The European Commission has announced its plans to create a European Cybercrime Centre in a bid to tackle rising levels of online crime across Europe. The announcement on Wednesday, March 28th, by the Commission could not have come at a better time and shows a serious intent to fight back against the torrent of cybercrime that has affected organisations in Europe and around the world over the past year.
The €3m agency, which is expected to open in 2013, will also be responsible for training national experts on cyber-crime and form part of the EU police agency Europol. The EU executive sees the cybercrime centre as the focal point in co-ordinating national cyber authorities established by member states, and pooling information gathered by national and European police IT networks, in an attempt to map organised crime online, especially online fraud schemes.
The cybercrime centre, which the Commission first mooted in its 2010 Internal Security Strategy, is the latest EU move to combat cybercrime. We see thousands of new forms of malicious software code being launched against companies and other organisations every month. The fact that Microsoft has this week completed a successful assault on some of this cyber-criminal malware, acting in concert with financial authorities, shows how seriously everyone should take this universal threat.
Microsoft has also identified more than 13 million suspected infections of the Zeus malware worldwide, which indicates the extent of the cybercrime problem. Co-ordinated efforts, led by units such as the EU Cybercrime Centre can not only help to map the extent of online criminal activity but also advocate more robust IT defences.
MEPs and member states are finalising a directive on attacks against computer networks, which is set to criminalise the sale, production and use of ‘botnets’ – networks of infected computers that can be remotely controlled to launch large-scale coordinated cyber-attacks.
These are part of the strategy against cybercrime but unless companies and organisations adopt more effective network security policies, this will be a losing battle. Both the UK and US governments advocate the adoption of Trusted Computing open-industry standards. Trusted Computing starts by securing the device that will connect to an IT network.
“If the device is secure and trusted, everything follows from there. Enterprises and public sector bodies can, with relative ease, roll out a programme that ensures every device is protected by the Trusted Platform Module or TPM, that the data is secured by use of Self Encrypting Drives – SEDs – and that smartphones and tablets are safe, by using the Mobile Trusted Module.
“The cost of adopting proven, trusted, open industry standards is much less than generally believed and through the lifetime of every device, proves cheaper than other options. The Trusted Computing standards also provide a fluid path to future security needs.”