This page contains a Flash digital edition of a book.
Organisation of Securities Commissions (Iosco), was quoted as predicting that the next big financial shock will come from cyber space, following a succession of attacks on financial players.


Alex Fidgen, Group Director at MWR InfoSecurity, agreed that “What is most interesting about the financial markets is that they are so demonstrably inter-connected, and therefore an effect felt in one market might quickly spread to interconnected markets and organisations. As the use of cyber-attacks matures, it will be increasingly used by countries to help support and execute their geo-political objectives. This will bring into scope a larger multiple of targets within a variety of different markets”. His view is that the disruption caused by the collapse of Lehman Brothers in 2008 was a good example of the potential effect a loss of confidence can have. And if such an event could be triggered via cyber-attack, countries with traditionally little to lose would benefit via such an ‘asymmetric approach’.


Analysis is at the core of its activities, with around 100 criminal analysts part of the 800- strong staff. Seconded officers from police forces and other law enforcement agencies are deployed within Europol. Its officers have no power of arrest, but they gather, analyse and disseminate information to support colleagues to combat crime across the EU.


Europol focuses on different types of criminal activity and terrorism as need shifts. Current activity includes cybercrime, IP crime, terrorism, illicit drugs, trafficking in human beings and facilitated illegal immigration.


INTERPOL vs Europol


Where INTERPOL is an international partnership organisation for police forces across the world, Europol focuses on the European Union and its priorities. Both organisations strive to point out that there is no competition between them and, in fact, a cooperation agreement was signed in 2001.


Andy Archibald from NCA says, “both organisations work hard to ensure that there is no duplication and that they complement each other. Both recognise that an international and partnership response is what is needed”.


An international approach to cybercrime


There is consensus from both IT and security professionals that cyber crime presents a clear threat to international business. In a recent Financial Times article, Greg Medcraft, chairman of the board of the International


© CI TY S ECURI TY MAGAZ INE – AUTUMN 2014


Clearly, cybercrime is an area where international co-operation is vital. “It is a global problem that no one country can solve alone, we need an international approach. For example, malware can be developed in an eastern European country, then further developed in Vietnam, can be purchased here, and used against UK finance organisations,” warns Andy Archibald.


One joint recent operation saw the alliance of law enforcement and industry to undertake measures against the network that formed the core of an advanced cybercriminal infrastructure, responsible for attacking online banking systems around the globe, using the Shylock Trojan.


This action included the the seizure of servers which formed the command and control system for the Trojan, as well as taking control of the domains Shylock uses for communication between infected computers.


The operation, coordinated by the NCA, brought together partners from the law enforcement and private sectors, including Europol, the FBI, BAE Systems Applied Intelligence, Dell SecureWorks, Kaspersky Lab and the UK's GCHQ (Government Communications Headquarters), to jointly combat the threat.


Troels Oerting, Head of the European Cybercrime Centre (EC3) at Europol, said, “This operation against sophisticated malware played a crucial role in the work to take down the criminal infrastructure. EC3 provided a unique platform and operational rooms equipped with state-of-the-art technical infrastructure and secure communication means, as well as cyber analysts and cyber experts."


Expert international cybercrime taskforce launched


Following these successes, EC3 launched a Joint Cybercrime Action Taskforce (J-CAT) in early September. Hosted at Europol and led by Andy Archibald, the J-CAT will be piloted for six months and will coordinate international investigations to take action against key cybercrime threats and top targets, such as underground forums and malware, including banking Trojans.


The J-CAT comprises a team of Cyber Liaison Officers from EU Member States, non-EU law enforcement partners and EC3. To date, Austria, Canada, Germany, France, Italy, the Netherlands, Spain, the UK and the US are part of the J-CAT. Australia and Colombia have also committed to the initiative.


At the launch, Troels Oerting, said, “Today is a good day for those fighting cybercrime in Europe and beyond. For the first time in modern police history a multi-lateral permanent cybercrime taskforce has been established in Europe to coordinate investigations against top cybercriminal networks.”


Troels explained that the Joint Cybercrime Action Taskforce will operate from secure offices in Europol’s HQ, assisted by experts and analysts from the European Cybercrime Centre. The aim is not purely strategic, but also very operational. Troels said, “The goal is to prevent cybercrime, to disrupt it, catch crooks and seize their illegal profits. This is a first step in a long walk towards an open, transparent, free but also safe Internet.”


The J-CAT will gather data on specific criminal themes from national repositories and from relevant government and private partners, as well as transforming this raw data into actionable intelligence, and proposing targets and networks for investigations. It will cover all relevant areas like malware coding, testing, distribution, Botnets, Crime-as-a-Service, online fraud, intrusion and similar top-end crimes. Andy Archibald said, “This group will look at threats that we face at a European level and identify the threat to individual countries. We will be working collaboratively to offer advice and guidance to develop a coordinated response to each threat.”


These advances to tackle cybercrime, together with a long tradition of collaboration at an international level between police forces, following well-established protocols and methods, make it clear that the global police partnership working will continue to be a major factor in combatting international crime.


> www. c i t y s e cur i t yma ga z ine . com 17


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36