On 1 December 2016, Europol's European Cybercrime Centre (EC3) hosted a Mock Retail Cyber Hack exercise in cooperation with MasterCard, intended to simulate a cyber-attack on European merchants. Held at Europol’s headquarters in The Hague, the event focused on providing first-hand experience to merchant customers and their acquirers in order to understand the steps to follow in case of a cyber-attack and to raise awareness of the issue.
The initiative brought together representatives from law enforcement, the retail industry, banking sector, forensic investigation field, Dutch Electronic Crimes Task Force (ECTF) and Dutch Computer Emergency Response Team (CERT).
Through this training, participants learned what their particular role is and who can provide assistance and advice in case a cyber hack occurs. In addition, the simulation revealed how to deal with threats such as infiltration to the payment system or denial of service (DoS) attacks.
Throughout the day, participants benefited from tailored briefings from industry and law enforcement experts concerned with mitigating, investigating and assisting in the event of a cyber hack.
Since cybercriminals are increasingly targeting European merchants, thus triggering significant financial losses to the industry, Europol’s EC3 considers collaborations such as this an efficient approach to promote best practices in dealing with cyber-attacks, as well as familiarising the affected parties with all the actors involved at each step of the investigation.
The Mock Retail Cyber Hack also aims at creating a network of trusted contacts to facilitate information exchange regarding rising cyber threats and, in this way, share ideas to reinforce the cyber security and eliminate these threats in the bud. The simulation seeks to iron out the inconsistencies in order to ensure that the e-commerce environment becomes more secure, thus discouraging criminals to commit cyber hacks with a view to preventing financial loses.
Concerning this initiative, the Head of EC3, Steven Wilson, highlighted: “Organizing this event together with MasterCard reiterates the importance of the cooperation between public and private entities in ensuring a safe environment for European Merchants. Moreover, it allows each actor to fully understand their role in a potential Common Point of Compromise cyber hack. It provides a plan and the necessary know-how for merchants to be able to immediately remediate any such hack in real life and protect the financial data of as many of their customers as possible. We look forward to having similar events in the future, on an even grander scale.”
In turn, the Chief Security Officer at MasterCard, Ron Green, pointed out: "Security is the No. 1 priority for MasterCard and we want to ensure that together with the rest of the industry we are staying many steps ahead of criminals. Mock Retail Cyber Hack is one way to ensure that by being better prepared to deal with all aspects of potential cybersecurity issues, merchants, and acquirers can quickly and smartly react by knowing what to do, when to do it and whom to involve in the aftermath of an attack. Quick action can also help ensure that the law enforcement community can do their part in fighting cybercrime.”