Knowledge base  Security

View all AML - CDD - KYC Artificial Intelligence Basel Brexit ERM GDPR Governance - Behavioral Risk - Soft Controls Insurance MiFID Security 


Coordinated action cuts off access to VPN service used by ransomware groups

16 July 2021
Knowledge Base

Takedown of DoubleVPN makes it harder for criminal hackers to cover their tracks. This week, law enforcement and judicial authorities in Europe, the US and Canada have seized the web domains and server infrastructure of DoubleVPN. This is a virtual private network (VPN) service which provided a safe haven for cybercriminals to attack their victims. This coordinated takedown, led by the Dutch National Police (Politie), under jurisdiction of the National Public Prosecutor’s Office (Landelijk Parket), with international activity coordinated by Europol and Eurojust, has now ended the availability of this service.  Continue reading…

Judicial experts discuss latest trends in cybercrime and support to victims of malware

02 July 2021
Knowledge Base

Judicial experts and practitioners in the field of cybercrime will focus on new trends in their domain and how to tailor investigations, during the 10th Plenary Meeting of the European Judicial Cybercrime Network (EJCN), which takes place today and tomorrow. The EJCN Plenary, hosted by Eurojust in an online format, will also give special attention to supporting victims of cybercrime. One of the particular topics in this regard is the recent taking down of the Emotet malware bot in a major cross-border operation with support from Eurojust and Europol. Continue reading…

Commission proposes a Joint Cyber Unit to step up response to large-scale security incidents

23 June 2021
Knowledge Base

The Commission is today laying out a vision to build a new Joint Cyber Unit to tackle the rising number of serious cyber incidents impacting public services, as well as the life of businesses and citizens across the European Union. Advanced and coordinated responses in the field of cybersecurity have become increasingly necessary, as cyberattacks grow in number, scale and consequences, impacting heavily our security. All relevant actors in the EU need to be prepared to respond collectively and exchange relevant information on a ‘need to share’, rather than only ‘need to know’, basis. First announced by President Ursula von der Leyen in her political guidelines, the Joint Cyber Unit proposed today aims at bringing together resources and expertise available to the EU and its Member States to effectively prevent, deter and respond to mass cyber incidents and crises. Cybersecurity communities, including civilian, law enforcement, diplomatic and cyber defence communities, as well as private sector partners, too often operate separately. With the Joint Cyber Unit, they will have a virtual and physical platform of cooperation: relevant EU institutions, bodies and agencies together with the Member States will build progressively a European platform for solidarity and assistance to counter large-scale cyberattacks.
Continue reading…

ProctorExam is Security Verified by ICT Institute: Going beyond being GDPR compliant

14 June 2021
Knowledge Base

ProctorExam, European market leader in online proctoring, has been Security Verified by the ICT Institute, an independent IT audit firm. This achievement is a confirmation that ProctorExam goes beyond being just GDPR compliant. Guaranteeing data protection and security for both exam takers and organisations is a top priority. ProctorExam continuously investigates how to take the extra mile to meet that urgency. Security Verified is an open standard for information security similar to ISO 27001, with an emphasis on GDPR. Any company that handles valuable or personal data is obliged to take care of information security. Security Verified makes it easy for organisations to prove that they have taken such steps. It is a renowned and open standard for the information security of organisations, especially for innovative tech champions of today and tomorrow. The structure is similar to ISO 27001 and contains many of the control measures from ISO 27002. However, Security Verified integrated GDPR compliance even more, since these are the current legal requirements within the European Union. Continue reading…

European Green Deal: Commission aims for zero pollution in air, water and soil

20 May 2021
Knowledge Base

The European Commission recently adopted the EU Action Plan: “Towards Zero Pollution for Air, Water and Soil” – a key deliverable of the European Green Deal and the main topic of this year’s EU Green Week. It sets out an integrated vision for 2050: a world where pollution is reduced to levels that are no longer harmful to human health and natural ecosystems, as well as the steps to get there. The plan ties together all relevant EU policies to tackle and prevent pollution, with a special emphasis on how to use digital solutions to tackle pollution. Reviews of relevant EU legislation are foreseen to identify remaining gaps in EU legislation and where better implementation is necessary to meet these legal obligations. Continue reading…

