Europe’s top cyber cop calls for access to online data

Trust in police and state should be applied in cyber space as it is in the real world, says the head of Europol’s EC3

The same trust in police and state should be applied in cyber space as in the real world, according to the head of Europol’s European Cybercrime Centre (EC3).

“I am getting a lot of flack from privacy people because I want police to have access to information on the internet,” Troels Oerting told the opening session of the ISSE 2014 security conference in Brussels.

He said although this is controversial in the post-Snowden era, if people do not trust the state and the police, they should get rid of them by voting for someone they do trust.

Oerting claimed the acceptable balance many countries have achieved between security and freedom in the physical world now needs to be extended to cyber space.

In traditional crime fighting, he said, police are able to conduct surveillance of suspects, yet there is resistance to allowing similar surveillance online.

Oerting said law enforcement needs to be allowed access to the tools required to monitor and identify suspects online as well as in the physical world.

“Law enforcement cannot be effective if we are prevented from identifying the perpetrators beyond reasonable doubt,” he said.

Balancing freedom and security on the web

Oerting claimed the time has come for an open discussion to find a workable balance between freedom and security in the online world.

“Most of the 2.9 billion people active online have no clue about security and someone has to protect them,” he said.

As this number grows to an expected four billion in just a few years’ time, Oerting said crime will also continue to grow, driven by the current situation of low risk and high profit.

“We need better awareness, better prevention and better protection,” he said.

While it is important for countries to educate citizens not to share everything with everybody, Oerting said more needs to be done to make cyber crime less attractive.

“We need an open debate on how we can best secure the internet for the benefit of all users,” he said.

Oerting called for greater regional and international co-operation between law enforcement authorities to ensure that cyber criminals can be identified and prosecuted wherever they may be operating from.

“Currently, most of the attacks come from outside the European Union and the US, with most malware producers being Russian-speaking rather than Chinese-speaking or from any other regions,” he said.

However, Oerting said this could change, which is why international co-operation is vital to tackling cyber crime in an effective way.

Commercialisation of cyber crime

In September 2014, an EC3 report found the cyber crime support industry is becoming increasingly commercialised.

We need an open debate on how we can best secure the internet for the benefit of all users

Troels Oerting, EC3

Specialists in the virtual underground economy are developing products and services for use by other cyber criminals, the Internet Organised Crime Threat Assessment (IOCTA) report said.

The report’s authors believe this crime-as-a-service business model drives innovation and sophistication, and provides access to a wide range of services that facilitate almost any type of cyber crime.

As a result, the barriers to entry for cyber crime are being lowered to allow those lacking technical expertise – including traditional organised crime groups – to conduct cyber crime.

Oerting concluded by re-iterating his appeal to give law enforcement access to the online surveillance tools required to fight crime in cyber space.

“We need to get away from IT religion and instead go into reality,” he said.

Read more on Hackers and cybercrime prevention