Cyber crime costs the EU billions of euros each year – but to defeat it, we need better co-operation between member states
Gordon Brown has announced the creation of a new UK cyber-security centre to combat growing attacks on computer systems within government departments and big business. Police forces are planning to set up regional "cyber crime" squads on anti-terrorist lines. Brown's initiative follows an earlier move by Barack Obama to appoint a US "cyber tsar".
Britain has been holding talks with the US and Canada to co-ordinate operations against cyber-attacks by foreign powers, terrorists and criminals. But there is growing evidence of the need for a truly pan-European response to what is a rapidly accelerating threat across the whole of the EU – and to its businesses and 500 million citizens.
Organised criminal groups are using the internet to attack a large number of European citizens and businesses for huge gains. But the widely different jurisdictions and legal systems in the EU make it almost impossible for law enforcement agencies and the judiciary to successfully investigate and prosecute a pan-European criminal case. That's what has come home to me after taking part in the prosecution of more than 400 criminal cases.
The focus at the EU policymaking level is on protecting what is called critical information infrastructure, such as electricity grids. But what policymakers also need to do is find mechanisms to address organised cyber crime in Europe. It's so easy to move from one country to another and there are certainly no borders on the internet – but there are borders when it comes to judicial co-operation. That's the biggest challenge that Europe needs to address.
The EU is committed to rolling out high-speed broadband connections to all its citizens – a top priority for Viviane Reding, the EU information society and media commissioner. Unfortunately, while the internet offers great opportunities in our daily lives and in business, it is increasingly used for illegal gains. So we need to find common solutions that make it hard for online criminals to defraud businesses and consumers, download illegal content, move funds illegally etc.
Reding is also pressing the EU to appoint its own cyber tsar, primarily to combat attacks on infrastructure such as those in Estonia, Lithuania and Georgia in the past two years. This was the main topic of a cyber warfare conference this month in Tallinn, the Estonian capital, where EU ministers initially discussed it in late April.
But it's clear that gaps in judicial co-operation in Europe are creating a paradise for internet fraud. It's also clear that the majority of cyber threats in Europe are not related to cyber warfare but to cyber fraud, a much bigger and more widespread phenomenon – and growing exponentially. A typical example of a fraudulent scheme would be: fraudster X masterminds a criminal ring in, say, Italy organising cross-border phishing (sending spoof emails) attacks from several EU countries that target financial institutions and e-commerce globally. By recruiting online "money mules" in other countries to move the money from one jurisdiction to another and paying them a small fee X creams the bulk of the huge profits. Fraudsters are even creating their own ISPs (internet service providers) to use the IPs (internet protocols) for their criminal activities.
More:
http://www.guardian.co.uk/commentisfree/2009/jun/25/cyber-crime-europe
