A European response to cybercrime
Somebody calls and tells you that there is something wrong with your computer and that a technician needs to take a look by accessing it remotely. Five minutes later, your machine is infected with a virus, which you can get rid of if you just transfer a few hundred euros to the voice at the other end of the line.
This type of extortion has become increasingly frequent over the past months and years, along with other serious cybercrime like theft of account details, fake online shops, hacking of smartphones and large-scale, coordinated attacks on public services and infrastructure. Your credit card information can be collected through e-mails that appear to come from your bank, and then sold between organised crime groups for as little as one euro per card. Companies are attacked by hackers trying to get a hold of trade secrets. Only a few of these crimes are reported to the police; even fewer are actually solved. The risk of getting caught is low, while rewards are sky-high.
The most lasting damage of cybercrime is the spreading of fear – a fear of purchasing things online, of joining social networks, or of using day-to-day online services. Cybercrime erodes confidence in our open and free internet; it disrupts our digital lives and prevents us from taking full advantage of all online opportunities and services.
We should not be alarmist, but remain very alert. As the online part of our everyday lives is growing, organised crime is following suit. And these crimes affect each and every one of us. Already five years ago, major media outlets, banks and public authorities in Estonia were paralysed by a series of coordinated cyber attacks, and the world’s eyes were opened to just how vulnerable we all are. Despite this, there is still widespread lack of knowledge about how we should protect ourselves. For instance, when was the last time you changed your online passwords? Or updated the operating system of your smartphone? Between 250,000 and 600,000 Facebook accounts are blocked every day, after various types of hacking attempts.
Meanwhile, our already battered economy is harmed as cybercrime is spreading. In the EU as a whole, e-commerce only accounts for a modest four per cent of all sales. Estimates show that consumers would have more than €200 billion to gain from an increase in e-commerce and the removal of market barriers. Now that we need to pull Europe out of the crisis, it is even more crucial that we strengthen consumer confidence in the online marketplace.
Knowledge and experience of cybercrime vary among EU member states, and cross-border cooperation is all too rare – despite the fact that there is no criminality as borderless as this one; in no other area do criminals care so little where their victims are located.
Therefore I am proposing the establishment of a European Cybercrime Centre, which will bring together some of Europe’s brightest brains in the field of cybercrime under the flag of Europol. The European Cybercrime Centre, or EC3, will have the task of warning EU countries of major threats on the horizon and alerting them to weaknesses in their online defences. In addition, the centre will identify and map criminal activity by identifying patterns in, for example, virus attacks and then disseminate this information to both authorities and citizens. The centre will provide help to police investigations and serve as a base of knowledge in cases where national authorities run into difficulties. It will be composed of experts from Europol together with staff seconded from EU countries.
Let me also be very clear – the cyber centre will not be chasing file sharers or investigate breaches of the entertainment industries’ intellectual property rights. Its core tasks will be to fight the lucrative online fraud schemes of organised crime, by, for instance, tracing the use of credit card information stolen by mafia groups across more than one country.
Likewise, the centre will investigate large-scale cyber attacks directed at critical infrastructure in EU countries, and also combat networks that share pictures and videos of sexual abuse of children. If the police in one country seize a hard drive from a suspected sex offender, the EC3 can assist with the forensic examination of its content. More offenders and victims can then be identified through the exchange of information and the coordination of police efforts.
In Europe, awareness about these types of crime is currently far too uneven, and police resources are often limited. Some countries are at the forefront, both when it comes to law enforcement and prevention, whilst in others the authorities are still struggling to understand how the playing field has changed. As international cybercrime grows, our solutions need to follow suit and become truly transnational. The European Cybercrime Centre will become the hub of that co-operation – in order to defend an internet that is free, open and safe.
Ms Malmström is European Commissioner for Home Affairs.