crim committee hearing on cybercrime european parliament
DESCRIPTION
CRIM COMMITTEE HEARING ON CYBERCRIME EUROPEAN PARLIAMENT. Operations Department. Troels Oerting, Assistant Director, Head of EUROPEAN CYBERCRIME CENTRE (EC3). Brussels 17-18 September 2012. 1950. 1960. 1970. 1980. 1990. 2000. 2010. 2020. CLOUD. Calculating. - PowerPoint PPT PresentationTRANSCRIPT
RESTREINT EU/EU RESTRICTED
CRIM COMMITTEE HEARING ON CYBERCRIME
EUROPEAN PARLIAMENT
Operations Department
Brussels 17-18 September 2012
Troels Oerting, Assistant Director, Head of Troels Oerting, Assistant Director, Head of EUROPEAN CYBERCRIME CENTRE (EC3)EUROPEAN CYBERCRIME CENTRE (EC3)
1950 1960 19801970 1990 20102000 2020
CLOUD
CalculatingResearchingConnectingCommunicatingPublishingGlobalizingCooperating
Statistics
Internet Users Million
16
361
1651
1995 2000 2010Facebook Users Million
50170
800
2007 2009 2011Unique URLs crawled Billion
0,0268
1998 2005 2008
1000
@
200 billionAverage number of spam emails per day
247 billionAverage number of emails per day
140.000 new zombie computers created every day
2,6 millionAmount of malicious code threats in 2009
$388 billionTotal bill for cybercrime
(Symantec report 2011)
There is no reason anyone would want a computer in their home.Ken Olsen - President, chairman, and founder of Digital Equipment Corporation - 1977
Spam will be a thing of the past in two years’ time.Bill Gates - 2004
iPhone has no chance of gaining significant market shareSteve Ballmer - CEO of Microsoft - 2007
Worst prediction award
GROWTH AND PROSPERTITY
• IP v/4 versus IP v/6.• 73 % OF INTERNET USERS DON’T USE ENGLISH.• 72 % OF EU POPULATION IS ONLINE.• 143.000 INTERNET RELATED BUSINESSES STARTS.• LAST 15 YEARS OF INTERNET HAS HAD MORE
POSITIVE IMPACT ON GDP THAN PREVIOUS 50 YEARS OF INDUSTRIAL REVOLUTION.
• 1 TRILLION USD IN ONLINE TRADE FORESEEN IN 2012.
• Mobile devices outsale PC.• 2 second battery in 8 years
THE GIVEN:
•Cyberspace drive economic growht and prosperity.•Cyberspace drive interconnection.
•Increasing depencence on cybespace brings new risks.•Cyberspace will increasingly be exploited by OC, terrorists, activists, hackers, foreign intelligence services. •In a globalised world where all networked system are potentially vulnerable and where cyber attacts are difficult to detect, there can be no such thing as absolute security.•Cyberspace largely commercially owned and driven, diverse in nature and predicting development difficult.•LE works slowly and faces legal challenges in this rapid and changing world.
6
THE CHALLENGES.
To create norms. To raise awareness.
To facilitate an understanding of the fact, that what is illegal in the off-line world should also be illegal in the on-line world.
To coordinate efforts in an area of 500 million citizen, 27 individual states, 23 different languages heavily ’wired’ (72 % compared to global avarage of 34 %).
Focus on the big crime – not the digital ’bicycle thefts’7
The threat.
INTRUSIONINTRUSION
Identity theft, malware, damage of all you Identity theft, malware, damage of all you digital life, photos, mails. Hacking of public digital life, photos, mails. Hacking of public websites – powerplants – medical records.websites – powerplants – medical records.
FRAUDFRAUD
Netbank trojans, ATM, VAT, CC stock, mass Netbank trojans, ATM, VAT, CC stock, mass marketing fraud, double click etc.marketing fraud, double click etc.
IPR THEFT.IPR THEFT.
Innovation, marketing, branding, books.Innovation, marketing, branding, books.
CHILD SEXUAL EXPLOITATION.CHILD SEXUAL EXPLOITATION.
Production, distribution, live crime.Production, distribution, live crime.
