“I think between us and the Americans, we think we know the majority of the kingpins who are behind, for example, the development of the malware,” Mr Rob Wainwright says.
The new criminal organizations have a flexible structure and operate on a large scale, they are able to rapidly respond to the pressure made by law enforcement and dynamically reorganize their operations.
Let consider the case of the recent Onymous operation run the Europol joint with other law enforcement worldwide against the black markets hosted on the Tor network. A few days after the seizure on the principal marketplaces the experts noticed a surge of illegal activities. According to data provided by the non-profit Digital Citizens Alliance Security, experts noticed a rapid growth of the Evolution dark market that has more than tripled the number of the new products offered, including weapons, stolen credit card data and counterfeit documents.
Cyber crime is attracting even more high skilled specialists that allow various criminal crews to arrange sophisticated scams and implement complex evasion techniques.
Rumors report that the leader of a global cybercrime syndicate has offered a Ferrari to the hacker who came up with the best scam. The boss recorded a video in a luxury car showroom and according the experts the video was made by professionals. The cyber crime presented as a brand, a luxurious lifestyle is offered to skilled hackers that in many cases work for just one hundred dollars per months.
“There are three employers out there: the police, the tech companies and the bad guys. They are all after the same style of graduates,” says Mr Wainwright. ““We do pretty well because we can pay very well. We have some Romanian cyber analysts here who are fantastic at what they do. But some of the guys that arrived with them at university took a left turn coming out of the building instead of a right turn.”
How to fight the cybercrime?
It is a game that must involve everyone, law enforcement, private companies and every individual. We must spread awareness of principal cyber threats, people must be aware of threat actors and their tactics. But is not enough, we need a law framework globally accepted to tackle the illegal activities of numerous criminal crews that operate in a space without boundaries, the cyberspace.
“Across the board in Europe, the police are really struggling to get the right guys through the doors because they can’t afford to pay the rates that criminals and the tech guys do,” says Rob Wainwright, the director of Europol. “We’re not getting the right people and there’s not enough training of existing cops.”
As explained by Mr. Wainwright, kingpins behind principal cyber criminal syndicates are protected by the lack of an official law framework that is written with the intent to persecute online crimes.
In October, the Head of Europol’s Cybercrime Centre Troels Oerting explained to the BBC’s Tech Tent that legislation needs to target a “limited” number of skilled programmers which have the skills necessary to carry out illegal activities online.
“Criminals no longer come to our countries, they commit their crimes from a distance and because of this I cannot use the normal tools to catch them. I have to work with countries I am not used to working with and that scares me a bit,” he told the BBC.
Mr Wainwright also explained the impact of the Snowden‘s revelations on the activities of law enforcement, he highlighted the difficulties to track cyber criminals due to the improvement of tech IT giant to their products and solution. Companies like Apple are developing a new generation of solution that adopt the state of the art of encryption and can protect users from law enforcement investigations.
“The internet allows for the offender online to conceal his identity in a way that makes it in some cases impossible for police to overcome,” says Mr Wainwright. “The commercial imperative has changed from the post 9/11 world when most tech firms, the airline industry and so on understood that the commercial imperative was to work as closely as possible with the authorities to prevent the next terrorist attack. “Something has changed to such a point, accelerated by the impact of Snowden, in which they understand the public’s greater concern to be threat of Big Brother snooping from the state.”
Pierluigi Paganini
(Security Affairs – Europol, cybercrime)