Europol set up the European Cybercrime Centre (EC3) in 2013 to strengthen the law enforcement response to cybercrime in the EU and thus to help protect European citizens, businesses and governments from online crime.
While it is difficult to provide reliable estimates, some industry reports suggest that the global cybercrime costs are in the hundreds of billions of Euros per year.
Cybercrime is actually a wide and varied problem. And the EC3 is a key part of Europol’s, and the EU’s, response. The EC3 takes a three-pronged approach to the fight against cybercrime: forensics, strategy and operations.
The EC3 has two forensics teams, digital forensics and document forensics, each of which focuses on operational support, and research and development.
There are two strategy teams:
outreach and support, which establishes partnerships and coordinates prevention and awareness measures;
strategy and development, which is responsible for:
the formulation of policy and legislative measures;
the development of standardised training.
At the level of operations, the EC3 focuses on cybercrimes that:
are committed by organised crime groups, particularly those generating large criminal profits, such as online fraud;
impact critical infrastructure and information systems in the EU, including cyber attacks.
These activities are also supported by the Cyber Intelligence Team (CIT), whose analysts collect and process cybercrime-related information from public, private and open sources and identify emerging threats and patterns.
Working alongside EC3 is the Joint Cybercrime Action Taskforce (J-CAT), which works on the most important international cybercrime cases that affect EU Member States and their citizens.
EC3 draws on Europol’s existing law-enforcement capacity—but it also expands significantly on other capabilities, in particular by offering operational and analytical support to Member States’ investigations.
For each of the three categories of cybercrime, EC3:
serves as the central hub for criminal information and intelligence;
supports operations and investigations by Member States by offering operational analysis, coordination and its considerable expertise;
provides a variety of strategic-analysis products that enable informed decision-making at the tactical and strategic levels on combating and preventing cybercrime;
establishes a comprehensive outreach function connecting law-enforcement authorities tackling cybercrime with the private sector, academia and other non-law enforcement partners;
supports training and capacity-building, in particular for the relevant authorities in Member States;
provides highly specialised technical and digital forensic support capabilities to investigations and operations;
represents the EU law-enforcement community in areas of common interest (research-and-development requirements, internet governance and policy development).