The 2018 Internet Organised Crime Threat Assessment (IOCTA) was presented at the joint Interpol-Europol Cybercrime Conference in Singapore.
5 Types of Threat
Many of the report's key topic areas are relevant for cryptocurrencies, namely, ransomware, distributed denial of service (DDoS) attacks, criminal use of cryptocurrency, cryptojacking, and social engineering. The report explicitly calls out some areas of cybercrime, but most of the of the attacks listed in the IOCTA report sometimes involve cryptocurrencies, even if not explicitly stated.
- Ransomware attacks, though slowing in frequency, remain Europol's dominant cybercrime concern. These attacks often involve ransom requests for payment in cryptocurrency.
- DDoS attacks involve intentionally overloading a network or online service with traffic to render it inaccessible. The IOCTA report doesn't explicitly mention cryptocurrency or blockchain, but these types of attacks are possible on blockchain networks.
- The report points to the broad category of "criminal abuse of cryptocurrencies." This includes criminals using crypto to fund illegal activities, through money laundering or other means. The report also cites the growing frequency of "currency users" and exchanges becoming primary targets for hacking and extortion in a manner "mirroring attacks on banks and their customers."
- Another frequent cybercrime involving cryptocurrency falls under the category of social engineering, which includes the phishing schemes – "Giving Away Free ETH!" – common in the cryptoverse.
- A cryptojacking or cryptomining attack describes a scheme in which a hacker takes control of a device that does not belong to them to mine cryptocurrency. Instances of cryptojacking are often unreported because victims often fail to notice the attack, and even when they do, they are rarely sufficiently harmed to pursue charges.
Though ransomware was the key malware threat reported by both law enforcement and industry, the authors of the report expect cryptomining malware to "become a regular, low-risk revenue stream for cybercriminals."
Europol specifically warns that the rise of cryptomining malware "may overtake ransomware as a future threat." The activity of running mining scripts by owners of websites, says Europol, is not explicitly illegal. However, the activity has been exploited by cybercriminals and the "phenomenon" of cryptojacking has grown to a stage where 2.2 percent of the top 100,000 sites listed by Alexa in the last quarter of 2017 were running cryptomining scripts.
"True cryptomining malware can cause significant disruption," says the report, citing an attack in February 2018 that halted healthcare systems in Finland. In the latter part of 2017, cryptomining malware overshadowed almost all other forms of malware.
Though comprehensive of the threats posed by and related to cryptocurrencies, the report also recognizes that blockchain technology has benefits – including to public-private partnerships. Quoting Edgar Weippl of SBA Research, it states that smart contract technology and transactions are "certainly useful for every economy."
Moreover, cryptocurrency exchanges, says Europol, are starting to operate like the "regulated financial sector," which is becoming more open to cryptocurrencies.
Europol suggests that prevention and awareness campaigns include information for cryptocurrency owners about how to protect their data and their wallets. But it places much of the emphasis on investigators: "Investigating cryptocurrencies must become a core skill for cybercrime investigators."
It states that EU member states should invest or participate in specialist training to address issues surrounding cryptocurrencies during investigations, and that:
"Investigators should identify and build trust relationships with any cryptocurrency related businesses operating in their jurisdiction, such as exchangers, mining pools or wallet operators."
Europol has been quite focused on cryptocurrency as of late. In June, it held its Virtual Currencies Conference 2018, which brought together law enforcers and cryptocurrency exchanges to discuss how to combat cryptocurrency use in cybercrime and address money laundering.