DOCSLIB.ORG

Data and Information Collection for EU Dual-Use Export Control Policy Review

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

FINAL REPORT Data and information collection for EU dual-use export control policy review Written by SIPRI and Ecorys 6 November 2015 European Commission Final report: Data and information collection for EU dual-use export control policy review The information and views set out in this report are those of the author(s) and do not necessarily reflect the official opinion of the Commission. The Commission does not guarantee the accuracy of the data included in this study. Neither the Commission nor any person acting on the Commission's behalf may be held responsible for the use which may be made of the information contained therein. 2 November 2015 European Commission Final report: Data and information collection for EU dual-use export control policy review Contents ABSTRACT 10 EXECUTIVE SUMMARY 11 1. INTRODUCTION 20 2. METHODOLOGY 22 2.1 Overview of methodological approach and implementation 22 2.2 The range of impacts considered 23 2.2.1 Economic impacts 23 2.2.2 Social impacts (including security and human rights) 25 2.2.3 Environment 26 2.3 Methodological challenges 26 2.4 Development and implementation of online surveys 27 2.4.1 Surveys for companies and business associations 27 2.4.2 Surveys for EU Member States 28 2.5 Selection and implementation of case studies 28 2.6 The cyber-surveillance sector 29 Table 2.1. Overview of potential impacts 24 3. ANALYSING THE BASELINE: DEFINING THE DUAL-USE INDUSTRY AND IDENTIFYING DIRECTLY AFFECTED SECTORS 31 3.1 Conceptualising the dual-use industry and identifying affected sectors 31 3.2 Typology of actors and sector specific characteristics 34 3.3 Transport sector 35 3.4 Particularities of the biological sector 38 Figure 3.1. Typology of actors 35 Figure 3.2. Key components of the transportation sector 37 Figure 3.3. Map of centrifugal separator manufacturers and applications in 40 different sectors Table 3.1. Global volumes by key transport mode (billion tonne – KM) 36 4. QUANTIFYING THE SIZE AND SCOPE OF THE EU’S DUAL-USE INDUSTRY 42 4.1 Number and value of export licences 42 4.2 Value and volume of dual-use related exports 46 4.2.1 Size of EU dual-use industry according to customs trade statistics 48 4.2.2 Detailed characterisation of top-10 product sectors containing highest 51 volume dual-use related export 4.3 Case study on Dutch dual-use exports 54 4.3.1 Introduction 54 4.3.2 Results 56 4.4 EU dual-use industry in terms of production 57 4.4.1 Size of the EU dual-use industry based on production 59 3 November 2015 European Commission Final report: Data and information collection for EU dual-use export control policy review 4.4.2 Detailed overview of most important products in top-10 dual-use 61 items producing sectors 4.5 EU Dual-use industry in terms of employees and enterprises 70 4.5.1 Results 73 4.6 EU dual-use industry from an international perspective 75 4.6.1 Share of EU dual-use related exports in world exports 76 4.6.2 Revealed Comparative Advantage 78 4.7 Synthesis and conclusions 79 Box 4.1. Danish export licence data 50 Figure 4.1. Development of value of export authorisations, by type, 45 EU, 2010-13 Figure 4.2. Total value of dual-use related exports from the EU 48 (Intra-EU; Extra-EU), 2010-2014 Figure 4.3. Value of extra-EU dual-use related exports, 2014, EU-28 51 Figure 4.4. Total production value and average value for most important sectors, 60 based on extra-EU export value, 2013, in € billions Figure 4.5. Number of enterprises in dual-use related NACE sectors in the EU 74 [2008 - 2012] Figure 4.6. Number of employees in dual-use related NACE sectors in the EU 75 [2008 – 2012] Figure 4.7. World (non-) dual-use related export values per HS-2 sector in 2013 78 Table 4.1a. Value and volume of export licences, 2010-2013 45 Table 4.1b Value and volume of licences according to Annex I categories as 46 of March 2015 Table 4.3. Value of Danish exports with export control licence and value of 50 dual-use related exports based on correlation table, 2014 Table 4.4. Value of dual-use related exports of top-10 largest sectors, at HS-4 52 detail, 2014 Table 4.5b. Share of dual-use related exports in dual-use related exports from 56 the Netherlands, top-10 dual-use related export sectors, 2014 Table 4.6. Top 10 sectors with highest extra-EU dual-use related exports, 59 PRODCOM coverage, 2006, 2009, 2013 Table 4.7. Most important dual-use related products in HS84, based on production, 2013 63 Table 4.8. Most important dual-use related