Sunday

4th Dec 2016

EU cyber-crime chief fears massive proliferation

  • Oerting: "It's a myth that it is impossible to beat the cyber criminals. It is difficult but not impossible" (Photo: Tambako the Jaguar)

Europe's new online crime centre faces an almost insurmountable task, its incoming chief Troels Oerting has said.

"There is no absolute security, it is a myth," Oerting, who is from January to run the European Cybecrime Centre - an offshoot of the EU's joint police body, Europol - told MEPs at a hearing in Brussels on Monday (17 September).

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

He noted that the anonymity of online crime is a major problem.

There are currently some 3.4 billion possible Internet Protocol (IP) addresses which assign numerical labels to computers and devices connected online and that number is set to increase exponentially.

"We will soon have 4.2 billion billion billion billion billion billion billion billion addresses. And the police need to find the owners of these [if there is an investigation]," Oerting said.

He added that more than 200 billion spam emails are being sent every day and that 46 new malicious codes aimed to steal online data are being created every second.

Foreign intelligence services are among the long list of culprits who increasingly use the Internet to steal data to gain inside advantages on trade. Activists, hackers and organised crime are also becoming more active.

Unlike conventional crimes such as cocaine smuggling, police are often unable to trace online crimes which are committed easily, quickly and invisibly. It can be hard to distinguish between a cyber attack by a "clever" teenager and one committed by a criminal or state organisation.

The way forward, said Oerting, is to create better legal norms and public awareness and to ensure that what is illegal in the "offline world" is also illegal in the online one.

He said his new centre will combat intrusion, fraud, and child sexual exploitation.

Child exploitation is also getting worse.

Oerting recently returned from one country which is unable to cope with the high number of cases in the field. He would not name the country, but said it has a two-year backlog.

The centre hopes to co-ordinate with member state authorities and other EU agencies to ensure they do not overlap on investigations.

It will post liaison officers to the European Commission and the European External Action Service as well as to EU agencies.

Oerting noted that funding remains a problem in some of the smaller EU member states where there is no budget to investigate online cross-border crimes.

"I hate to say it, but when we invite [people] to meetings about Europol investigations, half of the most critical countries don't come. They haven't got the money for travelling," he said.

Meanwhile, some Internet Service Providers (ISPs), even when faced with a court order, are now asking law enforcement agencies €25 for each IP address they help out with.

Oerting said child sexual abuse cases can entail thousands of IP addresses. "One country, again I won't tell which one, couldn't afford it. The host country didn't want to pay it themselves, we [Europol] paid it," he explained.

What about privacy?

For his part, Hiekle Hijmans, an official from the European Data Protection Supervisor (EDPS), a Brussels-based EU agency, noted that authorities must ensure data protection rights are respected while tackling the problem.

"The fight against cyber crime often takes place in a pro-active preventive manner by trying to link individuals who are not yet suspected of crime," he said on the scattergun methods used by some police forces.

He pointed out that ISPs cannot be asked to carry out general monitoring of the personal information they store: "Systemic monitoring of content by the providers is highly intrusive."

Some member states, like France, allow police to use a "legalised Trojan horse" to spy on potential cyber criminals, Myriam Quemener, a French magistrate and cyber crime expert, said at the EU parliament hearing.

She noted that French police officers attempt to reach out online anonymously to make contact with criminals.

News in Brief

  1. Talks on wholesale roaming rules to start
  2. Lead MEP Dieselgate committee: Italy and Slovakia will cooperate
  3. Transparency NGO sues EU commission on Turkey deal
  4. Pro-EU liberal wins UK by-election
  5. Finnish support for Nato drops, Russia-scepticism grows
  6. Cyprus talks to resume in January
  7. Documents from German NSA inquiry released
  8. Transport commissioner 'not aware' of legal action on emissions

Stakeholders' Highlights

  1. CESIElects Leaders and Sets Safety & Health at Work and Gender Equality Among the Guidelines For Next Term
  2. European Gaming & Betting AssociationContinues to Grow its Membership and Welcomes its Newest Member Association
  3. ACCASupports the Women of Europe Awards, Celebrating the Women who are Building Europe
  4. European Heart NetworkWhat About our Kids? Protect Children From Unhealthy Food and Drink Marketing
  5. ECR GroupRestoring Trust and Confidence in the European Parliament
  6. UNICEFChild Rights Agencies Call on EU to put Refugee and Migrant Children First
  7. MIRAIA New Vision on Clean Tech: Balancing Energy Efficiency, Climate Change and Costs
  8. World VisionChildren Cannot Wait! 7 Priority Actions to Protect all Refugee and Migrant Children
  9. ANCI LazioRegio-Mob Project Delivers Analysis of Trasport and Mobility in Rome
  10. SDG Watch EuropeCivil Society Disappointed by the Commission's Plans for Sustainable Development Goals
  11. PLATO15 Fully-Funded PhD Positions Open – The Post-Crisis Legitimacy of the EU (PLATO)
  12. Access NowTell the EU Council: Protect our Rights to Privacy and Security