Europol has announced the arrest of 15 EU citizens – most of them teenagers and young adults – on suspicion of “using remote access trojans (RAT) to commit cybercrimes”.
RATs are often used by cyber criminals to steal personal information such as passwords and credit card numbers, and can be used to record on-screen and webcam activity.
The operation “took place in the framework of EMPACT – the EU’s multi-annual policy cycle – working with Europol’s European Cybercrime Centre (EC3)” and involved authorities from Estonia, France, Romania, Latvia, Italy, Norway and the UK.
Head of the EC3 Troels Oerting commented: “Today an alliance of EU law enforcement agencies joined forces to send a strong signal to the criminals using this toxic RAT malware and, at the same time, engage with the predominantly younger individuals involved, to discourage them from pursuing this criminal path. Crimes committed online are sometimes perceived to be ‘less serious’ by these young offenders as they cannot physically see the victim or the effects of their crimes. Of course this is simply not the case and their criminal activities will not be tolerated in cyberspace.”
Interviewed by SC Magazine, Raymond Ijsselstijn of EC3 said that those arrested included “students” and “school pupils” and that other suspects were “in their late teens, early 20s and late 20s”.
He went on:
“Young people grow up with the internet, they see RATs as a relatively harmless tool to hack their friends or former girlfriends, but it’s a cyber-crime in itself and could be the starting point of their cyber-criminal career.
“They see how easy it is to take over someone’s computer – the next step could be more serious cyber-crimes, such as taking over bank accounts, encrypting malware, DDoS-ing large companies.
“Young people should be aware that using RATs is not just something you do for fun.”
November has been a busy month for EC3. Earlier this month, Operation Onymous, a joint operation involving law enforcement agencies from 17 EU countries as well as the FBI, took down more than 400 illicit Tor services across 27 sites. The authorities confiscated USD$1 million worth of Bitcoin and made 17 arrests, including that of Blake Benthall, the alleged operator of Silk Road 2.0. The notorious drugs and contraband goods market was also among the sites that were shut down.
Troels Oerting told the Guardian:
“We are only doing what law-abiding citizens want us to do, we are fighting crime regardless of where we find it on the internet. This was a very good day in operational terms, we’re very pleased, but the work still goes on.”
Cyber crime remains a persistent concern across the union. EU organisations concerned about their information security are advised to implement a best-practice information security management system (ISMS), as set out in the international standard ISO27001. ISO27001 provides a holistic approach to information security that addresses people, process and technology.
IT Governance has created four packaged solutions that will enable you to implement ISO 27001 at a speed and for a budget appropriate for your individual needs and preferred project approach. Each fixed-price solution is a combination of products and services that can be accessed online and deployed by any company in the world.