Horizon 2020 programme throws cash at cybersecurity-related security projects, hoping something will stick to the Dark Web

By PATRICK STEPHENSON, with BROOKS TIGNER

BRUSSELS – Among the measures included in European Commission’s cybersecurity package, adopted on 13 September 2017, is the goal of transforming the European Union Agency for Information Security (ENISA) into a new cybersecurity agency.

The Commission is also pushing researchers to study new ways to tackle Europe’s burgeoning cybercrime threats. The need is great, to say the least. According to the EU, ransomware attacks increased by 300 per cent between 2015 and 2017, and may increase four-fold again by 2019.

One of the workshops during the 6 December meeting of the Commission’s “Community of Users” (CoU) of security research stakeholders (see related article in this issue) focused on cybercrime, several related research projects and the eye-raising statistics that confront authorities in their efforts to combat it.

As Michele Socco of the Commission’s home affairs directorate-generale (DG HOME) told the workshop, “65 percent of digital evidence is located abroad [but] 85 percent of police authorities have problems accessing or manipulating digital evidence.” Her hope was that security researchers could find ways to better find, manipulate, and share digital evidence across borders.

Nada Milisavljevic, her DG HOME colleague, provided more specifics.

“The criminal digital world is underpinned by adopting cybercrime as a service model. [Criminals] adopt new technologies quite easily, and are quite skilled. The ‘dark net’ markets are growing. One day one is closed, but the next day a new one replaces it,” said Milisavljevic, referring to the internet’s hidden layer of illicit encrypted transactions.

One vital but difficult police task is tracking the funds that criminal networks move around online. “We follow the money, but when it comes to crypto-currencies [such as Bitcoin], it’s becoming more difficult,” she said.

Several EU-funded security projects gave CoU participants a short overview of their work to improve cybersecurity, deter cybercrime or block terrorist propaganda. The TENSOR project, for example, seeks to create a platform giving law enforcement agencies fast and reliable planning and prevention tools to detect terrorist activities, radicalisation and recruitment before attacks take place. Another, called PROTON, uses semantic analysis of online terrorist content to create psychological profiles of suspected extremists which are then shared among police forces.

On the subject of crypto-currencies, Ross King of the Austrian Institute of Technology gave the conference some sobering information. Noting that his organisation currently tracks 1,320 currencies online, he said the biggest – Bitcoin –has a current market capitalisation of US 163 billion, up 10 times since the beginning of the year. “That’s a bubble,” King said. “It’s all speculation.”

As individually created variations of Bitcoin, most crypto-currencies have no real economic value, he explained. But the 10-biggest, including Bitcoin Gold, have sizeable market capitalisations. He estimated crypto-currency users to number around 30 million.

SECURITY EUROPE asked King how much of a role organised crime plays in the creation of crypto-currencies. “That’s one of the things we need to find out. That’s work to do. We just don’t know,” he said.

King’s project, “Tools for the Investigation of Transactions in Underground” Markets (TITANIUM), aims to block the criminal use of dark web virtual currencies. Still a work in progress, the project is working on reproducible methods for identifying, quantifying, and comparing payments of ransomware “families”, or groups of malicious and related code.

Of all the projects, TITANIUM has perhaps generated the most media interest, with stories about it appearing in Bitcoin Magazine and on the news site for the Nasdaq trading market. It even has its own paranoid Reddit thread, with a commentator describing the project as the “ruling class grabbing more power”.