From 5 to 9 December 2016, Europol and law enforcement authorities from Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom and the United States carried out a coordinated action targeting users of Distributed Denial of Service (DDoS) cyber-attack tools, leading to 34 arrests and 101 suspects interviewed and cautioned.
Europol’s European Cybercrime Centre (EC3) supported the countries in their efforts to identify suspects in the EU and beyond, mainly young adults under the age of 20, by hosting operational meetings, collating intelligence and providing analytical support. The participating countries worked together in the framework of the EMPACT (European Multidisciplinary Platform against Criminal Threats) project targeting cyber-attacks that affect critical infrastructure and information systems in the EU. During the action week, different measures were taken depending on national legislation: suspects were interviewed, detained and arrested or fined, notifications were sent to parents and house searches were conducted, among others.
The individuals arrested are suspected of paying for stressers and booters services to maliciously deploy software to launch DDoS attacks, which flood websites and web servers with massive amount of data, leaving them inaccessible to users. The tools used are part of the criminal ‘DDoS for hire’ facilities for which hackers can pay and aim it at targets at their choosing.
Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3), commented: “Today’s generation is closer to technology than ever before, with the potential of exacerbating the threat of cybercrime. Many IT enthusiasts get involved in seemingly low-level fringe cybercrime activities from a young age, unaware of the consequences that such crimes carry. One of the key priorities of law enforcement should be to engage with these young people to prevent them from pursuing a criminal path, helping them understand how they can use their skills for a more constructive purpose. “
This successful operation marks the kick-off of a prevention campaign in all participating countries in order to raise awareness of the risk of young adults getting involved in cybercrime. Many do it for fun without realising the consequences of their actions – but the penalties can be severe and have a negative impact on their future prospects. The teenagers that become involved in cybercrime often have a skill set that could be put to a positive use. Skills in coding, gaming, computer programming, cyber security or anything IT-related are in high demand and there are many careers and opportunities available to anyone with an interest in these areas. A recent research produced with Europol’s EC3 support and released in October 2016 helps to understand the pathways that lead some young people into cybercrime. The report highlights the need to develop effective prevention and intervention strategies as well as the importance of promoting alternatives, positive (and legal) ways of channelling young talents toward careers in the tech and security sectors.