The rape-to-order of children online, the hacking of customs to hide illegal drugs shipments, cloned cards stealing €45m in two hours — the new world of clever crime is outlined in the first report of the EU’s cybercrime centre.
Most of these crimes are beyond the reach of a traditional police force as there is no DNA or physical clues to the culprits, warned Troels Oerting, the head of EC3.
Tracking down such criminals requires “white hackers” and could cost countries such as Ireland, in which many internet companies are based, a disproportionate amount of money in future, he said.
“This should not be paid for by the Irish but by those who want the information,” said Mr Oerting, warning it was also a question of how much member states were prepared to pay. “I know of cases that have been stopped because the budget implication was too big.”
In its first year of operation co-operating with police forces around Europe, the Dutch-based EC3 said it had prevented and investigated a lot of cross-border cybercrime.
However, it had seen only the tip of the iceberg, Mr Oerting said. “I am especially worried about the increasingly complex forms of malware that are surfacing, along with more technologically advanced cybercrime and the so-called ‘sextortion’ of minors,” he said, referring to the practice of blackmailing someone with information or photographs on the web.
EC3 is helping in investigations of child sexual abuse, tracking perpetrators on the ‘dark net’ where they trade material on hidden forums.
An example of the horror of such crime is where a person can order a group of men to rape an 8-year-old girl, directing their actions in real time, all for about $100. Afterwards, there is no trace of the crime left on the computer, said Mr Oerting.
Criminals hack into shipping companies and customs, manipulating systems and making sure they put their shipments of illegal drugs safely out of sight. “It’s an example of good criminal use of the internet,” he said.
Much of this happens outside the EU but involving EU citizens — such as the case in which five people ordered pre-paid credit cards from an Arab bank through the Dominican Republic using an Indian service provider, cloned them to create 60 cards, reformatted them, and stole €45m in two hours.
National police forces may be big enough to tackle traditional crime, but with 4bn internet users, no country has enough defences against industrialised cybercrime, Mr Oerting warned.
The work cannot be done with police alone and EC3 is in the process of linking up with many bodies from software developers to banks and also now has a member of the FBI involved. “This has to be done in openness and transparency — we cannot do it in the hidden; we have learned that from Snowden,” Mr Oerting added.
© Irish Examiner Ltd. All rights reserved