DELIVERABLES
WORK PACKAGE 2
Scoping cybercriminality and technical capabilities
In this report, (i) we identify and analyse the technical and human drivers of cybercriminality and (ii) we review techniques and tactics of cybercriminals and cybercrime-as-a-service. On the technical side, we investigate the developments that facilitate criminality, the availability of hacking tools online, cryptocurrencies, and the widespread use of anonymity and the Dark Web. On the human side, the focus is on drivers that enable and/or allow humans to act differently online. In particular, human behaviour may be influenced by such factors as anonymity, disinhibition, minimisation of status and authority, along with normalisation and socialisation in technology-mediated environments. With respect to the techniques and tactics of cybercriminals, we review tools, vulnerabilities and emerging attacks. We pay special attention to cybercrime-as-a-service and its technical and illegal business aspects, including a study of the evolution of websites that support cybercriminal services over time. We explore the connections between cybercrime and crime in the physical world, including hybrid forms of crime as well as traditional crime enabled by cyber activities (such as advanced cyber intelligence used for criminal purposes).
In this report, we present a landscape study of Cybercrime-as-a-Service. We focus on the range of activities, the providers, the prices, and their business model. Activities of Cybercrime as a Service include: (i) Cryptocurrency laundering and tumbling, (ii) Bulletproof hosting, (iii) Tutorials, training and consulting, (iv) Hacking as a Service, (v) Coding/Programming as a Service, (vi) Crypting obfuscation, (vi) Distributed denial of service (DDoS) attacks/Reflection attacks (DRDoS), (vii) SMS flooding and spamming, (viii) Escrow/Garant/Treuhand, (ix) Email spamming and phishing, (x) Crimeware Ransomware as a Service, (xi) Serial keys pirated software, (xii) Social boosters friends and “likes” for purchase, (xiii) Web traffic visitors, (xiv) Cyb ercriminal business, marketing and messaging.
WORK PACKAGE 5
A cybercrime policy toolkit
This report presents a review and gap analysis of cybersecurity legislation and cybercriminality policies in eight European countries. Findings are reported from desktop research, questionnaires and workshops, involving contributions from eight partners in the CC-DRIVER consortium from a diverse set of backgrounds including industry, research and law enforcement. The aim of these activities was to conduct a non-exhaustive but broad review and analysis of five elements forming an analytical framework for a gap assessment of existing legislations and policies, and to provide recommendations for improvement.
WORK PACKAGE 7
Dissemination, exploitation, and communications
This report presents a review and gap analysis of cybersecurity legislation and cybercriminality policies in eight European countries. Findings are reported from desktop research, questionnaires and workshops, involving contributions from eight partners in the CC-DRIVER consortium from a diverse set of backgrounds including industry, research and law enforcement. The aim of these activities was to conduct a non-exhaustive but broad review and analysis of five elements forming an analytical framework for a gap assessment of existing legislations and policies, and to provide recommendations for improvement.
The CC-DRIVER LEA Working Group is a discussion group of Law Enforcement Agencies that aims for
an exchange of experiences and best practices with a specific focus on cybercrime. The se meetings
are a safe space to discuss human, social and societal aspects of security problems and their remedies.
The LEA Working Groups are one hour long conference calls organised by Valencia Local Police on a
quarterly basis, being open to any LEA external to CC DRIVER.
If you are a LEA and would like to participate, please contact Valencia Local Police.
DELIVERABLES APPROVED BY EC
WORK PACKAGE 2
Scoping cybercriminality and technical capabilities
Deliverables submitted:
Subject to EC approval
This document details the functionalities of the vulnerability Self-Assessment Questionnaire (SAQ) application. SAQ will allow the design of questionnaires using the graphical interface. SAQ application is independent of the questionnaires created, so users of the application can use it to create various questionnaires to test their security readiness in various security topics.
This report presents the findings from 34 interviews conducted with civil society organisation representatives and other stakeholders about their views on cybercriminality in Europe. In addition, the study enquires about difficulties linked to the implementation and use of EU research projects results.
