LISBON (Reuters) - The “remorseless” growth of cyber crime is leading to 4,000 ransom attacks a day and gangs’ technological capability now threatens critical parts of the financial sector, the head of Europol said on Wednesday.
Online criminals have become so sophisticated that gangs have created “conglomerations” with company structures that specialize in different criminal activities to carry out the attacks, Rob Wainwright, who leads the EU law enforcement agency, said.
“What really concerns me is the sophistication of the capability, which is becoming good enough to really threaten parts of our critical infrastructure, certainly in the financial, banking sector,” he told Reuters.
And while not all those 4,000 ransom attacks - which demand money to restore access to files that have been frozen or encrypted - are on banks, the financial services sector is seen as a key target because of the potential profits for the criminals.
Even bank payment systems and ATM cash machines fall prey, Wainwright said.
The launch of ransomware attacks such as Wannacry, which struck firms around the world in May and June, has changed the dynamic of such attacks, by propagating them more widely through companies’ computer systems, Wainwright said.
The rapidly spreading extortion campaigns underscored concerns that businesses have failed to secure their networks from increasingly aggressive hackers, who have shown they are capable of shutting down critical infrastructure and crippling corporate and government networks.
“The real threat comes from a sort of exponential, remorseless increase in the scale and significance of cyber criminal capability,” Wainwright said on the sidelines of the Web Summit technology conference in Lisbon.
He said every year there now “seems to be a doubling, or tripling, of one kind of threat or another, in terms of scale”.
He said the challenge of fighting cyber criminals is that they can be based “in their bedrooms”, making it difficult to find them. A majority of cyber criminals “we are working against are Russian speaking, not just Russian”, he said. Russia denies it is involved in hacking.
Last year, police authorities in several countries smashed 20 criminal groups that had created a “service-based economy” for the rest of the criminal market, such as providing ways to launder money or sell drugs online.
Such criminals gangs operate on the so-called dark web, which can only be accessed with special software.
It is used by criminals doing everything from selling drugs to guns, but also attacking payments systems and other parts of the financial system.
“There is this sort of cyber criminal underworld that’s a lot bigger and smarter and adept than most people think,” Wainwright said. “And, against it, we still have generally low cyber security standards.”
Reporting by Axel Bugge; Editing by Alison Williams
Our Standards: The Thomson Reuters Trust Principles.