foreword

I am pleased to present the key findings and recommendations from the 2017 Internet Organised Crime Threat Assessment (IOCTA), the fourth annual presentation of the cybercrime threat landscape by Europol’s European Cybercrime Centre (EC3).

The IOCTA provides a predominantly law enforcement focused assessment of the key developments, changes and emerging threats in the field of cybercrime over the last year. It relies on the invaluable contributions of the EU Member States, and our partners in private industry, the financial sector and academia, as well as the expert input of Europol staff.

This year’s report highlights how cybercrime continues to grow and evolve, taking new forms and directions, as demonstrated in some of the attacks of unprecedented scale of late 2016 and mid-2017. It further highlights the progressive convergence of cyber and serious and organised crime, supported by a professional underground service economy.

The report also describes some of the key challenges faced by law enforcement in terms of investigation and prosecution of cybercrime, highlighting many cross-cutting issues such as e-evidence challenges, and the need for adequate and harmonised legislation to address the specificities of cybercrime. The report goes on to list a number of key recommendations to address the phenomenon of cybercrime and identifies several priority topics to inform the definition of operational actions for EU law enforcement in the framework of the EU Policy Cycle. These include concrete actions under EC3’s three main mandated areas – child sexual exploitation online, cyber-dependent crime, and payment fraud, as well as cross-cutting crime enablers.

As in previous years, the 2017 IOCTA will inform the setting of priorities and help streamline resources within the EU and internationally to respond to cybercrime in an effective and concerted manner. Law enforcement continues to demonstrate that a coordinated, intelligence-led and adaptive approach by competent authorities, involving multiple sectors and partners can result in significant success in preventing cybercrime and mitigating its impact.