminders about how to secure our own and others’ safety online.
More cooperation and sharing of updated information between authorities and businesses, are what we need to fight the complex threat situation we are facing. Cooperation as described, would be an important contribution to a slightly more robust digital society.
Birgitte Førsund
Birgitte Førsund har en bakgrund från Telenor, Symantec, Norsk Senter for Informasjonssikring (NorSIS) och KPMG Cyber. Idag jobbar hon som director med ansvar för kommunikation och allianser inom förebyggande digital säkerhet på Junglemap. Hon har varit en bidragande faktor i den nationella undersökningen i regi av Næringslivets sikkerhetsråd (NSR), Mørketallsundersøkelsen – 2018 och Hybridundersøkelsen – 2019.