Service model driving cyber crime, says Europol report

The cyber crime support industry is becoming increasingly commercialised, says a report by the European Cybercrime Centre

The cyber crime support industry is becoming increasingly commercialised, according to a report published by Europol’s European Cybercrime Centre.

Specialists in the virtual underground economy are developing products and services for use by other cyber criminals, the Internet Organised Crime Threat Assessment (IOCTA) report said.

The report’s authors believe this crime-as-a-service business model drives innovation and sophistication, and provides access to a wide range of services that facilitate almost any type of cyber crime.

As a result, the barriers to entry for cyber crime are being lowered to allow those lacking technical expertise - including traditional organised crime groups - to conduct cyber crime.

The report also highlights the abuse of legitimate services and tools such as anonymisation, encryption and virtual currencies, and the abuse of “darknets” for illicit online trade in drugs, weapons, stolen goods, stolen personal and payment card data, forged identity documents and child abuse material.

This hidden internet has become a principal driving force in the evolution of cyber crime and represents a highly complex challenge for law enforcement, the report said.

Criminals are also reducing their risk by operating from jurisdictions outside of the EU, which have outdated legal tools and insufficient response capacities.

"The inherently transnational nature of cyber crime, with its growing commercialisation and sophistication of attack capabilities, is the main trend identified in the IOCTA,” said Rob Wainwright, director or Europol.

“It means issues concerning attribution, the abuse of legitimate services, and inadequate or inconsistent legislation are among the most important challenges facing law enforcement today," he said.

EU home affairs commissioner Cecilia Malmström said the fact that almost anyone can become a cyber criminal is putting ever-increasing pressure on law enforcement authorities.

“We need to use our new knowledge of how organised crime operates online to launch more transnational operations," she said.

More on IOCTA's recommendations

  • Raising awareness
  • Building capacity
  • Standardising practices and procedures
  • Increasing international and cross-border cooperation
  • Exchanging information and intelligence
  • Developing adequate and harmonised legislation
  • Dismantling and disrupting criminal infrastructures behind illicit online services

“We need to ensure that investigations into payment card fraud and online child abuse do not stop at national borders."

The 2014 IOCTA report includes a set of recommendations for law enforcement to address the evolving and trans-national nature of cybercrime in a diverse and flexible manner.

The report will contribute towards the setting of EU priorities for 2015 in tackling cyber attacks, online sexual exploitation and payment fraud as part of serious organised crime.

One of the report’s co-authors, Alan Woodward of the University of Surrey, said that, because modern cybercrime is trans-national by nature, it is vital to take an international view of the threat it poses.

“Europol’s Cybercrime Centre is able to provide a unique perspective on this threat as it has access to data from law enforcement agencies across Europe.

“It should be seen as a vital piece of work that should be read by all policy makers and decision makers involved in combating cybercrime,” he said.

Woodward said that, if agencies fail to mobilise to meet the threats highlighted in the report, organised cybercrime will gain the upper hand.

“However, if agencies work together across borders, then we can use modern technologies to catch criminals, rather giving them a platform for ever more innovative forms of crime,” he said.

The Europol Cybercrime Centre hosts the recently-launched international cyber crime taskforce, which includes the UK as a founding member.

The Joint Cybercrime Action Taskforce (J-CAT), which is currently in a six-month pilot, will co-ordinate international investigations with partners targeting key cyber crime threats.

These include underground forums and malware, such as banking Trojans, that have targeted financial sector institutions in Europe, US and elsewhere. 

The J-CAT is led by Andy Archibald, deputy director of the National Cyber Crime Unit (NCCU) from the UK’s National Crime Agency (NCA).

The taskforce is made up of cyber liaison officers from EU states, non-EU law enforcement partners and the European Cybercrime Centre, and will operate from offices in Europol’s headquarters.

Austria, Canada, Germany, France, Italy, the Netherlands, Spain, the UK and the US are part of the J-CAT. Australia and Colombia have also committed to the initiative.

J-CAT is the first permanent, multilateral cyber crime taskforce established in Europe to co-ordinate investigations against top cyber-criminal networks.

Read more on Hackers and cybercrime prevention