Cybercrime centre Chief: 'We will focus on criminal groups or networks who steal your money'

Troels Ørting is the head of the newly established European Cybercrime Centre (EC3) at Europol, the European law enforcement agency in The Hague. Ørting is a senior police chief from Denmark with more than 30 years’ experience in serious, organised international crime including cybercrime. As chief of the Danish equivalent of Serious Organised Crime Agency he also managed the Danish High Tech Crime Unit and developed the Danish early response to cybercrime. He spoke to EurActiv’s Jeremy Fleming.


Why is now the right time for the EU to have a cybercrime centre?


The rapid development of the internet, combined with the integration of more and more on-line services increases our presence in cyberspace. We exchange mails, photos, updates, operate social networks, pay our bill, visit our net-bank, interact with our society, buy our book, movies, commodity on the net. We interact on laptops, desktops and increasingly via tablets and smart phones and conduct most of our business in cyberspace. In the EU, 72% of the population is on-line and this number is increasing.


But like in the off-line world we see an increasing activity from bad persons - criminals, vandals and others – and we need to protect our citizens against this true borderless crime, which has no geographical link and borders and where the possibility to hide is much bigger than in the real world.


How is the process of physically setting up the office going to work?


We live in times of austerity. Getting more funding is not easy for any law enforcement agency – nationally or internationally. But Europol has managed to provide the new EC3 with 43 highly skilled experts already working in this field. We are building a new cyber lab and we have implemented a ‘cyber innovation room’ for supporting member states’ investigations.


We are rolling out a new secure outreach platform, on which we can exchange strategic information and best practices across the EU covering both the law enforcement environment as well as private and public partners. We will also make a ‘sandbox’ facility available for examination of malware and deploy experts with mobile offices for help on the spot.


Are there similar offices abroad with whom you can co-operate: if so where?


We cooperate already with the 27 EU member states and numerous other states with whom Europol has an operational agreement. We work closely with law enforcement colleagues in Norway, Iceland, Switzerland, Australia, Canada, Croatia, Columbia and other countries as well as the FBI, Secret Service and ICE from the US agencies. We interact with centres like National Cyber-Forensics and Training Alliance in Pittsburgh USA.


We have a direct line to all EU member states cyber units or units dealing with on-line sex abuse – and we have engaged in a rather comprehensive outreach programme linking us up to national CERTs and companies like Microsoft, Google, Symantec, Trend Micro, McAfee, VISA – Master Card, Pay-Pal and others and I am a board member in the International Cyber Security Protection Alliance.


ENISA's report this week indicates new threat areas and dangers caused by mobile/cloud etc., will part of your role be awareness raising of the dangers of cybercrime in Europe?


Yes, very much so. We will be looking very much into the development of new threats on the net and establish a ‘helicopter perspective’ team busy in detecting new trends, modus and threats. We also engage with the private industry and software/application developers as well as universities in order to assess the development of new services on the net, that will be misused by criminals sooner rather than later.


To this end we have established a strategic team busy with ‘horizontal scanning’ of the whole environment, and we also engage in ‘scenario based exercises’ with public, private and academic partners in order to be able to predict future developments.


One complex and highly sensitive subject is "Who are the perpetrators of cybercrime?", how do you propose to try answering this question better?


This question is quite tricky. Like in the physical world you will have all kind of perpetrators in the virtual world. You will see espionage, preparation for cyber war and cyber-attacks, terrorist activities, state sponsored activities and hacktivism and extremism. You will see criminals – either organised in loose or more tight networks and individual criminals. You will see ‘swarming’  - a new word for sharing of a criminal modus, where lots of criminals will do the same scam for a short time.


EC3 will – in the beginning – focus on creating overview (fusion centre) of the crime in the EU in cyberspace and try to identify the most active criminals. We will assist real operational cases in member states with expertise, analytical and forensic tools. We will create outreach to private and public partners as well as to EU agencies like the the European Network and Information Security Agency (ENISA), CEPOL [the European Police College] and Eurojust. We will try to use EU funding for research and development projects in this field and we will engage with the Internet Corporation for Assigned Names and Numbers (ICANN) and the regional internet agencies on internet governance.


In short: we will focus on criminal groups or networks who steal your money, your information or your identity and people who engage in online abuse of children.


How high will be the security surrounding your own offices?


Hopefully sufficient – but I realise that nothing is 100% secure in cyberspace and we have to be prepared for this!