Each year, Europol’s European Cybercrime Centre (EC3) publishes the Internet Organised Crime Threat Assessment (IOCTA), its flagship strategic report on key findings and emerging threats and developments in cybercrime — threats that impact governments, businesses and citizens in the EU.
The IOCTA provides key recommendations to law enforcement, policy makers and regulators to allow them to respond to cybercrime in an effective and concerted manner.
The report focuses on the crime areas that fall under EC3’s mandate. These cybercrime priorities, which are determined by the EU Policy Cycle - EMPACT, are currently:
While there have been variations in how each IOCTA is put together, the basic structure is fairly constant. Each of the main chapters
describes the key findings on a particular cybercrime area in the reporting year;
identifies future trends and developments;
In addition, the IOCTA contains a brief summary of geographic threats and cybercrime activity throughout the five continents.
Each issue draws on contributions from:
experts at Europol
EU Member States
law enforcement authorities both within and outside the EU
partners in private industry, the financial sector and academia.
The IOCTA may also include word on operational successes in the year under review. Two examples will serve as illustrations. The first is the takedown of two of the largest Darknet markets, AlphaBay and Hansa. These criminal marketplaces had facilitated the trade of over 350 000 illicit commodities including drugs, firearms and cybercrime malware. With the support of Europol, the infrastructure of this underground criminal economy was shut down.
The second is the dismantling of the Avalanche network, a delivery platform used to launch and manage mass global malware attacks and money-mule recruiting campaigns. It caused an estimated EUR 6 million in damages in concentrated cyberattacks on online banking systems in Germany alone.