Chapter 3 - Crime Areas

3.8 Vulnerabilities of critical infrastructure - Law enforcement considerations

Threats against critical infrastructures are often investigated by agencies that may not be pooling data with law enforcement. While there are recommendations and guidelines for Member States on how to protect critical infrastructure [139], little has been developed about the role of cybercrime or with LE in mind. While LE may be involved in the post-incident investigation of attacks against critical infrastructure, they are typically not involved in the sharing of information or intelligence that could be relevant in mitigating or preventing such an attack. However, as LE may have a more complete overview of the cyber threat landscape and the tools and methods used by cyber criminals, they can play an important role in the protection of critical infrastructure, for instance through sharing best practices and raising (public) awareness [140]. In fact, LE involvement is seen as essential as a significant number of major cyber incidents in this area are caused by criminal activity [141].

Another reason for LE to engage in public-private partnerships is the fact that most of the critical infrastructure is owned by the private sector.