products in HS84, based on 63 extra-EU trade, 2013 Table 4.9. Most important dual-use related products in HS85, based on production, 2013 64 Table 4.10. Most important dual-use related products in HS85, based on 64 extra-EU trade, 2013 Table 4.11. Most important dual-use related products in HS88, based on production, 2013 65 Table 4.12. Most important related dual-use products in HS88, based on 65 extra-EU trade, 2013 Table 4.13. Most important related dual-use products in HS90, based on production, 2013 66 4 November 2015 European Commission Final report: Data and information collection for EU dual-use export control policy review Table 4.14. Most important dual-use related products in HS90, 66 based on extra-EU trade, 2013 Table 4.15. Most important dual-use related products in HS27, 67 based on production, 2013 Table 4.16. Most important dual-use related products in HS27, 67 based on extra-EU trade, 2013 Table 4.17. Most important dual-use related products in HS71, 67 based on production, 2013 Table 4.18. Most important dual-use related products in HS71, 68 based on extra-EU trade, 2013 Table 4.19. Most important dual-use related products in HS39, 68 based on production, 2013 Table 4.20. Most important dual-use related products in HS39, 68 based on extra-EU trade, 2013 Table 4.21. Most important dual-use related products in HS29, 69 based on production, 2013 Table 4.22. Most important dual-use related products in HS29, 69 based on extra-EU trade, 2013 Table 4.23. Most important dual-use related products in HS38, 70 based on production, 2013 Table 4.24. Most important dual-use related products in HS38, 70 based on extra-EU trade, 2013 Table 4.25a. Matching NACE Rev. 2 – HS 72 5. ANALYSIS OF REVIEW OPTIONS 83 5.1. Introduction 83 5.2 Impact of review options on different groups of stakeholders 83 5.2.1 General observations 83 5.2.2 Implications for the transport sector 84 5.2.3 Implications for academia of ITT controls 86 5.2.4 Impact of Annex II and Annex IV 89 5.3 Review options under the four European Commission Priorities 96 5.3.1 ‘Adjust to an evolving security environment and enhance the 96 EU contribution to international security’ 5.3.2 ‘Promoting export control convergence and a global level playing field’ 100 5.3.3 ‘Develop an effective and competitive EU export control regime’ 102 5.3.4 ‘Support effective and consistent export control implementation & enforcement’ 104 Table 5.1. Upper threshold of total exports of items listed in Annex II and 91 Annex IV by EU Member States Table 5.2. List of CN codes for analysis 93 Table 5.3. Export of selected items from Annex II and IV 94 Table 5.4. Upper threshold of intra-EU exports of Items listed in Annex IV 95 by EU Member States 5 November 2015 European Commission Final report: Data and information collection for EU dual-use export control policy review 6. STAKEHOLDER PERCEPTIONS OF DUAL-USE EXPORT CONTROL POLICY AND THE REVIEW OPTIONS 110 6.1 Business perceptions: results of initial interview round 110 6.2 Business perceptions: results of the online survey 113 6.2.1 Characteristics of respondents 113 6.2.2 Dual-use products exported and importance of dual-use items 114 6.2.3 The licensing of dual-use items and export control management 116 6.2.4 Economic effects of the current dual-use export control policy: 118 compliance costs and competitive effects 6.2.5 Effects of export controls related to other value chain actors: 122 Technology transfer, brokering and transit controls 6.2.6 Social and environmental impacts of the dual-use export control policy 123 6.2.7 Assessing the impact of review options 123 6.3 Perceptions of licensing authorities: survey results 128 6.3.1 Current system 128 6.3.2 Review options 132 Table 6.1. Review issues and aspects impacting companies 128 Table 6.2. Main challenges linked to management of dual-use export controls 130 Table 6.3. Impact of review issues under review option 2 in terms of 131 administrative burden and human rights* Table 6.4. Impact of review issues under review option 2 with respect to 133 staff resources* Table 6.5. Impact of actions of review option 2* 135 Table 6.6. The impact of review issues under review option 3 in terms of 137 administrative burden, security and human rights* Table 6.7. Impact of review issues under review option 3 with respect to 139 staff resources* Table 6.8. Impact of actions of review option 3* 140 Figure 6.1.
Recommended publications
  • Identifying Threats Associated with Man-In-The-Middle Attacks During Communication Between a Mobile Device and the Back End Server in Mobile Banking Applications

