EU prepares to launch first cybercrime centre

cybercrime small.jpg

The European Union is set to establish a dedicated cybercrime centre at the beginning of 2013 aimed at tackling online operations of organised crime groups, ranging from e-banking fraud to online child sexual exploitation.

As a part of a bigger strategy to encourage e-commerce, Brussels announced yesterday (28 March) the establishment of a cybercrime centre to counter the online activities of organised crime.

The centre will be set up next in the offices of Europol, the European law enforcement agency based in The Hague. Europol already deals with computer crimes, but the centre is expected to increase this activity with new staff, up to 55 full-time employees, and an annual budget of €3.6 billion.

Yet the centre faces considerable obstacles: Gathering tips and information from a diverse region with multiple police jurisdictions and a private sector that may be hesitant to cooperate.

“Since cyberspace and the Internet’s infrastructure are for the most part owned by the private sector, only a shared, cross-community approach will bring enduring results in the fight against cybercrime,” says a Commission statement.

Telecoms companies that mostly own the networks have in the past staunchly opposed any move to transform them into what they call "cops of the net". Cost and responsibility linked to such an activity are considered too burdensome. Taking these reluctant actors on board will be another key test to measure the cybercrime centre effectiveness.

Cybercrime costs billions

Symantec Corporation's Norton online security unit estimates that cybercrime costs €85 billion annually and says people are much more likely to fall victim to online crime rather than off-line crime.

The most common cybercrimes are viruses and malware which attack remote computers, damaging them or stealing private information.

“More than 1 million people become victims of cybercrime every day,” EU Home Affairs commissioner Cecilia Malmström told press conference in Brussels.

Economic crimes are on the rise with criminal groups specialising in stealing sensitive data, such as passwords or credit card numbers. There is a flourishing black market for private financial data such as credit card details.

Tackling this growing phenomenon has long been among the priorities of many international and national organisations. European institutions are particularly keen to eradicate illegal activities as they push forward borderless e-commerce.

The online market could indeed tear down the last frontiers that hamper the functioning of a proper EU internal market. But dangers posed by cybercrime may delay the emergence of a truly European online market, as consumers remain wary of internet purchasing.

The centre will also concentrate on making the Web more secure for the millions of young Europeans who use it extensively and set up online profiles in social networks and other platforms.

Risks associated with social networks are not marginal. Between 250,000 and 600,000 Facebook accounts are blocked every day to stop hacking attempts, says the Commission.

Towards a directive on cyberattacks

Meanwhile, a new directive aimed at preventing and countering cyberattacks against strategic infrastructure is getting closer to approval by the EU institutions.

This week, the civil liberties committee of the European Parliament endorsed a new text with an overwhelming majority, paving the way to an easy adoption by the plenary in the coming weeks.

An agreement with member states is likely to be reached before the summer break.

Under the proposed rules, attacks on strategic electronic systems would become a criminal offence punishable by at least two years in prison throughout the EU. The move follows the massive cyberattack conducted against Estonia in 2007 (see background).

Cecilia Malmström, commissioner for Home Affairs, said: “We can't let cybercriminals disrupt our digital lives. A European cybercrime centre within Europol will become a hub for cooperation in defending an internet that is free, open and safe.”

Rob Wainwright, director of Europol, said: “The establishment of the European cybercrime centre will be a landmark development in the EU's fight against cybercrime. I am delighted that the Commission has proposed its establishment at Europol. Organised crime groups, terrorist groups and other criminals are quick to exploit the opportunities afforded by developments in technology, and the time is ripe for the authorities to get one step ahead. The European cybercrime centre will provide governments, businesses and citizens throughout the Union with the tools to tackle cybercrime.”

Monika Hohlmeier (European People's Party), European Parliament rapporteur on the directive on attacks on information systems, said: “The effort of collaboration in the fight against cyber crime has to be stepped up - amongst authorities and between companies and public bodies. I am hoping that the new European centre for cyber crime at Europol can be successful in preventing and fighting online crime in the EU”, said the European Parliament Rapporteur.

“There is a serious disconnect in how people view the threat of cyber crime,” said Adam Palmer, cyber security advisor at Norton. “Cybercrime is much more prevalent than people realise. Over the past 12 months, three times as many adults surveyed have suffered from online crime versus offline crime, yet less than a third of respondents think they are more likely to become a victim of cybercrime than physical world crime in the next year. And while 89% of respondents agree that more needs to be done to bring cybercriminals to justice, fighting cyber crime is a shared responsibility. It requires us all to be more alert and to invest in our online smarts and safety.”

EU and NATO authorities started to rethink their common approach to telecommunications network protection after a massive cyber attack carried out against Estonian public and private strategic infrastructure in 2007.

In March 2009, the European Commission published a new communication aimed at "protecting Europe from large scale cyber-attacks".

In April 2008, NATO leaders assembled at a summit in Bucharest agreed upon a common policy for cyber defence. They committed themselves to establishing a new authority with the primary task of coordinating NATO's "political and technical" reactions to cyber attacks.

In 2010 the European Commission proposed a new legislative text aimed at countering cyber attacks. The directive is to be voted by the plenary of the European Parliament and by members of the EU Council.

  • 2012: Commission plans to present “comprehensive strategy for European cybersecurity”
  • Summer 2012: Possible agreement among EU institutions on final text of directive on attacks against information systems
  • Jan 2013: EU cybercrime centre expected to start operations

Subscribe to our newsletters