Troels Oerting, Assistant Director, Head of

Download Report

Transcript Troels Oerting, Assistant Director, Head of

CRIM COMMITTEE HEARING ON
CYBERCRIME
EUROPEAN PARLIAMENT
Operations Department
Troels Oerting, Assistant Director, Head of
EUROPEAN CYBERCRIME CENTRE (EC3)
Brussels 17-18 September 2012
RESTREINT EU/EU RESTRICTED
Calculating
Researching
Connecting
Communicating
Cooperating
Globalizing
Publishing
1950
1960
1970
1980
1990
CLOUD
2000
2010
2020
Statistics
247 billion
Average number
of emails per
day
Facebook Users
Unique
URLs crawled
Internet
Users
1000
1651
140.000
800
2,6
million
@
new zombie
Amount of
170
computers
361
malicious
8 code
50
16
0,026
threats
in
2009
created
every
2002011
billion
2007
2009
Million
Million
Billion
1995
2000
2010
1998
2005
2008
$388
billion
Average
number
day
of spam emails
Total bill for cybercrime
(Symantec report 2011)
per day
Worst prediction award
There is no reason anyone would
want a computer in their home.
Ken Olsen - President, chairman, and founder of
Digital Equipment Corporation - 1977
Spam will be a thing of the past in
two years’ time.
Bill Gates - 2004
iPhone has no chance of gaining
significant market share
Steve Ballmer - CEO of Microsoft - 2007
GROWTH AND PROSPERTITY
•
•
•
•
•
IP v/4 versus IP v/6.
73 % OF INTERNET USERS DON’T USE ENGLISH.
72 % OF EU POPULATION IS ONLINE.
143.000 INTERNET RELATED BUSINESSES STARTS.
LAST 15 YEARS OF INTERNET HAS HAD MORE
POSITIVE IMPACT ON GDP THAN PREVIOUS 50
YEARS OF INDUSTRIAL REVOLUTION.
• 1 TRILLION USD IN ONLINE TRADE FORESEEN IN
2012.
• Mobile devices outsale PC.
• 2 second battery in 8 years 
THE GIVEN:
•Cyberspace drive economic growht and prosperity.
•Cyberspace drive interconnection.
•Increasing depencence on cybespace brings new risks.
•Cyberspace will increasingly be exploited by OC,
terrorists, activists, hackers, foreign intelligence services.
•In a globalised world where all networked system are
potentially vulnerable and where cyber attacts are difficult
to detect, there can be no such thing as absolute security.
•Cyberspace largely commercially owned and driven,
diverse in nature and predicting development difficult.
•LE works slowly and faces legal challenges in this rapid
and changing world.
6
THE CHALLENGES.
To create norms. To raise awareness.
To facilitate an understanding of the fact, that
what is illegal in the off-line world should also
be illegal in the on-line world.
To coordinate efforts in an area of 500 million
citizen, 27 individual states, 23 different
languages heavily ’wired’ (72 % compared to
global avarage of 34 %).
Focus on the big crime – not the digital ’bicycle
thefts’
7
The threat.
INTRUSION
Identity theft, malware, damage of all you
digital life, photos, mails. Hacking of public
websites – powerplants – medical records.
FRAUD
Netbank trojans, ATM, VAT, CC stock, mass
marketing fraud, double click etc.
IPR THEFT.
Innovation, marketing, branding, books.
CHILD SEXUAL EXPLOITATION.
Production, distribution, live crime.
The Digital Underground Economy
RESTREINT UE/EU RESTRICTED
Europol Unclassified – Basic Protection Level
EUROPOL
6
Europol Unclassified – Basic Protection Level
9
Europol Unclassified – Basic Protection Level
Cyberterrorism
Images: Symantec, Confederation of European Security Services, Oilism.com
13
Europol Unclassified – Basic Protection Level
EUROPEAN CYBERCRIME CENTRE
EC-3
Up and running by 1.1.13. Cruise speed at 1.1.14.
PART OF EUROPOL and it’s robust dataprotection
INFORMATION HUB/Fusion Centre. (What to prioritize)
Cyber Innovation Centre.
PUBLIC AWARENESS (Good behaviour – update)
OPERATIONAL SUPPORT (already ongoing)
FORENSIC SUPPORT (R&D)
CAPACITY BUILDING (training of P-P-J)
PROTECT CRITICAL INFRASTRUCTURE IN EU.
OUTREACH TO PRIVATE/PUBLIC PARTNERS.
STRATEGY AND FORWARD LOOKING. (scan – SIR)
COLLECTIVE VOICE. (ICANN/ITU)
14
THE INCLUSIVE APPROACH.
BASED ON MS and involving key 3rd states AND
PRIORITIZE/COORDINATE THE WORK
WE NEED TO DEVELOP TRUSTED RELATION TO OWNERS
OF THE CRITICAL INFRASTRUCTURE.
INCLUDE EU AGENCIES ALREADY IN THE BUSINESS:
EUROJUST, ENISA, CEPOL, EUCTF, COMMISSION, CERT-EU,
CIRCAMP, EEAS. No dublication but better overview. (Botnet clearing house)
INCLUDE KEY PARTNERS (Interpol global innovation
centre in Singapore – VGT – EFC – ICSPA – NCFTA - NATO)
Liaison Officers in house from more then 42 states – and
increasing.
15
FINAL REMARKS.
ECONOMY is key for EU.
It’s a myth that it is impossible to beat the cyber
criminals – it is difficult but not impossible, and
we have not really tried.
EC3 will not come for free. But the question is
not if we can afford it – the question is: Can we
afford not to invest in it !
16
Thank you
Question time
European Cybercrime Centre (EC3)
Smarter, faster, stronger – in the fight
against cybercrime.