Updates

Cybercrime

2019

The Council of the European Union adopted the EU Law Enforcement Emergency Response Protocol that gives a central role to Europol’s European Cybercrime Centre (EC3) to support EU law enforcement authorities in providing response to cross-border cyber incidents of a suspected criminal nature. The Protocol determines the procedures, roles and responsibilities of the key agencies and players; it promotes rapid assessment of cyber threats, secure and timely sharing of critical informations through special communication channels and points of contact, as well as coordination of cross-border investigations. It is aimed to complement the EU's crisis management processes by streamlining transnational cooperation and enabling collaboration with network security community and partners from private sector.

 

Singapore is another country which announced investment in experts to deal with issues connected to cyberdefence such as cyber incident responses, network monitoring and vulnerability assessment. It opened a school to arm future recruits with the necessary skill sets.

The Australian Parliament has adopted the Telecommunications and Other Legislation Amendment (Miscellaneous Amendments) Bill 2019. The Bill replaced the definitions of systemic weaknesses and vulnerabilities, which are now defined only as affecting ‘a whole class of technology’, and don’t include those ‘selectively introduced to one or more target technologies that are connected with a particular person’, thereby possibly creating space for those selectively introduced to be exploited by the law enforcement agencies. In addition, the new section (317ZG) introduces certain limitations to law enforcement measures, by specifying that technical assistance requests and notices, and technical capability notices, cannot have the effect of creating new decryption capabilities or weakening existing authentication or encryption mechanisms, or create a risk that otherwise secure information be compromised by unauthorised third parties.

Bank of Valletta (BOV) has suspended all its operations, including ATM machines, point-of-sale systems, online banking, website, and communications systems, after unknown hackers broke into its network and transferred 13 million euro to accounts in the US, the UK, the Czech Republic, and Hong Kong. According to Times of Malta, BoV has confirmed that customer accounts, funds, and data, were not compromised, because hackers breached the payment processing system from BOV’s account, not customers’. Contrary to the initial belief expressed by the Maltese Prime Minister that stolen funds would be retrieved, BOV officials expressed concerns that this may not be possible. Several local businesses that rely on BOV were affected, not being able to process related payments. BOV accounts for about half of Maltese banking transactions.

E-mail provider VFEmail suffered a hack aimed at destroying user data, almost losing 18 years’ worth of customer e-mail. On 11 February,  VFEmail tweeted that all externally facing systems in multiple data centers were down. Later, the company revealed that an attacker formatted all disks on every server and that every VM, file server and backup server were lost. On 17 February the company unearthed an older backup server which was last backed up in August 2016. The next day, all mailboxes prior to August 2016 became available at nl101.vfemail.net port 1144. The company tweeted it will not shut down and that it hopes it can recover user data between June 2016 and February 2019. They also clarified that the US data center has been vacated and that the company will run entirely from the data center in Netherlands.

EU’s Horizontal Working Party on Cyber Issues is developing a sanctions regime to deter and respond to cyber-attacks, which builds on the EU Cyber Diplomacy Toolbox. An internal memo ‘Cyber Diplomacy Toolbox – Options for a restrictive measures framework to respond to or deter cyber activities that threaten the security or foreign policy interests of the Union or its Member States’ outlined a regime to sanction foreign hacker groups, involved in data breaches, intellectual property theft and stealing of classified information, attacks on IT and critical infrastructure, as well as election hacks, Bloomberg reports. Sanctions, which include asset freezes and travel bans, can be put in place regardless of the attack succeeding or not, if the victim is an EU country or an EU partner. Measures will, however, have to be accompanied by criminal evidences, defensible at the European Court of Justice, thus allowing prosecuted parties to appeal the decision. In addition, when imposing sanctions, unanimity will be required among EU member states. According to Politico, the plan will be forwarded to foreign affairs attachés, and the regime is expected to be in place before the elections for the European Parliament in May, in order to avoid possible interference with the elections.

Pages

 

The GIP Digital Watch observatory is provided by

 

 

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top