Cybercrime fighters to target kingpins, says top EU cyber cop

International cybercrime fighters are to focus on the relatively small number of top malware producers, says Europe's top cyber cop

International cyber crime fighters are to focus on the small number of top malware producers, says the head of Europol’s European Cybercrime Centre (EC3).

There are only around 100 kingpins who develop malware for all kinds of cyber criminals around the world, Troels Oerting told the BCC.

"We roughly know who they are. If we can take them out of the equation then the rest will fall down," he said.

This revelation follows an EC3 report in September 2014 that found the cyber crime support industry is becoming increasingly commercialised.

Specialists in the virtual underground economy are developing products and services for use by other cyber criminals, the Internet Organised Crime Threat Assessment (IOCTA) report said.

The report’s authors believe this crime-as-a-service business model drives innovation and sophistication, and provides access to a wide range of services that facilitate almost any type of cyber crime.

As a result, the barriers to entry for cyber crime are being lowered to allow those lacking technical expertise - including traditional organised crime groups - to conduct cyber crime.

According to Oerting, this relatively small group of Russian-speaking programmers is responsible for the malware used in most cyber attacks.

The malware they produce is downloaded by cyber criminals in Europe, North America, Africa and elsewhere.

The commercialisation of malware is making it easier to become a cyber criminal, said Oerting.

“You don't have to be a cyber expert because you just download the programs that you want to use,” he said.

More on fighting cyber crime

For this reason international cyber crime fighters are aiming to tackle the source of the malware in an effort to reduce global cyber crime.

But, while there is good level of co-operation between EU member states and with the US, Oerting said relationships with Russian law enforcers have not always been good.

However, he said this was improving and that he expects several arrests following a recent visit to Moscow to discuss four big cyber crime cases.

Earlier this year, the National Cyber Crime Unit (NCCU) of the UK’s National Crime Agency (NCA) told Computer Weekly that it regards malware development and deployment as one of the greatest threats.

The NCCU, which works closely with EC3, is tackling malware development as a top priority in its proactive strategy, said Andy Archibald, deputy director of the NCCU.

While international collaboration is important in tackling cyber crime, the NCCU is also looking to deepen collaboration with UK business.

Archibald said a deeper relationship with private sector businesses is crucial, not only to identify crimes and patterns of criminal activity, but also to tap into specialist skills.

“We need to go to organisations in the private sector and ask to work with people with the skills we need in some of our investigations.

“Industry can bring things to the table that we may not be aware of, and we will work with the private sector within the law if the solution to an operation is something the private sector can take the lead on,” he said.

Archibald said the NCCU is working on making it easier for business to report cyber crime and share intelligence about cyber attacks.

In the meantime, he said the best point of contact for business is the government‘s cyber security information sharing partnership (CISP), now under the auspices of the national computer emergency response team, CERT-UK.

Read more on Hackers and cybercrime prevention