    Identifying Threats Associated with Man-In-The-Middle Attacks During Communication Between a Mobile Device and the Back End Server in Mobile Banking Applications

    IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661, p- ISSN: 2278-8727Volume 16, Issue 2, Ver. IX (Mar-Apr. 2014), PP 35-42 www.iosrjournals.org Identifying Threats Associated With Man-In-The-Middle Attacks during Communication between a Mobile Device and the Back End Server in Mobile Banking Applications Anthony Luvanda1,*Dr Stephen Kimani1 Dr Micheal Kimwele1 1. School of Computing and Information Technology, Jomo Kenyatta University of Agriculture and Technology, PO Box 62000-00200 Nairobi Kenya Abstract: Mobile banking, sometimes referred to as M-Banking, Mbanking or SMS Banking, is a term used for performing balance checks, account transactions, payments, credit applications and other banking transactions through a mobile device such as a mobile phone or Personal Digital Assistant (PDA). Mobile banking has until recently most often been performed via SMS or the Mobile Web. Apple's initial success with iPhone and the rapid growth of phones based on Google's Android (operating system) have led to increasing use of special client programs, called apps, downloaded to the mobile device hence increasing the number of banking applications that can be made available on mobile phones . This in turn has increased the popularity of mobile device use in regards to personal banking activities. Due to the characteristics of wireless medium, limited protection of the nodes, nature of connectivity and lack of centralized managing point, wireless networks tend to be highly vulnerable and more often than not they become subjects of attack. This paper proposes to identify potential threats associated with communication between a mobile device and the back end server in mobile banking applications.
  • Virtual Currencies and Terrorist Financing : Assessing the Risks And

    Virtual Currencies and Terrorist Financing : Assessing the Risks And

    DIRECTORATE GENERAL FOR INTERNAL POLICIES POLICY DEPARTMENT FOR CITIZENS' RIGHTS AND CONSTITUTIONAL AFFAIRS COUNTER-TERRORISM Virtual currencies and terrorist financing: assessing the risks and evaluating responses STUDY Abstract This study, commissioned by the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs at the request of the TERR Committee, explores the terrorist financing (TF) risks of virtual currencies (VCs), including cryptocurrencies such as Bitcoin. It describes the features of VCs that present TF risks, and reviews the open source literature on terrorist use of virtual currencies to understand the current state and likely future manifestation of the risk. It then reviews the regulatory and law enforcement response in the EU and beyond, assessing the effectiveness of measures taken to date. Finally, it provides recommendations for EU policymakers and other relevant stakeholders for ensuring the TF risks of VCs are adequately mitigated. PE 604.970 EN ABOUT THE PUBLICATION This research paper was requested by the European Parliament's Special Committee on Terrorism and was commissioned, overseen and published by the Policy Department for Citizens’ Rights and Constitutional Affairs. Policy Departments provide independent expertise, both in-house and externally, to support European Parliament committees and other parliamentary bodies in shaping legislation and exercising democratic scrutiny over EU external and internal policies. To contact the Policy Department for Citizens’ Rights and Constitutional Affairs or to subscribe to its newsletter please write to: [email protected] RESPONSIBLE RESEARCH ADMINISTRATOR Kristiina MILT Policy Department for Citizens' Rights and Constitutional Affairs European Parliament B-1047 Brussels E-mail: [email protected] AUTHORS Tom KEATINGE, Director of the Centre for Financial Crime and Security Studies, Royal United Services Institute (coordinator) David CARLISLE, Centre for Financial Crime and Security Studies, Royal United Services Institute, etc.
  • Compromised Connections

