Each year, Europol’s European Cybercrime Centre (EC3) publishes the Internet Organised Crime Threat Assessment (IOCTA), its flagship strategic report on key findings and emerging threats and developments in cybercrime — threats that impact governments, businesses and citizens in the EU.
The IOCTA provides key recommendations to law enforcement, policy makers and regulators to allow them to respond to cybercrime in an effective and concerted manner.
The report focuses on the crime areas that fall under EC3’s mandate. These cybercrime priorities, which are determined by the EU Policy Cycle - EMPACT, are currently:
While there have been variations in how each IOCTA is put together, the basic structure is fairly constant. Each of the main chapters
describes the key findings on a particular cybercrime area in the reporting year;
identifies future trends and developments;
In addition, the IOCTA contains a brief summary of geographic threats and cybercrime activity throughout the five continents.
Each issue draws on contributions from:
experts at Europol
EU Member States
law enforcement authorities both within and outside the EU
partners in private industry, the financial sector and academia.
The IOCTA may also include word on operational successes in the year under review. Two examples will serve as illustrations.
The first is the takedown of one of the largest marketplaces for hiring DDoS services, webstresser.org. With 150 000 registered users, the site was the source of 4 million DDoS attacks. Operation Power OFF was led by the Dutch Police and the UK’s National Crime Agency, supported by Europol and a dozen law enforcement authorities from around the world.
The second is the increased cooperation between law enforcement. In 2019, law enforcement shut down two of the most prolific dark web marketplaces, Wall Street Market and Valhalla. At the time of its closure, Wall Street had over 1 150 000 users and 5 400 vendors.