Report: Publicly Disclosed Data Breaches are Increasing, Dramatically

The 2015 Internet Organized Crime Threat Assessment (IOCTA) has revealed that the number of “publically disclosed” data breaches this year has increased significantly, leading to secondary crimes wherein the breached data is used for extortion, identity theft, fraud and other similar offences.

The 2015 law enforcement-centric IOCTA report, put together from views and experiences of EU law enforcement agencies shows a trend that’s common among cybercrime all over the world.

The annual report is a presentation by Europol’s European Cybercrime Centre (EC3), focusing on the cybercrime threat landscape in EU member states.

The complete IOCTA report is available for download here (.pdf).

Key Findings

cybercrime word cloudThe following notes are a set of key findings from the comprehensive annual report.

Cybercrime Is a Growing Threat

Cybercrime that used to be stealthy and subtle is now turning hostile and aggressive, with a surge of incidents wherein ransomware and DDoS attacks are becoming common. Such a confrontational approach to cybercrime has organized crime written all over it, according to the report.

Notably, cybercrime still is a growth industry that encompasses a diverse range of criminal activity.


‘Pure’ cyber crime such as malware is still a critical threat. A surge in ransomware attacks that focuses on encryption has firmly established itself as a primary threat targeting EU businesses and citizens.

Banking malware such as banking Trojans that steal information and the criminal use of Remote Access Tools (RATS) are a common threat targeting everyday citizens and financial institutions.

There is a decline in ‘old school’ banking Trojans such as Zeus, Citadel or Spyeye with their support withdrawn from malware engineers either voluntarily or due to law enforcement. However, this has only brought forward a new generation of malware such as Dridex or Dyre.

Data Breaches

Highlighting changes in the attitude of industries, the frequency of publically disclosed data breaches are “dramatically increasing”.

The public knowledge of such breaches has also led to secondary crimes such as fraudulent transactions and even extortion. In certain tragic cases, extortion has led to suicides, as evidenced in the Ashley Madison breach.

Payment Fraud

There has been a decrease in card-involved fraud as cybercriminals are veering towards card-not-present fraud. Merchants and retailers are also seen embracing e-commerce further with the implementation of better security measures to combat card-present fraud.

However, malware attacks on ATMs are still evolving in novel ways.

Social Engineering

The best security systems in the industry are still open the single biggest vulnerability there is – the human element. Social engineering attacks have grown in tandem with the Internet penetration in developing countries and remain one of the hardest attack vectors to defend.

Two-thirds of cyber espionage incidents in the past two years involve spear-phishing campaigns.

Altogether, most cybercriminals still rely on tried-and-tested exploits, malware code and methodologies like social engineering to engineer new threats rather than devising new attack methods entirely.

Law Enforcement Operations

The success of Operation Onymous meant the shutdown of Darknet marketplaces and a disruption to such activities. While the underground ecosystem has recovered in patches, confidence is low among the Darknet community after a “number of prominent marketplaces exit scams.”

I2P as a secure platform was touted as a possible destination for the Darknet marketplace, but this hasn’t happened. Instead, the Tor network remains the preferred platform for underground marketplaces.


The cryptocurrency is seen as the single common currency used by cybercriminals within the EU. Bitcoin is no longer in use specifically within Darknet marketplaces and is adopted for other types of cybercrime as well.


The advent of several anonymization technologies is being exploited for criminals to hide their tracks and protect their identities, data and payment methods.

Altogether, the assessment will help with the basis for the EMPACT operational action plan for 2016 that will focus on three areas of cybercrime – cyberattacks, payment fraud and child sexual exploitation online.

Images from Shutterstock.

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.