    Compromised Connections

    COMPROMISED CONNECTIONS OVERCOMING PRIVACY CHALLENGES OF THE MOBILE INTERNET The Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and many other international and regional treaties recognize privacy as a fundamental human right. Privacy A WORLD OF INFORMATION underpins key values such as freedom of expression, freedom of association, and freedom of speech, IN YOUR MOBILE PHONE and it is one of the most important, nuanced and complex fundamental rights of contemporary age. For those of us who care deeply about privacy, safety and security, not only for ourselves but also for our development partners and their missions, we need to think of mobile phones as primary computers As mobile phones have transformed from clunky handheld calling devices to nifty touch-screen rather than just calling devices. We need to keep in mind that, as the storage, functionality, and smartphones loaded with apps and supported by cloud access, the networks these phones rely on capability of mobiles increase, so do the risks to users. have become ubiquitous, ferrying vast amounts of data across invisible spectrums and reaching the Can we address these hidden costs to our digital connections? Fortunately, yes! We recommend: most remote corners of the world. • Adopting device, data, network and application safety measures From a technical point-of-view, today’s phones are actually more like compact mobile computers. They are packed with digital intelligence and capable of processing many of the tasks previously confined
  • Mobile Financial Fraud April 2013

    Mobile Financial Fraud April 2013

    White Paper: Mobile Financial Fraud April 2013 Mobile Threats and the Underground Marketplace Principal Investigator and Corresponding Author Jart Armin Contributing Researchers Andrey Komarov, Mila Parkour, Raoul Chiesa, Bryn Thompson, Will Rogofsky Panel & Review Dr. Ray Genoe (UCD), Robert McArdle (Trend Micro), Dave Piscitello (ICANN), Foy Shiver (APWG), Edgardo Montes de Oca (Montimage), Peter Cassidy (APWG) APWG Mobile Fraud web site http://ecrimeresearch.org/wirelessdevice/Fraud/ Table of Contents Abstract ..................................................................................................................................... 2 Introduction and Starting Position ........................................................................................ 2 A Global Overview .................................................................................................................. 3 Vulnerabilities Overview ....................................................................................................... 3 The Underground Mobile Market ....................................................................................... 13 Mobile DNS & Traffic ........................................................................................................... 15 iBots & the Pocket Botnet ..................................................................................................... 18 Mobile Intrusion ...................................................................................................................
  • APT and Cybercriminal Targeting of HCS June 9, 2020 Agenda

    APT and Cybercriminal Targeting of HCS June 9, 2020 Agenda

    APT and Cybercriminal Targeting of HCS June 9, 2020 Agenda • Executive Summary Slides Key: • APT Group Objectives Non-Technical: managerial, strategic • APT Groups Targeting Health Sector and high-level (general audience) • Activity Timeline Technical: Tactical / IOCs; requiring • TTPs in-depth knowledge (sysadmins, IRT) • Malware • Vulnerabilities • Recommendations and Mitigations TLP: WHITE, ID#202006091030 2 Executive Summary • APT groups steal data, disrupt operations, and destroy infrastructure. Unlike most cybercriminals, APT attackers pursue their objectives over longer periods of time. They adapt to cyber defenses and frequently retarget the same victim. • Common HPH targets include: • Healthcare Biotechnology Medical devices • Pharmaceuticals Healthcare information technology • Scientific research • HPH organizations who have been victim of APT attacks have suffered: • Reputational harm Disruption to operations • Financial losses PII/PHI and proprietary data theft • HC3 recommends several mitigations and controls to counter APT threats. TLP: WHITE, ID#202006091030 3 APT Group Objectives • Motivations of APT Groups which target the health sector include: • Competitive advantage • Theft of proprietary data/intellectual capital such as technology, manufacturing processes, partnership agreements, business plans, pricing documents, test results, scientific research, communications, and contact lists to unfairly advance economically. • Intelligence gathering • Groups target individuals and connected associates to further social engineering
  • Strategic Perspectives on Cybersecurity Management and Public Policies Volume 3 (2017)

    Strategic Perspectives on Cybersecurity Management and Public Policies Volume 3 (2017)

