Tag Archives: cybercrime

EU sanctions ‘Cloud Hopper’

The EU Council decided to impose restrictive measures against six individuals and three entities responsible for or involved in various cyber-attacks. These include the attempted cyber-attack against the Organisation for the Prohibition of Chemical Weapons (OPCW), and those publicly known as ‘WannaCry’, ‘NotPetya’, and ‘Operation Cloud Hopper’.

The sanctions imposed include a travel ban and an asset freeze. In addition, EU persons and entities are forbidden from making funds available to those listed.

Sanctions are one of the options available in the EU’s cyber diplomacy toolbox to prevent, deter and respond to malicious cyber activities directed against the EU or its member states, and today is the first time the EU has used this tool. The legal framework for targeted restrictive measures against cyber-attacks was adopted in May 2019 and recently renewed.

In recent years, the EU has scaled up its resilience and its ability to prevent, discourage, deter and respond to cyber threats and malicious cyber activities in order to safeguard European security and interests.

In June 2017, the EU stepped up its response by establishing a Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities (the “cyber diplomacy toolbox”). The framework allows the EU and its member states to use all CFSP measures, including restrictive measures if necessary, to prevent, discourage, deter and respond to malicious cyber activities targeting the integrity and security of the EU and its member states.

Targeted restrictive measures have a deterrent and dissuasive effect and should be distinguished from attribution of responsibility to a third state.

The EU remains committed to a global, open, stable, peaceful and secure cyberspace and therefore reiterates the need to strengthen international cooperation in order to promote the rules-based order in this area.

NATO under cyber attacks

The face of war is changing dramatically as cyber and electronic attacks become increasingly commonplace, and so must our allies’ understanding of defense.

Of NATO 28’s member states, only five meet the goal – German defense spending is just 1,2% of GDP. President Trump has a point: NATO’s economics are clearly not working out, and this is undermining the alliance. But the crucial adjustment that is needed is not the amount of spending, but what it seeks to fund.

Europol fighting cybercrime child abuse


Peer-to-peer file sharing makes the collecting and sharing of child sexual abuse material online easy. Law enforcement all over Europe and their partners, with the support of Europol and EMPACT are now using those same networks to combat the illegal distribution of these files by sending a message to their users.  This Police2Peer action will spread a unique new message about the consequences for users when illegal child abuse files are shared.

Peer-to-peer file sharing has been a major facilitator of the distribution of child sexual abuse material across the world for over a decade. Files shared from the private computers of internet users across Europe have contributed to the wide availability of this material. During this time, offenders on these networks have been investigated, arrested and convicted, individually and through national and international initiatives. Whilst this approach has had a positive impact to reduce the threat and increase prosecutions, child abuse material is still being accessed online. This new initiative is being implemented to prevent offending and to ensure those who continue to view child abuse material understand they will be subjected to a robust law enforcement response.

Law enforcement will inform users of the consequences of their illegal actions and how to seek help.  “Law enforcement will no longer accept children being repeatedly re-victimised through their abuse being shared to and from users on peer-to-peer networks. Through EMPACT we are making it absolutely clear that these networks are not a safe place for those exploiting children.  They may encounter the police each time they upload or download this material,” says the action leader Bjørn-Erik Ludvigsen of Norway’s National Criminal Investigation Service.

Those with a problematic sexual interest in children can access a domain (http://helplinks.eu) with links to help resources. No information on the visitors to this domain or the separate, individual services it links to, will ever become part of a police investigation.

Europol is an active participant in the Police2Peer action, supporting it through the hosting of resources linked to the initiative on its website. Additionally Europol will provide analytical support to partners in the initiative, quantifying its impact over time on affected networks.

Europol: cybercrime child abuse


Europol European Cybercrime Centre (EC3) has successfully supported efforts to identify several victims of child sexual abuse through its third Victim Identification Task Force (VIDTF). The VIDTF 3 hosted at Europol headquarters from 28 January to 10 February saw experts from around the world identifying victims of child sexual abuse and exploitation using advanced techniques, software and their knowledge and expertise. As a result, victims of this damaging crime have been located living in several countries in the EU and beyond. Law enforcement authorities in those countries are currently working to finalise the identification of the children and save them from further atrocities.

VIDTF 3 saw 25 experts in victim identification from 16 countries and 22 agencies coming together to work on shared materials at Europol’s headquarters over 12 days. They were supported by Europol staff, all specialists and analysts in this crime area. The unique combination of collaborative work, image and video analysis, and criminal intelligence meant that the experts worked through millions of files to find and exploit vital clues. The effort was funded by the European Commission’s EMPACT Cyber CSE programme.

The uploading of groups of linked images and video files to the International Child Sexual Exploitation Database (ICSE) hosted at Interpol is an integral part of the VIDTF model. This allows investigators with access to ICSE to contribute to the effort while it is taking place and afterwards. In VIDTF 3 the different teams uploaded 265 new contributions to ICSE and made more than 350 additions to existing contributions, therefore increasing the chances of the victims depicted being identified and safeguarded. Another significant part of the work is using existing techniques and developing new techniques to gather information from images and video files. Experts worked extensively on this and shared the new knowledge with their colleagues.

“Europol and EC3 are determined to put victims at the centre of investigations of this type. The Victim Identification Task Force is a very definite way of illustrating that resolve. Victims of this crime of sexual abuse and exploitation deserve every chance to be made safe from past and future harm. At Europol we will do everything that we can to support the international community of investigators in ensuring that this is the case,” –Steven Wilson, Head of EC3 said.

Victim identification experts participated from Interpol and law enforcement agencies in Australia, Austria, Belgium, Canada, Cyprus, Estonia, France, Germany, Italy, Netherlands, Portugal, Romania, Spain, Switzerland, UK and USA.

Europol: Cybercriminals arrests

EUROPOL, DEPECHE: Members of an international cybercrime syndicate  active in Europe and Asia apprehended  five members of an international organised criminal group  (OCG) have been arrested and three of them convicted so far as a result of a complex operation led by law enforcement agencies from Europe and Asia, with the active support of Europol’s European Cybercrime Centre (EC3).
“The majority of cybercrimes have an international dimension, taking into account the origins of suspects and places where crimes are committed. Only through a coordinated approach at the global level between law enforcement agencies can we successfully track down the criminal networks behind such large-scale frauds and bring them to justice,” –  said Steven WILSON, Head of Europol’s European Cybercrime Centre.
This organised crime group is responsible for carrying out highly-sophisticated attacks against banks’ ATMs which were made to dispense all the money deposited inside.The modus operandi employed was very complex and involved:spear-phishing emails with attachments containing malicious programmes; penetration of the banks’ internal networks; compromising and controlling the network of ATMs; special computer programmes which deleted most of the traces of the criminal activity.

One arrest has been made by the Romanian National Police, three arrests by the Taiwanese Criminal Investigation Bureau and one arrest by the Belarusian Central Central Office of the Investigative Committee.

In some cases, after the cashing-out, the stolen money was partially recovered from the criminals.

The investigation was initiated at the beginning of 2016.The members of the OCG were recruited online, most of them with multiple citizenships which allowed them to easily travel and commit crimes all over the world.

Losses caused to the banks are estimated at around three million euro (EUR 3 million).

Europol’s European Cybercrime Centre (EC3) assisted the investigation by providing analytical support, organising operational meetings in Europe and Asia as well as analysing the seized data/ equipment.