LONDON — The European Union is preparing new steps to crack down on bot-herders, identity thieves, web hijackers and other online fraudsters who are skimming millions of euros a day from a growing number of its half billion citizens.
In separate initiatives this week, the European Commission, which implements EU policy, proposed a new cybercrime center, and an EU committee proposed mandatory jail time across all 27 member states for some online offenses.
The Commission said cybercrime was a global and cross-border phenomenon that now brought more profits for organized crime — $388 billion a year worldwide — than the global trade in marijuana, cocaine and heroin combined. In Europe, however, action to detect and prosecute it was hampered by inadequate information sharing between national jurisdictions.
Trained investigators, prosecutors and judges were not available in all member states and investigative and forensic capacities varied across the EU, the Commission said.
The new center, set to open in the Netherlands early next year, will focus on organized crime gangs engaged in online fraud, online predators who sexually exploit children, and hackers who attack critical infrastructure and IT systems. It will be located at the headquarters of Europol, the European criminal intelligence agency in The Hague.
The Commission estimated that more than a third of EU citizens now bank online and the incidence of fraud is growing. “Moreover, the extent of cyber-attacks affecting public and private information systems clearly increased in 2011 and early 2012,” the Commission said.
It quoted official British figures that showed cybercrime was costing British businesses alone €21 billion a year. German police reported the number of cases of ”phishing” in online banking rose from less than 2000 incidents in 2008 to over 5000 in 2010.
On Tuesday, a committee of the European Parliament proposed a new law that would include mandatory minimum jail sentences across the EU for some computer crimes. At present, cybercrime is dealt with differently in the various member states.
“We are dealing here with serious criminal attacks, some of which are even conducted by criminal organizations,” said Monika Hohlmeier, a German member of the Parliament. “The financial damage caused for companies, private users and the public side amounts to several billions each year.”
The committee proposed a minimum jail sentence of two years for crimes such as computer hacking and up to five years for aggravated offenses, such as operating botnets — networks of computers infected with malicious software and then used to “phish” and “spam.”
And what’s a “bot-herder”? That’s someone who sets up and runs a botnet. For more on that, read my colleagues Nick Wingfield and Nicole Perlroth on Microsoft’s latest campaign to crack down on internet crime.