    VOLUME 3 (2017) ▪ ISSUE 2 STRATEGIC PERSPECTIVES ON CYBERSECURITY MANAGEMENT AND PUBLIC POLICIES VOLUME 3 (2017) VOLUME ▪ ISSUE ISSUE 2 ANALYSES ▪ POLICY REVIEWS ▪ OPINIONS The European Cybersecurity Journal is a new specialized quarterly publication devoted to cybersecurity. It will be a platform of regular dialogue on the most strategic aspects of cybersecurity. The main goal of the Journal is to provide concrete policy recommendations for European decision-makers and raise awareness on both issues and problem-solving instruments. EDITORIAL BOARD Chief Editor: Dr Joanna Świątkowska The ECJ is a quarterly journal, published in January, CYBERSEC Programme Director and Senior Research Fellow of the April, July and October. Kosciuszko Institute, Poland Honorary Member of the Board: Dr James Lewis Director and Senior Fellow of the Strategic Technologies Program, Center for Strategic and International Studies (CSIS), USA Citations:This journal should be cited as follows: “European Cybersecurity Journal”, Member of the Board: Alexander Klimburg Volume 3 (2017), Issue 2, page reference Nonresident Senior Fellow, Cyber Statecraft Initiative, Atlantic Council ; Affiliate, Belfer Center of Harvard Kennedy School, USA Published by: The Kosciuszko Institute Member of the Board: Helena Raud ul. Feldmana 4/9-10 Member of the Board of the European Cybersecurity Initiative, Estonia 31-130 Kraków, Poland Member of the Board: Keir Giles Phone: 00 48 12 632 97 24 Director of the Conflict Studies Research Centre (CSRC), UK E-mail: [email protected] Editor Associate: Izabela Albrycht www.ik.org.pl Chairperson of the Kosciuszko Institute, Poland www.cybersecforum.eu Executive Editor: Karine Szotowski Printed in Poland by Drukarnia Diament | diamentdruk.pl Designer: Paweł Walkowiak | perceptika.pl DTP: Marcin Oroń Proofreading: Justyna Kruk and Agata Ostrowska ISSN: 2450-21113 Disclaimer: The views expressed in articles are the authors’ and not necessarily those of the Kosciuszko Institute.
  • Zerohack Zer0pwn Youranonnews Yevgeniy Anikin Yes Men

    Zerohack Zer0pwn Youranonnews Yevgeniy Anikin Yes Men

    Zerohack Zer0Pwn YourAnonNews Yevgeniy Anikin Yes Men YamaTough Xtreme x-Leader xenu xen0nymous www.oem.com.mx www.nytimes.com/pages/world/asia/index.html www.informador.com.mx www.futuregov.asia www.cronica.com.mx www.asiapacificsecuritymagazine.com Worm Wolfy Withdrawal* WillyFoReal Wikileaks IRC 88.80.16.13/9999 IRC Channel WikiLeaks WiiSpellWhy whitekidney Wells Fargo weed WallRoad w0rmware Vulnerability Vladislav Khorokhorin Visa Inc. Virus Virgin Islands "Viewpointe Archive Services, LLC" Versability Verizon Venezuela Vegas Vatican City USB US Trust US Bankcorp Uruguay Uran0n unusedcrayon United Kingdom UnicormCr3w unfittoprint unelected.org UndisclosedAnon Ukraine UGNazi ua_musti_1905 U.S. Bankcorp TYLER Turkey trosec113 Trojan Horse Trojan Trivette TriCk Tribalzer0 Transnistria transaction Traitor traffic court Tradecraft Trade Secrets "Total System Services, Inc." Topiary Top Secret Tom Stracener TibitXimer Thumb Drive Thomson Reuters TheWikiBoat thepeoplescause the_infecti0n The Unknowns The UnderTaker The Syrian electronic army The Jokerhack Thailand ThaCosmo th3j35t3r testeux1 TEST Telecomix TehWongZ Teddy Bigglesworth TeaMp0isoN TeamHav0k Team Ghost Shell Team Digi7al tdl4 taxes TARP tango down Tampa Tammy Shapiro Taiwan Tabu T0x1c t0wN T.A.R.P. Syrian Electronic Army syndiv Symantec Corporation Switzerland Swingers Club SWIFT Sweden Swan SwaggSec Swagg Security "SunGard Data Systems, Inc." Stuxnet Stringer Streamroller Stole* Sterlok SteelAnne st0rm SQLi Spyware Spying Spydevilz Spy Camera Sposed Spook Spoofing Splendide
  • Download Article (PDF)

