A new European Cybercrime Center

That budget is underwhelming in today’s market. To put it in perspective, Oxford University announced its own Cyber Security Centre on Monday as “an umbrella for current research activity worth in excess of £5m” – getting close to twice the EU Center’s budget. Norton suggests the annual loss to cybercrime is up to $388 billion dollars, while the UK Home Office suggests it costs the UK alone £30 billion annually. The reality is, then, the EU’s Cybercrime Centre, with a budget of €3 million, will not have a huge new direct effect on the fight against international digital crime. But that’s to misunderstand its primary purpose – which is to provide a focal point for all of the existing national and private cybercrime centers around Europe, and beyond.

The primary purpose of the new centre is to disrupt the operation of organized crime, says the EU. But it is not likely to do this in a proactive manner from within its own resources. Instead, says the EU, “the Centre will gather information from a variety of sources – not only law enforcement authorities – to support investigations conducted by Member States' authorities.” In security terms, the new EU Cybercrime Center can be best viewed as a correlation engine able to find new relationships in Europe’s cybercrime Big Data and draw new conclusions.

Central to this is the one new function specifically mentioned in the EU announcement: “The Centre will further develop a common standard for cybercrime reporting so that serious cybercrime can be reported to national law enforcement authorities in a uniform way.” This is important. It will be the SNMP of the European correlation engine, helping to provide a unified European understanding of the cyber threat. “I think that having a common mechanism of reporting cyber crime will be useful,” Microsoft UK’s chief security advisor Stuart Aston told Infosecurity. “Very useful, especially as so many crimes are unreported today. The challenge with the 30 billion and 300+ billion numbers is they are guesses – nobody knows, because they are not reported.”

There are two tasks here: firstly to develop an acceptable standard reporting methodology; and then to ensure it is used. “It will only be useful,” added Aston, “if people actually use the system to report cybercrime, and act on the reports they receive.”

But if the EU’s Cybercrime Center succeeds in this task its other purposes will become easier. By providing a better means for correlating and disseminating data between private industry such as Microsoft and the anti-malware industries, the various specialist European police forces including Interpol and the Met’s new cybercrime hubs together with the the European intelligence agencies such as CESG, this small underfunded office within Europol could have a major impact in the fight against cybercrime. In warfare terminology, the fight is currently assymetric in favour of the criminal gangs. By enabling the correlation of data from throughout Europe, the EU Cybercrime Center could return it to a symmetrical battleground.

What’s hot on Infosecurity Magazine?