Home / Our news and views / Horizon 2020 programme throws cash at cybersecurity-related security projects, hoping something will stick to the Dark Web

Horizon 2020 programme throws cash at cybersecurity-related security projects, hoping something will stick to the Dark Web

By PATRICK STEPHENSON, with BROOKS TIGNER

BRUSSELS – Among the measures included in European Commission’s cybersecurity package, adopted on 13 September 2017, is the goal of transforming the European Union Agency for Information Security (ENISA) into a new cybersecurity agency.

The Commission is also pushing researchers to study new ways to tackle Europe’s burgeoning cybercrime threats. The need is great, to say the least. According to the EU, ransomware attacks increased by 300 per cent between 2015 and 2017, and may increase four-fold again by 2019.

One of the workshops during the 6 December meeting of the Commission’s “Community of Users” (CoU) of security research stakeholders (see related article in this issue) focused on cybercrime, several related research projects and the eye-raising statistics that confront authorities in their efforts to combat it.

As Michele Socco of the Commission’s home affairs directorate-generale (DG HOME) told the workshop, “65 percent of digital evidence is located abroad [but] 85 percent of police authorities have problems accessing or manipulating digital evidence.” Her hope was that security researchers could find ways to better find, manipulate, and share digital evidence across borders.

Nada Milisavljevic, her DG HOME colleague, provided more specifics.

“The criminal digital world is underpinned by adopting cybercrime as a service model. [Criminals] adopt new technologies quite easily, and are quite skilled. The ‘dark net’ markets are growing. One day one is closed, but the next day a new one replaces it,” said Milisavljevic, referring to the internet’s hidden layer of illicit encrypted transactions.

One vital but difficult police task is tracking the funds that criminal networks move around online. “We follow the money, but when it comes to crypto-currencies [such as Bitcoin], it’s becoming more difficult,” she said.

Several EU-funded security projects gave CoU participants a short overview of their work to improve cybersecurity, deter cybercrime or block terrorist propaganda. The TENSOR project, for example, seeks to create a platform giving law enforcement agencies fast and reliable planning and prevention tools to detect terrorist activities, radicalisation and recruitment before attacks take place. Another, called PROTON, uses semantic analysis of online terrorist content to create psychological profiles of suspected extremists which are then shared among police forces.

On the subject of crypto-currencies, Ross King of the Austrian Institute of Technology gave the conference some sobering information. Noting that his organisation currently tracks 1,320 currencies online, he said the biggest – Bitcoin –has a current market capitalisation of US 163 billion, up 10 times since the beginning of the year. “That’s a bubble,” King said. “It’s all speculation.”

As individually created variations of Bitcoin, most crypto-currencies have no real economic value, he explained. But the 10-biggest, including Bitcoin Gold, have sizeable market capitalisations. He estimated crypto-currency users to number around 30 million.

SECURITY EUROPE asked King how much of a role organised crime plays in the creation of crypto-currencies. “That’s one of the things we need to find out. That’s work to do. We just don’t know,” he said.

King’s project, “Tools for the Investigation of Transactions in Underground” Markets (TITANIUM), aims to block the criminal use of dark web virtual currencies. Still a work in progress, the project is working on reproducible methods for identifying, quantifying, and comparing payments of ransomware “families”, or groups of malicious and related code.

Of all the projects, TITANIUM has perhaps generated the most media interest, with stories about it appearing in Bitcoin Magazine and on the news site for the Nasdaq trading market. It even has its own paranoid Reddit thread, with a commentator describing the project as the “ruling class grabbing more power”.

     THE UPSHOT: Many cybercrime projects seemed broadly similar. They present ‘platforms’ that investigators, usually police, can use to aggregate and then interpret information from many different sources.
     So far, so good, but…no one is really close to figuring out what to do about crypto-currencies, a great boon for organised crime. And as we’ve noted in these pages before, no matter how sophisticated the tools that emerge from these EU-funded projects, if Europe’s law enforcement agencies don’t have enough personnel skilled enough to use them effectively, it will be a wasted effort.

     ps@securityeurope.info
     bt@securityeurope.info

Check Also

The EP pushes for international ban on the use of killer robots

By BROOKS TIGNER, with KYLE ATTAR
BRUSSELS – Members of the European Parliament (MEPs) are demanding a ban on weapons that have no “meaningful human control”.The resolution, passed overwhelmingly on 12 September by a majority of the MEPs (566)  is non-binding, however, on the 28 member states but is supported by Federica Mogherini, the EU’s policy chief for security and defence policy. She has already begun an international dialogue to try and bring the world into consensus as to the direction of autonomous warfare. The resolution notes that lethal autonomous weapons (LAWs) are machines without the ability or capacity to make human decisions and, as such, remote operators must take responsibility for life or death decisions. Much like drones, these weapons bring up strong ethical and moral dilemma regarding...