Cybercrime as a trivial offence committed by tech-savvy loners sitting at home with nothing better to do: this stereotype is seriously outdated, if indeed it was ever remotely accurate.
Cybercrime is a fast-growing area of crime and a growing number of criminals are exploiting the anonymity offered by the Internet to commit a range of criminal activities that know no borders, earning huge illicit profits in the process. Some EU Member States already report that the number of cyber-crime offences may have surpassed those associated with traditional crimes.
What we see at Europol is that the volume, scope and material cost of cyber-crime all remain on an upward trend and have reached alarming levels. The relentless growth of illicit cyber-criminal markets remains a real and significant threat to our collective security in Europe.
At Europol, we are particularly concerned about how an expanding cyber-criminal community has been able to exploit our increasing dependence on technology and the Internet. Malware, which was previously only a threat for desktop computers, is increasingly an issue for smartphones, reflecting the transition of many of our communications and transactions to handheld devices. Further down the line, the growing Internet of Things will expand the range of (often insecure) internet-connected devices that are potentially vulnerable to attack, and even capable of participating in cyber-attacks.
We have also seen a marked shift in cyber-facilitated activities relating to ‘real world' crimes, such as trafficking in human beings, terrorism and other threats. The Darknet provides a platform for the growing Crime-as-a-Service model that interconnects specialist providers of cyber-crime tools and services with an increasing number of organised crime groups. Terrorist actors clearly have the potential to access this sector in the future.
In response, law enforcement authorities are working hard to develop their skill-sets and capabilities. The European Cybercrime Centre at Europol (EC3) provides the ideal platform for national agencies to cooperate on cross-border investigations, but also to pool their often limited resources and benefit from the centralised expertise offered by the Centre.
The law enforcement community has significantly upgraded its response to cyber-crime, but the growing misuse of legitimate anonymity and encryption services for illegal purposes remains a serious impediment to the detection, investigation and prosecution of criminals.
Europol's 2016 Internet Organised Crime Threat Assessment (IOCTA) identifies an expanding cyber-criminal economy exploiting our increasingly Internet-enabled lives and low levels of digital hygiene.
However, there are many positives to be taken from this report. Partnerships between industry and law enforcement have improved significantly, leading to the disruption or arrest of many major cyber-criminal syndicates and high-profile individuals associated with child abuse, cyber intrusions and payment card fraud.
Awareness and prevention activities can go a long way to reducing individuals' and businesses' vulnerability to cybercrime, while the high-end investigative capacity offered by EC3 and its international partners are increasingly used to bring serious offenders to justice.
Contributed by Rob Wainwright, director of Europol