Chapter 1 - Introduction

Video: Welcome to the iOCTA. Troels Oerting, Head of the European Cybercrime Centre (EC3)

The delivery of the Internet Organised Crime Threat Assessment (iOCTA) is one of the prioritised actions for 2014 agreed within the framework of the EMPACT policy cycle. EMPACT [1] is aimed at coordinating the efforts of Member States’ law enforcement authorities in combating organised crime affecting the EU. Cybercrime is one of the priorities identified for the period 2014-2017, sub-divided into three areas: cyber attacks, online child sexual exploitation and payment fraud.

The iOCTA was drafted by the European Cybercrime Centre (EC3) at Europol with strong support and input from Member States and cooperation partners.


The aim of the iOCTA is to inform decision-makers at strategic, policy and tactical levels to fight cybercrime more effectively and to better protect online society against cyber threats. In particular, this threat assessment is intended to inform priority setting for the EMPACT Operational Action Plan for 2015 in the three sub-areas of the cybercrime priority.

For this purpose the iOCTA provides a description and analysis of the latest trends and the current impact of cybercrime within the EU. It also includes a forward-looking assessment, presenting analyses of future risks and emerging threats and will provide recommendations and proposed lines of action with the aim of informing the strategic planning of EU law enforcement and policy makers.


The assessment focuses on the crime areas that fall under the mandate of Europol's EC3, i.e. those investigated by Focal Points Cyborg (Internet-enabled crime [2]), Twins (child sexual exploitation online) and Terminal (payment card fraud). It also addresses other areas of criminality where they directly impact or operate in parallel with the three Focal Points; areas such as money laundering and social engineering. Although many crimes are now Internet-facilitated [3] (such as intellectual property crime), these are not directly addressed outside the main parameters of the report.

The assessment examines a number of dual-use technologies - systems which are used legitimately by society but which are exploited by cybercriminals to enhance or proliferate their criminality. Where relevant, the assessment provides an overview of concepts such as the Internet of Everything and Big Data that have or are likely to have an impact on the crime areas covered in this report.

Each chapter begins by providing a description of the crime or threat area. The assessment then considers factors that facilitate or enable each crime and how they are exploited by criminals.

The report also assesses how the threat is likely to evolve in the future and highlights key developments likely to impact law enforcements’ ability to combat the threat. Lastly each chapter provides specific recommendations on steps law enforcement can take to effectively address the threat. Here a distinction is made between actions from an investigative/disruptive approach, from a prevention perspective, and actions aimed at strengthening protection against cybercrime .

Several issues and recommendations span multiple threats and crime areas; those are discussed at the end of the document as overarching topics.

Methodology and acknowledgements

The iOCTA was drafted by a team of strategic analysts within EC3 drawing on contributions from Member States, the EUCTF, the expert input of staff from Focal Points Cyborg, Terminal and Twins, as well as the Cyber Intelligence team, the Serious Organised Crime Strategic Analysis team and the Data Protection Office. This has been further enriched with input from the private sector, including EC3’s advisory groups, and academia. Combined with open source research and analysis, these contributions have been essential to the production of the assessment.

Europol would like to extend special thanks to the EC3 Academic Advisory Board for their contributions. They are Prof. Marco Gercke, Prof. Michael Levi and Prof. Alan Woodward. A special thanks is also due to Dir. Mary Aiken for her input on cyberpsychology.