22nd Oct 2016

EU cyber-crime chief fears massive proliferation

  • Oerting: "It's a myth that it is impossible to beat the cyber criminals. It is difficult but not impossible" (Photo: Tambako the Jaguar)

Europe's new online crime centre faces an almost insurmountable task, its incoming chief Troels Oerting has said.

"There is no absolute security, it is a myth," Oerting, who is from January to run the European Cybecrime Centre - an offshoot of the EU's joint police body, Europol - told MEPs at a hearing in Brussels on Monday (17 September).

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

He noted that the anonymity of online crime is a major problem.

There are currently some 3.4 billion possible Internet Protocol (IP) addresses which assign numerical labels to computers and devices connected online and that number is set to increase exponentially.

"We will soon have 4.2 billion billion billion billion billion billion billion billion addresses. And the police need to find the owners of these [if there is an investigation]," Oerting said.

He added that more than 200 billion spam emails are being sent every day and that 46 new malicious codes aimed to steal online data are being created every second.

Foreign intelligence services are among the long list of culprits who increasingly use the Internet to steal data to gain inside advantages on trade. Activists, hackers and organised crime are also becoming more active.

Unlike conventional crimes such as cocaine smuggling, police are often unable to trace online crimes which are committed easily, quickly and invisibly. It can be hard to distinguish between a cyber attack by a "clever" teenager and one committed by a criminal or state organisation.

The way forward, said Oerting, is to create better legal norms and public awareness and to ensure that what is illegal in the "offline world" is also illegal in the online one.

He said his new centre will combat intrusion, fraud, and child sexual exploitation.

Child exploitation is also getting worse.

Oerting recently returned from one country which is unable to cope with the high number of cases in the field. He would not name the country, but said it has a two-year backlog.

The centre hopes to co-ordinate with member state authorities and other EU agencies to ensure they do not overlap on investigations.

It will post liaison officers to the European Commission and the European External Action Service as well as to EU agencies.

Oerting noted that funding remains a problem in some of the smaller EU member states where there is no budget to investigate online cross-border crimes.

"I hate to say it, but when we invite [people] to meetings about Europol investigations, half of the most critical countries don't come. They haven't got the money for travelling," he said.

Meanwhile, some Internet Service Providers (ISPs), even when faced with a court order, are now asking law enforcement agencies €25 for each IP address they help out with.

Oerting said child sexual abuse cases can entail thousands of IP addresses. "One country, again I won't tell which one, couldn't afford it. The host country didn't want to pay it themselves, we [Europol] paid it," he explained.

What about privacy?

For his part, Hiekle Hijmans, an official from the European Data Protection Supervisor (EDPS), a Brussels-based EU agency, noted that authorities must ensure data protection rights are respected while tackling the problem.

"The fight against cyber crime often takes place in a pro-active preventive manner by trying to link individuals who are not yet suspected of crime," he said on the scattergun methods used by some police forces.

He pointed out that ISPs cannot be asked to carry out general monitoring of the personal information they store: "Systemic monitoring of content by the providers is highly intrusive."

Some member states, like France, allow police to use a "legalised Trojan horse" to spy on potential cyber criminals, Myriam Quemener, a French magistrate and cyber crime expert, said at the EU parliament hearing.

She noted that French police officers attempt to reach out online anonymously to make contact with criminals.

News in Brief

  1. Canada and Wallonia end talks without Ceta deal
  2. Juncker hopes for Canada accord in 'next few days'
  3. Romania drops opposition to Ceta
  4. Difficulties remain on Ceta deal, says Walloon leader
  5. Brexit could lead to 'some civil unrest' in Northern Ireland
  6. ECB holds rates and continues quantitive easing programme
  7. Support for Danish People's Party drops, poll
  8. Spain's highest court overturns Catalan ban on bullfighting

Stakeholders' Highlights

  1. EFADraft Bill for a 2nd Scottish Independence Referendum
  2. UNICEFCalls on European Council to Address Plight of Refugee and Migrant Children
  3. ECTAJoin us on 9-10 November in Brussels and Discover the new EU Digital Landscape
  4. Access NowCan you Hear me now? Verizon’s Opportunity to Stand for Global Users
  5. Belgrade Security ForumMeaningful Dialogue Missing Not Only in the Balkans, but Throughout Europe
  6. EASPDJoin the Trip! 20 Years on the Road. Conference & Photo Exhibition on 19-21 October
  7. EuropecheEU Fishing Sector Celebrates Sustainably Sourced Seafood in EU Parliament
  8. World VisionWomen and Girls Urge EU Leadership to Help end Gender-based Violence
  9. Dialogue PlatformIs Jihadism Blind Spot of Western Intellectuals ? Wednesday 26 October
  10. Belgrade Security ForumGet the Latest News and Updates on the Belgrade Security Forum @BelSecForum
  11. Crowdsourcing Week EuropeMaster Crowdsourcing, Crowdfunding and Innovation! Conference 21 November - 10% Discount Code CSWEU16
  12. EJCEU Parliament's Roadmap for Relations with Iran a Massive Missed Opportunity