Home / Blogs

EC3, the European Cybercrime Centre, Opened - Challenges All Around

Wout de Natris

On Friday 11 January 2013 the European Cybercrime Centre, EC3, officially opened its doors at Europol in The Hague. If something shone through from the speeches of the panel participants, it is that there are tight budget restraints and a strong wish to cooperate with the U.S., the Interpol centre in Singapore and Russia. Let me share my thoughts on expectations.

The official program

What I liked about the opening, was that it was modest. Nothing beyond this is who we are and this is what we try to achieve in the near future. And practical. On stage a Memorandum of Understanding on cooperation was signed with the US counterpart.

The following focal points were chosen by EC3 to start its work on fighting cybercrime:

  1. That (is) committed by organised groups to generate large criminal profits such as online fraud;
  2. That ... causes serious harm to the victim such as online child sexual exploitation;
  3. That ... affects critical infrastructure and information systems in the EU.

Next to that,

"the Centre will also facilitate research and development and ensure capacity building among law enforcement, judges and prosecutors and will produce threat assessments, including trend analyses, forecasts and early warnings."

In this EC3 has made clear choices on what it will pursue. Choices that are well defensible, as online child sexual exploitation is a major concern for society as a whole, that always has the interest of the public eye. While major fraud and online incidents involving critical infrastructure are destabilising for the economy and the (trust in the) Internet itself. Next to financially hurting those that were attacked, phished, hacked or misled.

Starting modest

To start "small" is not a disadvantage. Expectations, although they are high for EC3, are tempered somewhat. When the centre proves it merit with first successes in 2013, interest grows. People like to be associated with success, so a grow in budget may well become possible soon after.


From the sideline I see a few challenges for EC3. It needs the best data available in order to pursue its goals. What are the chances to engage with industry in order to receive data from multiple sources? Will EC3 be able to participate in some way in the botnet mitigation centres that have been and will be erected around Europe (and perhaps beyond) over the coming years? Will the relevant organisations in the Member States and beyond be willing to share relevant data with EC3? In what way are the new privacy rules of the EU a hindrance to successful cooperation? Concerns on this topic are regularly uttered, especially from the U.S. (a close partner, as we have seen!).

Will Member States allow EC3 some forms of cooperation or/and coordination between organisations from the Member States? This seems pivotal to me in order to tackle cross-border cases, which nearly all Internet crimes are.

Questions that are to be answered over the coming months and years, but will determine whether EC3 is able to really make a difference. Whether it will live up to its potential.


CERTs and EC3 are already working on a program run by ENISA to establish forms of cooperation. How about cooperation with other law enforcement agencies around the EU? Whether telecommunication, privacy, consumer, customs, anti-spam and malware, etc., all have complementary powers to the police. Having an overview of these powers could actually bring a broader spectrum of enforcement powers to the fore.

The police is there to arrest criminals, but this does not stop all perpetrations on the Internet. There is a world to win if the police world recognises other powers on hand and learns to exchange data with other entities if the police is not the first or perhaps not the best equipped party to act.

The EC3 could play this role in recognising other entities available to cooperate with, whether industry initiatives such as botnet centres and self-regulatory initiatives, national online threat or security centres and other law enforcement capabilities. From this a better overview of opportunities becomes available, capacity building is broadened and the overall exchange of meta data grows, enlarging the analysing and enforcement capabilities of all concerned.


The EC3 has opened and many challenges lay in front of it. It is a good thing the Centre has opened and an important step towards the much needed cross-border cooperation that is very much in demand to fight cybercrime in all its facets successfully. I wish EC3 the best of luck and many successes!

By Wout de Natris, Consultant international cooperation cyber crime + trainer spam enforcement. More blog posts from Wout de Natris can also be read here.

Related topics: Cyberattack, Cybercrime, Cybersecurity, DDoS, Malware, Spam


Don't miss a thing – get the Weekly Wrap delivered to your inbox.


To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

IP Addressing

Sponsored by Avenue4 LLC

DNS Security

Sponsored by Afilias


Sponsored by Verisign

Mobile Internet

Sponsored by Afilias Mobile & Web Services

Promoted Posts

Buying or Selling IPv4 Addresses?

ACCELR/8 is a transformative IPv4 market solution developed by industry veterans Marc Lindsey and Janine Goodman that enables organizations buying or selling blocks as small as /20s to keep pace with the evolving demands of the market by applying processes that have delivered value for many of the largest market participants. more»

Industry Updates – Sponsored Posts

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Leading Internet Associations Strengthen Cooperation

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

Government Guidance for Email Authentication Has Arrived in USA and UK

ValiMail Raises $12M for Its Email Authentication Service

Don't Gamble With Your DNS

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

New TLD? Make Sure It's Secure

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Facilitating a Trusted Web Space for Financial Service Professionals

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Is Your TLD Threat Mitigation Strategy up to Scratch?

i2Coalition to Host First Ever Smarter Internet Forum