Accessibility

Inputs from the Octopus Conference 2023

EU CyberNet participated in the Octopus Conference 2023 in Bucharest, Romania, along 500 other cybercrime experts from about 100 countries. A special session focused on ten years of capacity building by the Cybercrime Programme Office of the Council of Europe (C-PROC) which was addressed by Bjørn Berge (Deputy Secretary General of the Council of Europe) and Traian Hristea (State Secretary, Ministry of Foreign Affairs, Romania).

  • By Cecilia Popa, Experts Lead, EU CyberNet

The Octopus Conference, held on 13 to 15 December, 2023, in Bucharest, Romania, brought together over 500 experts and professionals from around the world to delve into critical issues in the realm of cyber space.

Among the various workshops, Workshop 3 focused on the “Automatic Detection of Child Sexual Exploitation and Abuse Materials,” shedding light on the challenges posed by the growing phenomenon of online sexual exploitation and amuse  (OCSEA).

The workshop emphasised the Lanzarote Convention, outlining its objectives and limitations. Interpol’s staggering statistics revealed the immense volume of Child Sexual Abuse Material (CSAM) circulating on various platforms, with 25 million CSAM images being uploaded on YouTube daily and additional content found on various other platforms, and highlighted the challenges posed by encryption and privacy concerns, such as Apple’s plan to scan iCloud and Apple devices for CSAM.

The discussions also emphasised the necessity for international hash sharing and stressed the importance of working collaboratively with both the private sector as well as the general public. Notable initiatives, such as ECPAT Sweden’s Project Arachnid and Child Rescue Coalition’s provision of free software to law enforcement, were showcased. As an example, a national study concluded by ECPAT Sweden revealed that 1 in 5 girls and 1 in 8 boys have experienced the sharing of their nude images online.

Another significant workshop, Workshop 6, delved into the threats and benefits of Generative AI in criminal justice. Participants discussed the OECD’s technological neutral definition of AI and the upcoming Convention on AI, incorporating procedural rights and safeguards. EUROPOL presented a practical toolkit – Accountability Principles for AI (APAI) – set to be available early next year, aimed at ensuring accountability in AI applications. INTERPOL introduced their AI toolkit encompassing seven resources such as guidance documents and practical tools. The intention is to assist law enforcement agencies (LEA) in choosing AI systems effectively for combating cybercrime.

The workshop explored the challenges and legal implications surrounding AI, including the accountability of ChatBots and self-driving vehicles. Questions arose about “legal personhood” for AI and new defense rights against “robot testimony.” The session underscored the need for ethical considerations, limitations, and a comprehensive understanding of the scope of Generative AI within the justice sector.

The third workshop addressed here, Workshop 14, focused on the interplay between cybersecurity and cybercrime. Microsoft data revealed a 23% rise in cyber-related cases, including 4,000 password attacks blocked per second, 156,000 Business Email Compromise (BEC) attempts daily and 1,700 DDoS (distributed denial of service) attacks per day mitigated. There has also been a rise in activities involving nation-state and state-affiliated threat actors, with Microsoft tracking 160 threats attributed to nation-state actors in the past year alone.

Cooperation emerged as a central theme between cybersecurity professionals and law enforcement, spanning inter-agency, private/public, at the national as well as international levels. As per the ENISA report “Cooperation between CSIRTs and LE, CSIRTs interact much more with law enforcement than with the prosecutors and very rarely with the judiciary. CSIRTs also provide support during investigations. However, there is still space for improvement on how CSIRTs should report/inform law enforcement/prosecutors as well as increase the usage of CSIRTs information in criminal investigations and proceedings. Since cybercrime has become a matter of national security, we need to talk about activities that not only react to a crime, but also include prevention and active defence interventions.

Successful partnerships and best practices, such as the collaboration between EU CyberNet, through the LAC4 Center, and Glacy+, as well as the successful inter-regional cyber exercises between CSIRTs and LEA implemented by CyberEast, iPROCEEDS-2 projects were highlighted as exemplars in enhancing Cyber Capacity Building in both cybersecurity and cybercrime.

This workshop also stressed the need for a clear criminal justice regulatory framework for expedited international cooperation and efficient handling of electronic evidence across borders. The 2nd Additional Protocol to the Budapest Convention on Cybercrime and Electronic Evidence was given as a tool for enhanced co-operation and disclosure of electronic evidence.

As concluded by the key messages of this year’s conference “cyberattacks, cybercrime, impunity for crime online, dis-/information, hate crime and hate speech and other cyberthreats contribute to current international crises such as wars, conflicts and insecurity; violations of international law; injustice and human rights violations; or authoritarianism and democratic back-sliding. Therefore, more cooperation, human rights and justice, accountability and effective criminal justice responses are needed.”



Keep reading similar articles
500th member joined EU CyberNet Expert Pool

EU CyberNet is more than proud to announce that the 500th member joined EUCyberNet Expert Pool!

Holiday Greetings

EU CyberNet wishes happy holidays’ season and is looking forward to 2025 with excitement!

EU CyberNet’s 2024 Wrapped!

EU CyberNet’s 2024 is wrapped: a year of building bridges and navigating the path to stronger cyber capacity across the world. The EU CyberNet team wishes happy holidays’ season and is looking forward to 2025 with excitement!

EU CyberNet’s Expert Pool – Strengthening Cyber Capacity Across the Globe

EU CyberNet’s Expert Pool, a global community build on excellence of cyber professionals committed to building a safer, more resilient cyberspace, has grown to almost 500 experts from 67 countries who have contributed to over 200 actions in 93 countries since its launch in 2019.

Building Cybersecurity Resilience: TTX Coaching and Training in Brazil

On a mission to bolster cybersecurity preparedness, EU CyberNet and LAC4, with experts Julia Schuetze and Andrés Velázquez, executed a full-day tabletop exercise (TTX) training for CTIR Gov in Brazil to equip Brazil’s national cybersecurity response teams with the tools to design and facilitate their own sector-specific exercises. Julia Schuetze and Andrés Velázquez reflect on their experience.

EU CyberNet Identfiying Cybersecurity Challenges and Opportunities in East Africa

EU CyberNet presented the key findings and recommendations of an assessment report on cybersecurity during a co-design workshop for Team Europe initiative Safe Digital Boost for Africa (SDBA) with East African Community.