Law enforcement officers need to develop strategies to gain a comprehensive knowledge of the elements contributing to cyber-attacks (Virtual Private Networks – VPNs, Bulletproof Hosting – BPH, Remote Access Trojans – RATs, botnets, Dark Web platforms, crypto-ransomware, Criminal Phone Banks, Pseudonyms, Advanced Persistent Threat groups – APTs, Internet infrastructure abuse (e.g. DNS), etc.). There is growing number of cases where authorities have to launch and conduct advanced inquiries. Investigators need timely access to relevant data and expertise of a different nature and belonging to different categories of stakeholders (e.g. other Police Authorities or Internet service providers) and it does not seem feasible for a comprehensive investigation of contemporary organised crime to be conducted by a single investigator or even a single force.

This technical and organisational complexity together with the cross-border nature of cyberattacks requires cutting-edge investigative approaches, gathering a large range of expertise as well as trusted information sharing mechanisms across communities (including secured platforms). In addition, it is necessary to enhance cybercrime intelligence picture notably by enhancing reporting mechanism of cyber-dependent criminal activities. Development of multi-stakeholders strategies, including novel investigation schemes and information sharing mechanisms, is necessary in order to enhance prevention and deterrence of these forms of cyber and cyber-dependent crime. Project should also investigate the legal background and identify any related shortcomings so lawful access and processing of subject data has a valid legal foundation.

Projects’ results are expected to contribute to some or all of the following outcomes:

  • Development of modular toolbox for Police Authorities, facilitating gathering and processing of data relevant for cybercrime and cyber – enabled crime investigations;
  • Detection of crypto-jacking, compromised registration forms, malware attacks and other cybercrimes perpetrated using cryptocurrencies;
  • Development of training curricula, for Police Authorities, prosecutors, as well as judicial actors on major contemporary cybercriminal activities;
  • Recommendations on public cybercrime awareness actions contributing to early detection and prevention;
  • Identification of best practices of international law enforcement and judicial cooperation networks; and­
  • Development of multi-stakeholders strategies, including novel investigation schemes and information sharing mechanisms.

The proposals should contribute to the achievement of one or more of the following impacts:

  • Modern information analysis for Police Authorities, allowing them to efficiently fight criminals and terrorists who use novel technologies;
  • Improved forensics and lawful evidence collection, increasing the capabilities to apprehend criminals and terrorists and bring them to the court;
  • Enhanced prevention, detection and deterrence of societal issues related to various forms of crime, including cybercrime, and terrorism, such as violent radicalisation, domestic and sexual violence, or juvenile offenders;
  • Increased security of citizens against terrorism, including in public spaces (while preserving their quality and openness);
  • Improved intelligence picture and enhanced prevention, detection and deterrence of various forms of organised crime;
  • More secure cyberspace for citizens, especially children, through a robust prevention, detection, and protection from cybercriminal activities.

Where possible and relevant, synergy-building and clustering initiatives with successful proposals in the same area should be considered, including the organisation of international conferences in close coordination with the Community for European Research and Innovation for Security (CERIS) activities and/or other international events.