The State of Financial Crime in 2023
The scale and number of ransomware attacks are increasing. Uncover how firms can protect themselves from mounting cyber threats and other key financial crime trends.
Download nowOn March 6, 2023, Europol announced that a ransomware group behind 37 cyberattacks since 2019 has been dismantled by the German and Ukrainian Police. The gang perpetrated their attacks using DoppelPaymer ransomware, which has the ability to compromise defense mechanisms by terminating security-related processes. The investigation began on February 28, with support from Europol, the Dutch Police, and the US Federal Bureau of Investigations (FBI).
One of the most notorious cyberattacks the group orchestrated was against the University Hospital in Düsseldorf in September 2020, resulting in the death of a patient as the hospital was unable to operate as normal.
According to German authorities, all of the 37 cyberattacks were against organizations and critical infrastructure and industries. Believed to be based on the BitPaymer ransomware, DoppelPaymer ransom demands for file decryption are sizeable, historically ranging anywhere from €23,000 to €1.1 million. According to Europol, victims paid at least €40 million between May 2019 and March 2021.
During the various action days, authorities raided the homes of two individuals alleged to play major roles in the criminal group — one based in Germany and the other in Ukraine. Investigations are ongoing as officials forensically examine the seized equipment to determine exactly how the suspects were involved.
Throughout the investigation, Europol coordinated the sharing of real-time information among multiple jurisdictions and provided support through its Joint Cybercrime Action Taskforce (J-CAT).
To reduce the risk and impact of a successful ransomware attack, the UK National Cyber Security Centre (NCSC) suggests implementing the following resilience measures:
For further information on cyber resilience measures from NCSC, watch the video below aimed at medium to large organizations that have dedicated personnel in charge of managing the firm’s cyber security.
Following the focus on ransomware at the Financial Action Task Force (FATF) February plenary, compliance staff should keep an eye out for the watchdog’s upcoming ransomware guidance. Due to be published in March 2023, the guidance will include a list of risk indicators that will help public and private sector entities detect suspicious activities related to cybercrime.
Since managing the risk of ransomware is becoming increasingly complex, compliance teams should review their cyber defenses, enhancing them where they are not commensurate with a firm’s risk profile. Good cyber hygiene is also essential. Furthermore, digital-native firms that are not operating programs to stress test platforms for potential flaws should consider implementing them, alongside frequently-scheduled pen testing exercises.
The scale and number of ransomware attacks are increasing. Uncover how firms can protect themselves from mounting cyber threats and other key financial crime trends.
Download nowOriginally published 09 March 2023, updated 10 March 2023
Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.
Copyright © 2023 IVXS UK Limited (trading as ComplyAdvantage).