Skip to content ↓ | Skip to navigation ↓

Europol, the European Union’s police agency, has warned of the significantly rising threat posed by ransomware.

As Associated Press reports, delegates at an international conference were told by Europol Executive Director Rob Wainwright that ransomware had taken the cybercrime threat to “another level.”

An 80-page report published by the agency highlighted the growing threat posed by ransomware attacks:

“Ransomware attacks have eclipsed most other global cybercrime threats, with the first half of 2017 witnessing ransomware attacks on a scale previously unseen following the emergence of self-propagating ‘ransomworms’, as observed in the WannaCry and Petya/NotPetya cases. Moreover, while information-stealing malware such as banking Trojans remain a key threat, they often have a limited target profile.”

“Ransomware has widened the range of potential malware victims, impacting victims indiscriminately across multiple industries in both the private and public sectors, and highlighting how connectivity and poor digital hygiene and security practices can allow such a threat to quickly spread and expand the attack vector.”

Europol is right to highlight the significant impact that ransomware is having on business and home computers alike.

As we have previously discussed, multinationals like household goods manufacturer Reckitt Benckiser, and the Maersk shipping conglomerate have reported that the attacks have caused $100 million and $300 million in lost revenue respectively.

Meanwhile the impact felt by the WannaCry ransomware earlier in the year on the UK’s National Health Service and other large organisations is well-documented.

It’s no wonder that Europol is calling for more resources to be put in place around the world to target cybercrime gangs, and for greater co-ordination between law enforcement agencies.

As The Register reports, a similar message of the rise of ransomware has come from the UK’s Metropolitan Police’s cybercrime-fighting division speaking at the Cyber Security in Healthcare event in London:

“Three years ago [the main threat] was the inception of DDoS attacks or the criminal damage of computers; two years ago it was data breaches like TalkTalk, this year its been the use of ransomware attacks on individuals and corporate systems. Next year it will be more of the same.”

We can talk long and hard about the need for companies and home computer users to have better protection in place, to keep a strict regime of patching against vulnerabilities, and to make sure that a secure backup regime is in place.

But Europol argues that we also need to tackle the rampant rise of ransomware from the other end of the problem. That means giving law enforcement agencies more resources to investigate organised multinational cybercrime gangs in order to bring the perpetrators to justice.

 

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

SANS White Paper: Security Basics
  • disqus_Tgv8PPb9Oy

    It’s good that various LE organizations are gearing up to go after ransomware distributors and gangs, since they are obviously committing crimes using this malware. However, that said, my feeling is that companies and individuals who are victimized by this software are exactly like someone who insists on leaving his house unlocked when he goes out, no matter how many times he’s been told by the police that this is a bad idea, and is then surprised to find that when he comes home, the family jewels are gone. If people and organizations insist on continuing to act in brain-dead ways when it comes to protecting their systems, then why are we surprised to find them infected with ransomware? I hate to sound judgemental, but in light of the amount of good information available on what to do and what not to do when setting up computer systems, my attitude is simply that if someone or some organization is victimized by this stuff, then maybe they will finally stop being lazy, negligent and stupid about securing their systems. It’s a hard lesson, but an awful lot of people don’t seem to learn anything until their actions cost them big bucks.

  • Bob King

    Stop using Windows. Problem solved.

<!-- -->