    Download Article (PDF)

    Proceedings of the 2nd International Conference on Computer Science and Electronics Engineering (ICCSEE 2013) Trust in Cyberspace: New Information Security Paradigm R. Uzal, D. Riesco, G. Montejano N. Debnath Universidad Nacional de San Luis Department of Computer Science San Luis, Argentina Winona State University [email protected] USA {driesco, gmonte}@unsl.edu.ar [email protected] Abstract—This paper is about the differences between grids and infrastructure for destruction [3]. It is evident we traditional and new Information Security paradigms, the are facing new and very important changes in the traditional conceptual difference between “known computer viruses” and Information Security paradigm. Paradigm shift means a sophisticated Cyber Weapons, the existence of a Cyber fundamental change in an individual's or a society's view of Weapons “black market”, the differences between Cyber War, how things work in the cyberspace. For example, the shift Cyber Terrorism and Cyber Crime, the new Information from the geocentric to the heliocentric paradigm, from Security paradigm characteristics and the author’s conclusion “humors” to microbes as causes of disease, from heart to about the new Information Security paradigm to be faced. brain as the center of thinking and feeling [4]. Criminal Authors remark that recently discovered Cyber Weapons can hackers could detect some of those placed “military logic be easily described as one of the most complex IT threats ever bombs” and use them for criminal purposes. This is not a discovered. They are big and incredibly sophisticated. They pretty much redefine the notion of Information Security. theory. It is just a component of current and actual Considering the existence of a sort of Cyber Weapon black Information Security new scenarios.
  • Alerta Integrada De Seguridad Digital N° 198-2020-PECERT

    Alerta Integrada De Seguridad Digital N° 198-2020-PECERT

    Lima, 19 de octubre de 2020 La presente Alerta Integrada de Seguridad Digital corresponde a un análisis técnico periódico realizado por el Comando Conjunto de las Fuerzas Armadas, el Ejército del Perú, la Marina de Guerra del Perú, la Fuerza Aérea del Perú, la Dirección Nacional de Inteligencia, la Policía Nacional del Perú, la Asociación de Bancos del Perú y la Secretaría de Gobierno Digital de la Presidencia del Consejo de Ministros, en el marco del Centro Nacional de Seguridad Digital. El objetivo de esta Alerta es informar a los responsables de la Seguridad de la Información de las entidades públicas y las empresas privadas sobre las amenazas en el ciberespacio para advertir las situaciones que pudieran afectar la continuidad de sus servicios en favor de la población. Las marcas y logotipos de empresas privadas y/o entidades públicas se reflejan para ilustrar la información que los ciudadanos reciben por redes sociales u otros medios y que atentan contra la confianza digital de las personas y de las mismas empresas de acuerdo a lo establecido por el Decreto de Urgencia 007-2020. La presente Alerta Integrada de Seguridad Digital es información netamente especializada para informar a las áreas técnicas de entidades y empresas. Esta información no ha sido preparada ni dirigida a ciudadanos. PECERT │Equipo de Respuestas ante Incidentes de Seguridad Digital Nacional www.gob.pe [email protected] Contenido Vulnerabilidad de ejecución remota de código de Microsoft SharePoint .................................................... 3 Campaña de phishing que utilizan Basecamp ............................................................................................... 4 Nuevo archivo adjunto Windows Update del malware Emotet. .................................................................. 5 El malware Windows “GravityRAT” ahora también se dirige a Android, macOS .........................................
  • Ransomware Payments in the Bitcoin Ecosystem

