There is a wide variety of illegal activities and criminal opportunities on the internet and through the internet: the dissemination of child sexual abuse material through the internet, "phishing" of user credentials, trafficking in arms and narcotic drugs, network intrusions and DDoS attacks, dissemination of malware, and fraudulent activities. These activities make use of the clearnet/visible web, the underground economy forums there, the deep web and the dark web.
More than any other fields of crime, cybercrime is continuously on the rise (cf. cybercrime situation reports).This type of crime is characterised - as hardly any other - by a continually rising crime rate.
Definition and typical forms of cybercrime
The term cybercrime refers to all offences that are targeted against the internet, data networks, IT systems or their data (cybercrime in the narrower sense) or are committed by means of such information technology.
The currently most common forms of cybercrime use malware to infect and tamper with computer systems in order to, for instance,
- steal and misuse personal data and user credentials (identity theft),
- encrypt the user's data/files stored on the system by means of what is known as ransomware in order to extort "ransom money",
- remotely control the systems, integrate them in what is referred to as botnets and use them for further criminal activities.
Potential dimensions of cybercrime
A survey published in 2017 by the German digital ICT industry association bitkom found that every second German internet user had become a victim of cybercrime during the 12 months prior to the survey. Every second case of cybercrime involved a financial loss.
A further survey from 2017, published by the US IT security company Norton by Symantec, confirms the high number of German internet users affected by cybercrime (38 per cent). It states that the losses in Germany amounted to 2.2 billion EUR.
Although the Police Crime Statistics highlight an increase in the number of cybercrime cases, the figures given there are far lower than the findings of these surveys. As it seems, a major part of cybercrime is never reported and only a small part is known to and recorded by the police and/or law enforcement and prosecution agencies.
How the BKA counters cybercrime
The Bundeskriminalamt early created units investigating various forms of cybercrime.
Within the BKA, it is the subdivision SO 4 – Cybercrime within the Serious and Organised Crime (SO) division that conducts investigations, co-ordinates national and international activities, analyses current cybercrime phenomena and describes the current situation.
This subdivision includes the following units:
Zentrale Ansprechstelle Cybercrime (ZAC) – central point of contact for cybercrime
The complexity of attack vectors, the high damage potential and the impacts cybercrime offences (may) have on society as a whole require trustful co-operation between the companies affected and law enforcement/prosecution agencies.
Once this need had been identified, the police authorities at the federal level and within the Länder created central points of contact for cybercrime (Zentrale Ansprechstellen Cybercrime – ZAC) at the BKA and the police authorities of the Länder.
The ZAC at the BKA is part of the national point of contact for anti-cybercrime co-operation (Nationale Kooperationsstelle Cybercrime); it acts as an intermediary and adviser to the business sector and co-ordinates police investigations in case of an incident.
This central pool of skills and experience will help the police to react to cybercrime attacks, changing modi operandi, and new technological developments – in close and trustful co-operation with the private sector.
Operational analysis of cybercrime
In the fight against cybercrime, the BKA has the role of a central agency for the German police. Its unit for the operational analysis of cybercrime is the central agency for the analysis of data contributed by the various police offices to the criminal police reporting service. This unit furthermore handles the international exchange of information with Interpol and Europol or at a bilateral level.
Based on the results of its analyses, the unit may initiate investigations, or merge several investigations into one. The BKA closely co-operates with the police authorities of the Länder and police services abroad: A 24/7 service is on standby 365 days a year to handle any urgent requests from within Germany and from abroad that require immediate action.
Anti-cybercrime work requires both general police skills and a great amount of technological prowess.
Support for investigations/internet searches
This unit deals with a wide variety of aspects around the suppression of internet crime.
As digital technologies have become, and are becoming, more and more important in everyday life, the possibilities of modern telecommunication have also spread across all the "classic" types of crime such as
- trafficking in narcotic drugs,
- dissemination of child sexual abuse material,
- counterfeiting/forgery, or
- weapons-related crime,
and have a growing influence on them. Therefore, the prosecution of crimes, whether it is in the context of investigations or when processing tip-offs, frequently also involves dealing with the internet as a medium.
Central unit against sexual crimes against children and adolescents
In some cases, the sexual abuse of children documented in child abuse material may still be ongoing. Therefore, the fight against child pornography is on the list of priorities of the Bundeskriminalamt. Against this background, the function of the BKA as the National Central Bureau of the International Criminal Police Organization (Interpol) and as the European Police Office (Europol) National Unit is particularly important.
The central unit against sexual crimes against children and adolescents serves as a link between law enforcement/prosecution agencies in Germany and abroad and as a national central analysis and coordination office for these agencies.
Further information