Inputs from the Octopus Conference 2023

EU CyberNet participated in the Octopus Conference 2023 in Bucharest, Romania, along 500 other cybercrime experts from about 100 countries. A special session focused on ten years of capacity building by the Cybercrime Programme Office of the Council of Europe (C-PROC) which was addressed by Bjørn Berge (Deputy Secretary General of the Council of Europe) and Traian Hristea (State Secretary, Ministry of Foreign Affairs, Romania).

  • By Cecilia Popa, Experts Lead, EU CyberNet

The Octopus Conference, held on 13 to 15 December, 2023, in Bucharest, Romania, brought together over 500 experts and professionals from around the world to delve into critical issues in the realm of cyber space.

Among the various workshops, Workshop 3 focused on the “Automatic Detection of Child Sexual Exploitation and Abuse Materials,” shedding light on the challenges posed by the growing phenomenon of online sexual exploitation and amuse  (OCSEA).

The workshop emphasised the Lanzarote Convention, outlining its objectives and limitations. Interpol’s staggering statistics revealed the immense volume of Child Sexual Abuse Material (CSAM) circulating on various platforms, with 25 million CSAM images being uploaded on YouTube daily and additional content found on various other platforms, and highlighted the challenges posed by encryption and privacy concerns, such as Apple’s plan to scan iCloud and Apple devices for CSAM.

The discussions also emphasised the necessity for international hash sharing and stressed the importance of working collaboratively with both the private sector as well as the general public. Notable initiatives, such as ECPAT Sweden’s Project Arachnid and Child Rescue Coalition’s provision of free software to law enforcement, were showcased. As an example, a national study concluded by ECPAT Sweden revealed that 1 in 5 girls and 1 in 8 boys have experienced the sharing of their nude images online.

Another significant workshop, Workshop 6, delved into the threats and benefits of Generative AI in criminal justice. Participants discussed the OECD’s technological neutral definition of AI and the upcoming Convention on AI, incorporating procedural rights and safeguards. EUROPOL presented a practical toolkit – Accountability Principles for AI (APAI) – set to be available early next year, aimed at ensuring accountability in AI applications. INTERPOL introduced their AI toolkit encompassing seven resources such as guidance documents and practical tools. The intention is to assist law enforcement agencies (LEA) in choosing AI systems effectively for combating cybercrime.

The workshop explored the challenges and legal implications surrounding AI, including the accountability of ChatBots and self-driving vehicles. Questions arose about “legal personhood” for AI and new defense rights against “robot testimony.” The session underscored the need for ethical considerations, limitations, and a comprehensive understanding of the scope of Generative AI within the justice sector.

The third workshop addressed here, Workshop 14, focused on the interplay between cybersecurity and cybercrime. Microsoft data revealed a 23% rise in cyber-related cases, including 4,000 password attacks blocked per second, 156,000 Business Email Compromise (BEC) attempts daily and 1,700 DDoS (distributed denial of service) attacks per day mitigated. There has also been a rise in activities involving nation-state and state-affiliated threat actors, with Microsoft tracking 160 threats attributed to nation-state actors in the past year alone.

Cooperation emerged as a central theme between cybersecurity professionals and law enforcement, spanning inter-agency, private/public, at the national as well as international levels. As per the ENISA report “Cooperation between CSIRTs and LE, CSIRTs interact much more with law enforcement than with the prosecutors and very rarely with the judiciary. CSIRTs also provide support during investigations. However, there is still space for improvement on how CSIRTs should report/inform law enforcement/prosecutors as well as increase the usage of CSIRTs information in criminal investigations and proceedings. Since cybercrime has become a matter of national security, we need to talk about activities that not only react to a crime, but also include prevention and active defence interventions.

Successful partnerships and best practices, such as the collaboration between EU CyberNet, through the LAC4 Center, and Glacy+, as well as the successful inter-regional cyber exercises between CSIRTs and LEA implemented by CyberEast, iPROCEEDS-2 projects were highlighted as exemplars in enhancing Cyber Capacity Building in both cybersecurity and cybercrime.

This workshop also stressed the need for a clear criminal justice regulatory framework for expedited international cooperation and efficient handling of electronic evidence across borders. The 2nd Additional Protocol to the Budapest Convention on Cybercrime and Electronic Evidence was given as a tool for enhanced co-operation and disclosure of electronic evidence.

As concluded by the key messages of this year’s conference “cyberattacks, cybercrime, impunity for crime online, dis-/information, hate crime and hate speech and other cyberthreats contribute to current international crises such as wars, conflicts and insecurity; violations of international law; injustice and human rights violations; or authoritarianism and democratic back-sliding. Therefore, more cooperation, human rights and justice, accountability and effective criminal justice responses are needed.”

Keep reading similar articles
5 partners have officially joined LAC4

Throughout 2023, LAC4 has become increasingly notable for its proactive initiatives, leading to the official inclusion of five partners in its activities by the year’s end.

EU CyberNet in numbers

By the end of 2023 EU CyberNet has 359 members in the Expert Pool and 70 members in the Stakeholder Community.

By EU CyberNet team
EU CyberNet Missions 2023

In 2023, EU CyberNet took action around the world and delivered an incredible amount of missions throughout the year.

EU CyberNet Club events in 2023

EU CyberNet conducted twelve Club events for our community members in 2023, covering a wide range of topics – from NIS2 Directive to cybercrime takedowns. The Club events take place every month and provide opportunities for our experts and stakeholders to learn from and discuss with other members of the community.

By Silja-Madli Ossip, Policy Officer, EU CyberNet
Cyber capacity building projects mapping 2.0

The cyber capacity building (CCB) projects mapping tool 2.0 has been launched with more functionalities and possibilities, bringing you better filtering and download options, as well as separate project pages.

By Silja-Madli Ossip, Policy Officer, EU CyberNet
CyberWeek @LAC4 2023: Snapshot of Highlights

CyberWeek @LAC4 2023 concluded on 16 November 2023 in Santo Domingo, Dominican Republic on a high note! The event took place between 13 to 16 November 2023 gathering 85 participants from 34 countries, engaging them in 29 sessions with the help of 28 speakers and 5 sponsors!

By EU CyberNet team