    Ransomware Payments in the Bitcoin Ecosystem

    Ransomware Payments in the Bitcoin Ecosystem Masarah Paquet-Clouston Bernhard Haslhofer Benoît Dupont GoSecure Research Austrian Institute of Technology Université de Montréal Montreal, Canada Vienna, Austria Montreal, Canada [email protected] [email protected] [email protected] ABSTRACT the time of writing, there are 5051 known ransomware families de- Ransomware can prevent a user from accessing a device and its tected and almost all of them demand payments in Bitcoin [27], files until a ransom is paid to the attacker, most frequently in Bit- which is the most prominent cryptocurrency. coin. With over 500 known ransomware families, it has become Yet, global and reliable statistics on the impact of cybercrime in one of the dominant cybercrime threats for law enforcement, se- general, and ransomware in particular, are missing, causing a large curity professionals and the public. However, a more comprehen- misunderstanding regarding the severity of the threat and the ex- sive, evidence-based picture on the global direct financial impact tent to which it fuels a large illicit business. Most of the statistics of ransomware attacks is still missing. In this paper, we present available on cybercrime and ransomware are produced by private a data-driven method for identifying and gathering information corporations (cf. [29, 38, 39]) that do not disclose their underlying on Bitcoin transactions related to illicit activity based on foot- methodologies and have incentives to over- or underreport them prints left on the public Bitcoin blockchain. We implement this since they sell cybersecurity products and services that are sup- method on-top-of the GraphSense open-source platform and ap- posed to protect their users against such threats [23].
  • Choose Trend Micro for Internet Security, Nothing Comes Close

    Choose Trend Micro for Internet Security, Nothing Comes Close

    TREND MICRO Choose Trend Micro for internet security, nothing comes close. for Security Trend Micro Titanium uses cloud technology to only Trend Micro™ Titanium™ delivers on everything automatically stop viruses and spyware before you’ve always wanted in an antivirus and internet they reach your computer so it won’t slow you security solution without the limitations and down. it’s a whole new way to protect your Pc. drawbacks of yesterday’s slow antivirus software. cloud technology: leverages trend Micro’s Smart Titanium Has What You Want Protection Network™ plus real-time antivirus scanning Strong, fast protection to provide always-on-guard protection to keep you uses lightning-fast cloud security technology safe from latest, ever-evolving malware threats and real-time antivirus scanning to proactively Automatic Protection: removes the guesswork of stop threats , without waiting for updates protecting your Pc, intelligently and immediately and downloads reacts to threats easy to use and understand internet security Simple installation: it takes just a few clicks Just set it and forget it Streamlined interface: it is easy to understand Light demands on your Pc’s resources and simple to manage it doesn’t affect computer performance the trend Micro titanium finally! internet security that does the job Cloud Security Advantage quickly and won’t drive you crazy. Nothing else titanium is powered by Trend Micro™ Smart Protection comes close to Titanium—in security, speed, Network™—the security infrastructure ranked #1 at or simplicity. stopping threats in cyberspace or “the cloud.” Smart • STRONG choose from three strong, fast, and easy-to-use Protection Network monitors the internet 24/7, • FAST options—based on your lifestyle and how you worldwide.
  • Threat Landscape Report – 1St Quarter 2018

    Threat Landscape Report – 1St Quarter 2018

    TLP-AMBER Threat Landscape Report – 1st Quarter 2018 (FINAL) V1.0 – 10/04/2018 This quarterly report summarises the most significant direct cyber threats to EU institutions, bodies, and agencies (EU-I or 'Constituents') in Part I, the development of cyber-threats on a broader scale in Part II, and recent technical trends in Part III. KEY FINDINGS Direct Threats • In Europe, APT28 / Sofacy threat actor (likely affiliated to Russia military intelligence GRU) targeted government institutions related to foreign affairs and attendees of a military conference. Another threat actor, Turla (likely affiliated to Russia’s security service FSB) executed a cyber-operation against foreign affairs entities in a European country. • A spear-phishing campaign that targeted European foreign ministries in the end of 2017 was attributed to a China-based threat actor (Ke3chang) which has a long track record of targeting EU institutions (since 2011). As regards cyber-criminality against EU institutions, attempts to deliver banking trojans are stable, ransomware activities are still in decline and cryptojacking on the rise. Phishing lures involve generic matters (’invoice’, ‘payment’, ‘purchase’, ‘wire transfer’, ‘personal banking’, ‘job application’) and more specific ones (foreign affairs issues, European think tanks matters, energy contracts, EU delegation, EU watch keeper). Almost all EU-I are affected by credential leaks (email address | password) on pastebin-like websites. Several credential- harvesting attempts have also been detected. Attackers keep attempting to lure EU-I staff by employing custom methods such as spoofed EU-I email addresses or weaponisation of EU-I documents. Broader Threats • Critical infrastructure. In the energy sector, the US authorities have accused Russian actors of targeting critical infrastructure (including nuclear) for several years and are expecting this to continue in 2018.