Report reveals that the threat from cyber crime is increasing significantly and additional funding is needed.
It was revealed in the National Crime Agency’s (NCA) National strategic assessment of serious organised crime 2019 report, that an extra £2.7bn investment is needed to tackle serious organised crime over the next three years.
The report warned that “the threat from cyber crime to the UK is continuing to evolve” in complexity, with the biggest cyber crime threat to the UK coming from financial trojans created by Russian language organised criminal gangs (OCGs).
The report announced that ransomware remains a highly visible part of the threat landscape, whilst spam and phishing emails remain the primary malware infection methods.
The report emphasised that UK-based virtual infrastructure has increasingly been identified in law enforcement investigations, however it remains unclear whether this is due to growing criminal use of UK hosting services or due to the improved law enforcement ability to detect criminal assets.
Law enforcement has grown more aware of the crossovers between prominent cyber OCGs with malware that is associated to different OCGs – which are appearing more regularly together in the same campaign.
“These malware crossovers are likely to indicate that cyber criminals from different groups are working more closely together than previously assessed,” the report said.
The NCA identified that financial data is the most coveted by cyber criminals. The report said:
“Improved global credit card security is highly likely to have encouraged criminals to target CVV data of the type ‘scraped’ from payment pages during high-profile breaches in 2018.”
Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/