Shifting cybersecurity from a compliance to a risk focus

30 March 2021
Knowledge Base

Modern organisations now realise that cybersecurity is a crucial concern. Cyberattacks have grown in frequency and sophistication, with 3,813 data breaches reported in the first half of 2019, which was an increase of 54% over the previous year. And in light of COVID-19-related changes in workforce structure and an unplanned shift to remote work environments that might not be supported with the right infrastructure, companies became even more vulnerable to attack in 2020. While enterprises know that cybersecurity protection is essential to safeguard their companies, many envision cybersecurity protocols as a compliance-focused approach to address industry and governmental regulations, rather than looking at them from a risk analysis level. Continue reading…

Stepping up cooperation to tackle intellectual property crime

23 March 2021
Knowledge Base

The European Union Intellectual Property Office (EUIPO) and the European Union Agency for Criminal Justice Cooperation (Eurojust) are stepping up their cooperation to more effectively tackle criminal abuse of intellectual property rights in the field of counterfeiting and online piracy. A Service Level Agreement (SLA) was signed to boost Eurojust’s capacity and expand its expertise to support complex investigations in this field. As intellectual property (IP) crime is increasingly considered linked to organised crime and part of other serious criminal offences, it has become essential to intensify the fight against IP infringements, notably in the online environment. In the context of the COVID-19 pandemic, in which the problem of counterfeiting and piracy has gained new momentum with the illegal production and distribution of fake protective equipment and face masks, tackling IP crime is key to protect consumers and preserve a healthy economy and support the recovery of legitimate businesses, notably creative and innovative ones. Continue reading…

New major interventions to block encrypted communications of criminal networks

16 March 2021
Knowledge Base

Judicial and law enforcement authorities in Belgium, France and the Netherlands have in close cooperation enabled major interventions to block the further use of encrypted communications by large-scale organised crime groups (OCGs), with the support of Europol and Eurojust. The continuous monitoring of the illegal Sky ECC communication service tool by investigators in the three countries involved has provided invaluable insights into hundreds of millions of messages exchanged between criminals. This has resulted in the collection of crucial information on over a hundred of planned large-scale criminal operations, preventing potential life threatening situations and possible victims. Continue reading…

More cross-border cooperation necessary to help victims of trafficking in human beings

01 March 2021

To better assist victims of trafficking in human beings (THB), more cross-border cooperation and investigations are necessary. Earlier involvement of Eurojust and a higher number of cases referred to the Agency will help to better coordinate investigations and get a fuller picture of internationally operating criminal networks, which exploit often young and vulnerable victims. These are the main conclusions from the Eurojust Report on Trafficking in Human Beings. The Report was adopted by the College of the Agency right before 22 February, the European Day for Victims of Crime, and was presented recently at the occasion of the meeting of the EU Victims’ Rights Platform. It comes at a crucial time as well, as the European Commission is working towards a new EU strategy on combating human trafficking. Continue reading…

Nick Palmer: “The fundamental cybersecurity question you need to ask is who is your adversary and who can target you?”

22 February 2021
Knowledge Base

by Michel Klompmaker

We recently had an opportunity to speak together with Nick Palmer who is the Head of Global Business at Group-IB. Group-IB is an international provider of solutions aimed at investigating high-tech crime, detecting and preventing cyberattacks, online fraud, and intellectual property theft. Nick Palmer was also a moderator of Group-IB’s CyberCrimeCon online event held last year in November. Our discussion covered several areas of interest relating to Group-IB’s operations, its recent opening of its European headquarters in Amsterdam, The Netherlands, how organisations in general can safeguard against cyberattacks and what the main risks for organisations are today.
Continue reading…