The Digital Underground Economy
RESTREINT UE/EU RESTRICTED
EUROPOL
Carding Forums
Hackers’ Forums
Bullet-proof Hosting
Webcam
Model Agencies
Social NetworkingSites
!Child Sexual
Abuse
P2P Filesharing
!Software
Piracy
!I llegal
Downloads
P2P/Bulletin Boards
Virtual PaymentSystems
!Money
Laundering
Online Banking
Virtual Worlds Online Gambling
!Credit Card
Chargebacks
!Gold Farming
!Crimeware
!Phishing
!Carding
!!Skimming
Dark AddressSpace
Retail Websites
!Automated
Clearing House Fraud
!Hacking
Payment Processors
Corporate/Retail Databases
!Advance Fee
Fraud
!Distributed Denial of Service!
Extortion
!Website
Spoofing/Redirects
!Counterfeit
Pharma-ceuticals
BotnetsSpam
Virtual Private Networks
!Rogue Anti-
Virus
Recruitment
HardwareMarketplaces
!Botnet Leasing
Fig. 1 Simplified Snapshot of the Digital Underground Economy
Europol Unclassified – Basic Protection Level
6Europol Unclassified – Basic Protection Level
9Europol Unclassified – Basic Protection Level
13
Cyberterrorism
Europol Unclassified – Basic Protection Level
Images: Symantec, Confederation of European Security Services, Oilism.com
EUROPEAN CYBERCRIME CENTRE EC-3
Up and running by 1.1.13. Cruise speed at 1.1.14.PART OF EUROPOL and it’s robust dataprotection
INFORMATION HUB/Fusion Centre. (What to prioritize)Cyber Innovation Centre.PUBLIC AWARENESS (Good behaviour – update)OPERATIONAL SUPPORT (already ongoing)FORENSIC SUPPORT (R&D)CAPACITY BUILDING (training of P-P-J)PROTECT CRITICAL INFRASTRUCTURE IN EU.OUTREACH TO PRIVATE/PUBLIC PARTNERS.STRATEGY AND FORWARD LOOKING. (scan – SIR)
COLLECTIVE VOICE. (ICANN/ITU)14
THE INCLUSIVE APPROACH.
BASED ON MS and involving key 3rd states AND BASED ON MS and involving key 3rd states AND PRIORITIZE/COORDINATE THE WORKPRIORITIZE/COORDINATE THE WORK
WE NEED TO DEVELOP TRUSTED RELATION TO OWNERS OF WE NEED TO DEVELOP TRUSTED RELATION TO OWNERS OF THE CRITICAL INFRASTRUCTURE. THE CRITICAL INFRASTRUCTURE.
INCLUDE EU AGENCIES ALREADY IN THE BUSINESS:INCLUDE EU AGENCIES ALREADY IN THE BUSINESS:
EUROJUST, ENISA, CEPOL, EUCTF, COMMISSION, CERT-EU, EUROJUST, ENISA, CEPOL, EUCTF, COMMISSION, CERT-EU, CIRCAMP, EEAS. No dublication but better overview. (Bot-CIRCAMP, EEAS. No dublication but better overview. (Bot-net clearing house)net clearing house)
INCLUDE KEY PARTNERS (Interpol global innovation INCLUDE KEY PARTNERS (Interpol global innovation centre in Singapore – VGT – EFC – ICSPA – NCFTA - NATO) centre in Singapore – VGT – EFC – ICSPA – NCFTA - NATO) Liaison Officers in house from more then 42 states – and Liaison Officers in house from more then 42 states – and increasing.increasing.
15
FINAL REMARKS.
ECONOMY is key for EU. ECONOMY is key for EU.
It’s a myth that it is impossible to beat the It’s a myth that it is impossible to beat the cyber criminals – it is difficult but not cyber criminals – it is difficult but not
impossible, and we have not really tried.impossible, and we have not really tried.
EC3 will not come for free. But the question is EC3 will not come for free. But the question is not if we can afford it – the question is: Can we not if we can afford it – the question is: Can we
afford not to invest in it !afford not to invest in it !
16
Thank you
Question time
European Cybercrime Centre (EC3)
Smarter, faster, stronger – in the fight against cybercrime.