New Australian legislation will require tech companies to open back doors to their encryption technologies. Photo: iStock
André Kudelski says state cyberwarfare has greatly undermined the security and integrity of critical infrastructure of global banks, insurance companies and energy companies. Photo: iStock

Global ransomware attacks are increasingly linked to nation states, with the lines between politics and crime often becoming blurred, Europol told AFP on Tuesday.

Key ransomware attacks include the so-called WannaCry and NotPetya malwares, both of which hijacked hundreds of thousands of computers around the world in 2017, demanding that users pay ransoms to regain access.

The European police agency, in its fifth annual Internet Organised Crime Threat Assessment report, writes that “ransomware retains its dominance.”

“In addition to attacks by financially motivated criminals, a significant volume of public reporting increasingly attributes global cyber-attacks to the actions of nation states,” said the agency, adding that it was “increasingly difficult” to determine whether it was a “sophisticated” cyber crime organised crime group, a state sponsored attacker, or a cyber crime amateur.

In September, Donald Trump’s administration directly blamed Pyongyang for the 2017 worldwide WannaCry cyber ransom attack that was said to have affected 300,000 computers in 150 nations and caused billions of dollars of damage.

Washington has also said North Korean hackers were behind the 2014 Sony Pictures attack and, perhaps most audaciously, the 2016 Bangladesh bank heist, that attempted to illicitly remove $1 billion from a Bangladesh Central Bank account held at the Federal Reserve Bank of New York. The heist worked, but because of a typo on the withdrawal chit, “only” $81 million was lost to the cyber hackers.

In February the United States, along with Britain, also blamed the Russian military for the “NotPetya” ransomware, calling it a Kremlin effort to destabilize Ukraine which spun out of control.

This year’s Europol report says cyber attackers are also abandoning mass-target “random attacks” in favor of the bespoke targeting of high net worth people and businesses “where greater potential benefits lie.”

Europol say that while cyber attackers are now increasingly using crypto-currencies such as Bitcoin, they also still make use of classic internet phishing scams – emails that offer technical support, money-making scams or romance – and these “still result in considerable numbers of victims.”

Europol also raised the alarm over the live streaming of child sex abuse, which it called the “most disturbing aspect of cyber-crime.”

“Live streaming of child sexual abuse remains a particularly complex crime to investigate and is likely to further increase in the future,” it said.

Europol meanwhile warned that the European Union’s new flagship GDPR data protection laws introduced in May were “significantly hampering the ability of investigators across the world to identify and investigate online crime”. They claim that it has resulted in personal data being removed from global domain-name databases, which were formerly a key resource for police.

Europol chief Catherine De Bolle, speaking to AFP about GDPR, said law enforcement agencies need “to engage with policy makers, legislators and industry, in order to have a voice in how our society develops.”