Abstract:
Over the past two years, European Union (EU) Member States (MS) have been confronted with a significant proliferation of police ransomware cases. Experts from both law enforcement and the private sector agree that prevention and raising awareness can only work in conjunction with investigations targeting the criminals behind the fraud. Furthermore, even if police ransomware in its current form might naturally fade out in the future, it is likely that an evolution of this modus operandi driven by the same or different perpetrators will take place. That is why it is important that measures against police ransomware and similar modi operandi are implemented in a coordinated, complementary and comprehensive manner.
This assessment is the result of a common initiative of the European Cybercrime Centre (EC3) and the Dutch National High Tech Crime Unit (NHTCU). Its aim is to increase awareness of ransomware by providing an EU perspective on the problem and to identify opportunities for intervention and coordination. The assessment encourages better coordination and cooperation between MS law enforcement agencies from the early stages of cybercrime investigations and acknowledges once more the importance of partnering with private industry.
This threat assessment relies on open source information, research papers on ransomware and semi-structured interviews with cybercrime investigators.