The European Cybercrime Centre (EC3), which is now officially located in Europol, the European Police Office in The Hague, focuses on illegal online activities carried out by organized crime groups — especially attacks targeting ebanking and other online financial activities, online child sexual exploitation and crimes that affect the European Union’s critical infrastructure and information systems.
National police forces in Europe have been facing an uphill battle when forced to deal with cybercriminals who target hundreds of victims at a time and are not constrained by national laws or borders.
In a techcrunch.com article Natasha Lomas says the EC3 “marks a ‘significant shift’ in how the European Union addresses cybercrime — describing the new modus operandi as ‘more forward-thinking and inclusive’, with Member States pooling expertise and information, supporting criminal investigations and promoting EU-wide solutions.”
The EC3, which is funded within the Europol budget, has €7 million available for its 2013 operations (Europol’s total 2012 budget only came to around €84 million). The European Commission stated, however, that it was working to increase Europol’s budget to support the EC3’s anticipated increased workload.
EU Commissioner for Home Affairs, Cecilia Malmström noted, “The Cybercrime Centre will give a strong boost to the EU’s capacity to fight cybercrime and defend an internet that is free, open and secure. Cybercriminals are smart and quick in using new technologies for criminal purposes; the EC3 will help us become even smarter and quicker to help prevent and fight their crimes.”
Troels Oerting, Head of the European Cybercrime Centre added, “In combating cybercrime, with its borderless nature and huge ability for the criminals to hide, we need a flexible and adequate response.”
Oerting went on to describe the EC3 as a center for “operational investigative and forensic support” and as a hub for mobilizing “all relevant resources in EU Member States to mitigate and reduce the threat from cybercriminals wherever they operate from.”
Lomas writes that the EC3 will “develop a common standard for cybercrime reporting — so that serious cybercrime activity is reported to national law enforcement authorities in a uniform way — thereby allowing information about cybercrime taking place across Europe to be linked, regardless of which Member State it is reported in. The EC3 will then play another role in alerting Member States’ authorities to reports of similar cybercrime incidents taking place elsewhere in the region.”
The EC3’s Primary Functions are:
- Gathering and processing information on cybercrime
- Providing a cybercrime helpdesk for law enforcement in all EU states
- Supporting cybercrime investigations in EU states (fighting breaches, fraud, online child sexual abuse, etc.
- Supporting joint investigations carried out by more than one EU state with technical, analytical and forensic expertise
- Facilitating law enforcement cooperation with partners outside the EU and coordinating complex transnational cases in close collaboration with Eurojust (the EU agency for judicial cooperation) and Interpol
- Producing threat assessments, including trend analyses and forecasts as well as new developments on the ways cybercriminals operate
R&D and Training
- Collaborating closely with CEPOL (the European Police College) to develop training activities and raise awareness on cybercrime issues
- Facilitating research and development and ensuring capacity building among law enforcement, judges and prosecutors
- Developing forensic tools to help EU states better detect and prosecute cybercrime.
- Working closely with the private sector, research community, civil society, academia and computer emergency response teams to detect and respond comprehensively to cybercriminal activity
- Alignment of actions with other relevant international partners such as EUCTF (the European Union Cybercrime Taskforce), CIRCAMP (the Internet Related Child Abuse Material Project), EINSA (the European Network and Information Security Agency) and ECTEG (the European Cybercrime Training and Education Group)