Collaboration between law enforcement, private web security firms and academic researchers “is the only way to go” in the fight against cyber criminals and hackers, Paul Gillen, head of operations for Europol’s European Cybercrime Centre (EC3), has told Computing.
Gillen made the comments at a McAfee event in central London, which saw the launch of a new report into cyber crime. Titled ‘Net Losses: Estimating the Global Cost of Cybercrime‘ and produced by the Centre for Strategic and International Studies in collaboration with McAcfee, the report suggests there are 20 to 30 major cyber crime gangs with the potential to launch international attacks.
One of those gangs, behind cyber-criminal ventures including the GameOverZeus botnet and the Cryptolocker ransomware, was recently taken down by Operation Tovar, a mission that combined the resources of the FBI, the UK’s National Crime Agency and EC3, along with security firms and academic researchers.
For Gillen, the success of the operation – which involved a pool of law enforcement officers from around the globe – demonstrates the importance of international collaboration between the public and private sectors in the fight against organised cyber crime.
“We had a huge amount of officers all sitting in the one room. They were being supported by private industry organisations doing tasks from behind the scenes and some researchers with previous experience of exposing this phenomenon,” he told Computing.
“Then we had the law enforcement officers who had a much larger role to play in the investigation, and each law enforcement agency did what it was they were able to do within their borders in order to effectively contribute to the overall disruption of this particular botnet.”
Gillen said Operation Tovar was one of the most inspiring programmes he’s been involved with during his three decades in policing.
“And to be perfectly honest with you, it was an inspiration to see,” he said. “I’ve got 31 years in the police and 18 years dealing with cyber crime and it was an inspiration to sit in a room with cops from quite literally all over the world, where they were working together on one operation to disrupt one organised crime gang that was causing havoc all around the world.”
The success of the programme, argued Gillen, demonstrates the public-private partnership is the “one true way to go” in the fight against cyber crime.
“This is the way to go, this is what we’re going to have to do from now on. We’re going to have to perfect this model and perfect it to maintain operational secrecy,” he said.
“So maintaining operational secrecy along with working with our private partners and academics, if we can perfect that model, this is the model that’s the only way that’s going to give us any chance of disrupting the activities of organised crime groups in the European Union and beyond.”
Gillen explained that cyber criminals aren’t constricted by national borders and therefore it’s essential for the police and security firms to share information with investigators in different countries to their own.
“Everybody has a piece of the information, so some law enforcement agencies have victims in their country, some have infrastructure like command and control servers, C2 proxies bots, hosting services, drop sites in their country, but they do not necessarily know they have them,” he said.
“And then the private companies have access to a lot of information they don’t really know the relevance of. Then the academic researchers are carrying out research into technology, the value of which is not always immediately apparent,” Gillen continued, liking the situation to putting the best ingredients together into one mixing pot.
“You put all of that into a stew then stir her around it can be quite tasty and it’s inspiring. I’ve found it inspiring, it’s given us, the cops on the ground, an inspiration to carry on, to realise we’re working together across borders in a seamless way is the only way we’re going to be able to do that,” he said, before going on to praise the contribution of the UK authorities.
“The UK has really stepped up to the mark, the National Crime Agency and the National Server Crime Unit have stepped up to the mark in these situations. They’ve shown some great leadership, a great willingness to work with other people, they’ve utilised the European Union infrastructure to really make an impact on key operations,” said Gillen.
“And we have some operations in the pipeline and we’re really excited about the possibility of the impact we’re going to make on cyber criminals,” he added.