2023 Europol Spotlight Report: The Apex of Crime-as-a-Service Highlights Ransomware as the Most Prominent Threat of This Category
The Internet Organized Crime Assessment (IOCTA) 2023 Europol Spotlight Report on Cyber Threats calls out the ransomware ecosystem; highlighting ransomware as the most “prominent” cyberthreat across industries. [1]
Phishing emails, Remote Desktop Protocol brute forcing, and Virtual Private Network (VPN) vulnerability exploitation are listed as the most common vectors for initial access for later ransomware. The ransomware ecosystem is fueled in large part by a further network of cybercriminals categorized as initial access brokers (IAB). They are important to ransomware syndicates because IABs provide access to victims already exploited in a cache curated by IAB individuals and groups. This reduces the resource load on ransomware operators, providing a shortcut. IABs acquire persistent access that is usually opportunistic -exploiting certain infrastructure in a pattern that is based on a particular vulnerability or system weakness.
Article Link: Ransomware and DDoS Feature in The Apex of Crime-as-a-Service Report