In recent conferences Europol has been teaming up with other organisations to ensure a joint law enforcement approach with Interpol to the darkweb and ransomware especially, and with ENISA to the challenge of the internet of things.
This month's joint Europol-ENISA conference, its first on the Internet of Things, gathered 250 industry practitioners from the private sector, security community, law enforcement, the European Computer Security Incident Response Teams (CSIRT) community and academia. A specific focus was on the role of law enforcement in responding to criminal abuse of the IoT.
The conference noted how the risk of criminals ‘weaponising' insecure IoT devices was already identified in the 2014 and 2015 editions of Europol's Internet Organised Crime Threat Assessments and in ENISA's 2016 Threat Landscape Report, becoming a reality with the Mirai botnet. So it is assumed that cyber-criminals will develop new variants and enlarge the variety of IoT devices affected by this type of malware.
In a press statement, Europol says the main conclusions of the conference are:
- The need for more cooperation and multi-stakeholder engagement to address interoperability, as well as security and safety issues especially in light of emerging developments like industry 4.0, autonomous vehicles, and the advent of 5G.
- As securing the end device is often technically difficult and expensive to achieve, the focus should therefore be on securing the architecture and underlying infrastructure, creating trust and security across different networks and domains.
- There is a need to create stronger incentives to address the security issues related to the IoT. This requires achieving an optimal balance between opportunity and risk in a market where high scalability and short time-to-market dominate, positioning security as a distinctive commercial advantage and putting it at the heart of the design and development process.
- To effectively and efficiently investigate the criminal abuse of the IoT, deterrence is another dimension that needs strong cooperation between law enforcement, the CSIRT community, the security community as well as the judiciary.
- This creates an urgent need for law enforcement to develop the technical skills and expertise to fight IoT-related cybercrime successfully.
- These efforts need to be complemented by raising end users' awareness of the security risks of IoT devices.
- Leveraging existing initiatives and frameworks, a multi-pronged approach combining and complementing actions at legislation, regulation and policy, standardisation, certification/labelling and technical level is required to secure the IoT ecosystem.
- One of the key observations of the conference is the importance of baseline good practices in addressing these IoT security challenges. In the coming months ENISA will publish its "Baseline Security Recommendations for IoT" report, bridging the gap in the area.
Europol's executive director Rob Wainwright issued a statement saying: "Cyber-criminals are quick to adapt to and exploit new technologies. They come up with new ways to victimise and affect people's lives and invade their privacy, either by collecting or manipulating personal data or by virtually breaking into smart homes. The Internet of Things is not only here to stay but expected to significantly expand as more and more households, cities and industries become connected. Insecure IoT devices are increasingly becoming tools for conducting cyber-criminality. We need to act now and work together to solve the security challenges that come with the IoT and to ensure the full potential."
ENISA's executive director Professor Dr Udo Helmbrecht also commented: "The IoT revolution is beginning to transform our personal lives and the infrastructures that we use on a regular basis such as smart homes, smart energy and smart health. Manufacturers and operators of these devices need to ensure that security by design has been incorporated into their selection and their deployment. ENISA is pleased to be working closely with Europol to inform key stakeholders of the important role that the IoT is taking on and the need to be aware of the cyber-security and criminal aspects associated with deploying and using these devices".
At last month's Europol-Interpol Cyber-crime Conference in The Hague, Netherlands, a coordinated law enforcement approach to addressing the threat from the Dark Web, was called for by Europol and Interpol in their joint closing statement.
The two organisations agreed that approaches to tackling the threat of cyber-crime should be identified in a more pro-active and efficient manner, and coordinated prevention and awareness initiatives should continue in order to increase baseline cyber-security and nurture the skills and expertise needed to ensure a safer cyber-space.
Silvino Schlickmann Junior, cyber-crime director at Interpol, said: "The current state of cyber-crime, reaching all the corners of the world and threatening to undermine the benefits brought by the new technologies, requires a global response. Interpol .... [provides] a global platform including not only communication tools but a wide range of services, from capacity building programmes, to cyber-threat intelligence support. The cooperation with Europol is one of our highest priorities to combat cyber-crime in the most effective way."
It was noted how the resurgence of ransomware has made it a leading threat for both public and private sector organisations, hence methods of tackling this pernicious attack vector were a focus of the event. It was reported that since its launch in July 2016 NoMoreRansom has had more than 1.4 million people visit its website which is now available in 28 languages and includes 52 free decryption tools www.nomoreransom.org which can be used to decrypt 84 ransomware families.
There are now 119 partners working on No More Ransom with recent additions including the German BKA, Polish and Slovakian Police. New private sector partners include Security Advisor S.A., Equipo Antiransom, ML IT Security Pte Ltd, Temasoft, CERT-PY and Australian Cybercrime Online Reporting Network (ACORN), bringing the total to 81 non-law enforcement partners.
Steven Wilson, head of Europol's EC3 noted how this year's event, with, more than 420 delegates, had the highest participation ever, both in terms of attendees and speakers.
A main theme was, “Actively united for a safer cyber space" emphasising the importance of law enforcement, private sector, academia, government and NGOs working together to fight cyber-crime.