A glimpse into how Europe’s top cops deal with cybercrime

CYBERCRIME is something that keeps business leaders and security professionals up at night — but it also costs the economy a great deal.

According to recent estimates, breaches in cyberspace cost Germany US$64 billion per annum and US$170 billion to Europe and Central Asia. To the USA, it costs US$157.5 billion per year on average, and to “East Asia and the Pacific”, it costs US$160 billion.

Further, analysts at Accenture believe that cybercrime could cost companies across the world US$5.2 trillion over the next five years.

While there have been plenty of discussions about how businesses handle (or try to handle) these cyber incidents, not much is said about the action that the police take.

In an exclusive interview with Tech Wire Asia ahead of the Interpol World 2019 summit in Singapore, Germany’s Federal Criminal Police Office (Bundeskriminalamt, BKA) Head of Cybercrime Research Patrick Voss-De Haan sheds light on the operations and concerns of the agency and offers some advice to businesses looking to protect themselves.

“Within the BKA, the subdivision SO 4 – Cybercrime within the Serious and Organized Crime (SO) division — conducts investigations, co-ordinates national and international activities, analyses current cybercrime phenomena, and describes the current situation.

“In the fight against cybercrime, the BKA has the role of a central agency for the German police. Its unit for the operational analysis of cybercrime is the central agency for the analysis of data contributed by the various police offices to the criminal police reporting service.

“This unit furthermore handles the international exchange of information with Interpol and Europol or at a bilateral level. Based on the results of its analyses, the unit may initiate investigations, or merge several investigations into one.

“The BKA closely co-operates with the police authorities of the German federal states and of course also with police services abroad. A 24/7 service is on standby 365 days a year to handle any urgent requests from within Germany and from abroad that require immediate action.”

What Voss-De Haan emphasizes is that Germany is quite hands-on with its cybercrime investigations — which is why it is considered to be one of the most effective among its neighbors.

Of course, the Western European country does have the “most developed criminal underground in the European Union,” which justifies its focus.

Cybercrime is not just about technological warfare

According to the German cybercrime chief, the needs of police for cybercrime research follow the rather dynamic development of cybercrime, the methods of criminals, and the technology they employ.

Therefore, the unit concerns itself with monitoring relevant developments in order to understand emerging trends in cybercrime and the subsequent needs of police as quickly as possible.

“Together with the operational units of police organizations, we can then identify specific areas in which we invest our available resources.

“It is crucial to find a balance between the need for high-quality research that requires time to satisfy scientific standards and provide reliable results on one side and the need for fast responses that will quickly support investigation and analysis on the other side.”

An interesting fact that Voss-De Haan reveals about his unit is that it not only monitors technological issues but also closely evaluates social, economic, cultural and even psychological aspects when it comes to cybercrime research.

Further, from police investigations, it is clear that cybercriminals are becoming more and more professional by reacting flexibly to current technical framework conditions.

“Today, cybercriminals no longer confine themselves to committing offenses in the digital space but also use malware to facilitate the commission of crimes, or even entire technical infrastructures, through the underground economy on the internet.”

Due to their easy handling, these tools also make it possible for perpetrators without specialized and sound IT knowledge to commit offenses via the internet.

Consequently, more and more perpetrators without specific expertise are enabled to acquire the know-how required to commit such offenses by purchasing the relevant tools.

“The spectrum of potential perpetrators is broadening accordingly. For this reason, the quantity and quality of cyberattacks are generally expected to increase,” said Voss-De Haan.

Simple cybersecurity advice for businesses from the BKA

“Prevention is the key to protect businesses from cybercrime.”

According to the German cybercrime researcher, private individuals and business users must be as cautious when transaction online as they are offline, in spite of all the technical security safeguards.

Doing so will allow them to “minimize risks and to be able to fully utilize the numerous opportunities offered by information technology and the internet”.

In Germany, the close co-operation between security authorities and the business community is a core element of the country’s successful fight against cybercrime, explained Voss-De Haan.

“Therefore, the BKA is – together with the German Federal Office for Information Security (BSI) – a cooperative partner of the German Competence Centre against Cyber Crime (G4C), which offers an interdisciplinary exchange between specialist companies, organizations, and institutions concerned with cybercrime.”

Voss-De Haan explains that a holistic approach to prevention and suppression of cybercrime in a national (e.g. Joint Cyber Defense Centre) and international context (e.g. Europol, Interpol) is indispensable because the vast majority of cybercrime cases fall within the scope of transnational crime.

“It is vital that researchers cooperate both with police practitioners as well as external experts from academia and industry”, especially for businesses looking to protect their networks against threats in cyberspace for the foreseeable future, with the support of the BKA and other agencies.

---

---

---

---