Foreword

I am pleased to present the 2014 Internet Organised Crime Threat Assessment (iOCTA), the first of its kind prepared by the European Cybercrime Centre (EC3) at Europol.

This report is EC3’s flagship strategic product, the delivery of which is one of the prioritised actions for 2014 within the EU’s multi-annual policy cycle for serious organised crime. It informs decision makers at strategic, policy and tactical levels about on-going developments and emerging threats in the field of cybercrime affecting governments, businesses and citizens in the EU. Contributions by EU Member States and the expert input of Europol staff, combined with input from the private sector and academia, have been essential for the research and in-depth analysis leading to this report.

With more than 2.8 billion people using the Internet across the globe and over 10 billion Internet-facing devices in existence, the report highlights the increasing opportunities to commit crimes facilitated, enabled or amplified by the Internet. For many, being online is no longer the exception but the norm, often without the individual being aware. This provides a broader attack surface and multiple areas of peoples’ lives for criminals to exploit. Because of Europe’s high levels of Internet access and increasingly Internet-dependent economies, this poses a significant threat to the safety and prosperity of the EU in particular.

The 2014 iOCTA identifies the growing commercialisation of cybercrime as one of its principal trends. A service-based criminal business model drives innovation and provides access to a wide range of services facilitating cybercrime. As a consequence, traditional organised crime groups are now able to step into cybercrime by purchasing bespoke skills and tools to support their criminal business.

The transnational nature of cybercrime, combined with an increasing sophistication of attacks, the problem of attribution, the abuse of legitimate services, and inadequate legislation are among the other main challenges the report identifies for law enforcement.

Based on these findings, the 2014 iOCTA delivers a set of recommendations for law enforcement to successfully address cybercrime in a diverse and flexible manner.

As highlighted in the report, Europol’s EC3 can play an important role in supporting EU law enforcement in the fight against cybercrime, for instance through the exchange of relevant cybercrime intelligence and the support of multi-national operations. These recommendations call for enhanced collaborative action by Member States and other stakeholders to ensure a more effective and integrated response overall.

I am confident that the 2014 iOCTA, and Europol’s work in supporting the implementation of the proposed recommendations, will contribute to an effective international law enforcement response to cybercrime. I look forward to our continued engagement and cooperation with law enforcement agencies and other partners in the EU and beyond.

Rob Wainwright
Director of Europol