E-CRIME (the economic impacts of cyber crime) was a three-year European Commission funded project that commenced in April 2014 and concluded in March 2017. The aim of the project was to assess the spread and development of financially-motivated cyber crime in selected non-information and communications technology sectors (specifically: finance, energy, transport, health and retail), while also identifying and developing concrete measures to manage and deter such crime within these sectors. Over the course of the E-CRIME project, the research consortium developed a portfolio of exploitable knowledge, resources and tools to assist in the fight against economic cyber crime. These resources (outline below) are freely available for all citizens, security professionals, academics, public bodies/officials and commercial entities, to download, utilise and modify as they choose so as to further their own work in protecting against this phenomenon.

Key Deliverables, Resources and Tools

  • An inventory of different cyber crimes and criminal networks within non-ICT sectors (D2.2)
  • Journey mapping of both cyber criminals and victims. This information has been analysed and is accompanied by a detailed master crime-script that breaks down and visualises the steps taken by attackers when conducting financially-motivated cyber crime, as well as specific scripts for common attacks (e.g., click fraud, VoIP attacks, extortion, malware development, etc.) (D2.3)
  • The anonymised .SAV data-set from a trans-European telephone survey conducted by the E-CRIME partner Ipsos Belgium. This consumer survey conducted from July to October 2015 reported on citizens’ online behaviour, their perceptions of cyber crime, incidents of victimisation and the associated costs of cyber crime acts to the general public. A total of 6,394 responses were collected across Germany, Italy, UK, Netherlands, Poland and Estonia, which included 1,242 cyber crime victims. This data-set has been uploaded to DANS (the Netherlands Institute for Permanent Access to Digital Research Resources) where it can be freely accessed by all.
  • The interview schedule for the trans-European citizen survey (D4.2) and interviews with our selected non-ICT industry sectors, as well as analyses of the survey data to quantify the impact of financially motivated cyber crimes, including identity theft (D6.3)
  • A comprehensive report identifying both the current challenges as well as existing opportunities for fighting cyber crime across non-ICT sectors. Challenges analysed include: risk management; political; economic; legal and procedural; international cooperation; and civil liberty concerns. Opportunities and recommendations for future actions are provided for: justice and policing systems; public and private organisations; and individual citizens (D7.1)
  • Recommendations for future regulatory innovation and measures are presented that the E-CRIME consortium believe should be adopted at the Member State, European and International levels (D8.3)
  • Sector specific enhancements in industry best practices as well as a related high level roadmap and implementation plan for these counter-measures (D8.5 & D8.6)
  • A cost calculation methodology intended for use by an organisation’s Chief Information Security Officer (CISO) so as to conduct cost-benefit assessments of proposed cyber crime countermeasures. The output of this methodology:
    • informs the CISO of the costs sustained to protect the company
    • enables the CISO to assess the performance of the countermeasures and compare them with the impact avoided (service disruption, economic loss, sanctions, reputational damage,…)
    • assists the CISO in making a cost/benefit analysis (between costs sustained and impact avoided), and presenting their results of their work to the CFO and CEO
    • enables the CISO to demonstrate how she spends the money, and the resulting benefits for the company
  • Three policy briefs primarily developed to inform policy makers of E-CRIME outputs. These focus on:
    • the costs of consumer-facing cyber crime in Europe
    • recommendations for regulatory innovations
    • cross-sector and per-sector recommendations

Finally the E-CRIME consortium developed and implemented an awareness training programme: E-CRIME, Prevent, Protect, Prepare that is specifically targeted at Law Enforcement Agencies (LEAs) across Europe. A Facilitator’s Handbook for delivering this training programme has been produced, and the E-CRIME consortium has delivered this training programme to police officers from across the EU during a closed one-day workshop. This training programme is not available for open download, however, it is available to LEAs, CSIRTs, corporate cyber security teams, and other entities/individuals with legitimate purposes. To request a copy of this programme please approach the following contacts: tim.nissen@trilateralresearch.com or bh@warwick.ac.uk

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.