
2PS: Prevention = Proactive Approaches to Child Protection
Prevention—doesn’t it just make sense?
Working in the security domain is incredibly diverse. It brings together experts from different fields—law enforcement, …
Reading Time: mins
Cybercrime, in its various forms, represents an increasing threat to the EU, including online child sexual exploitation. Offenders continue showing high levels of adaptability to new technologies and societal developments, while constantly enhancing cooperation and specialisation. Cybercrimes have a broad reach and inflict severe harm on individuals, public and private organisations, and the EU’s economy and security.
PPHS created this article by extracting pertinent information relevant to the online child sexual abuse and exploitation from the Europol’s Internet Organised Crime Threat Assessment (IOCTA). PPHS would like to congratulate the work of all those who have contributed to the IOCTA, and we will continue to support future actions through the ongoing initiatives.
PPHS supports the whole-system response needed to counter and prevent CSAE; we are already deeply engaged in projects such as Prevent & Protect Through Support and the ARICA. The CYCLOPES cybercrime practitioners’ network, which PPHS coordinates, will also focus on the connected topics from the start of 2024.
In the article below, you will learn about the IOCTA report, which focuses on the fight against cybercrime. We then move on to explaining what online child abuse and sexual exploitation is, describing the main methods and technologies used by perpetrators. We also focus on the issue of re-victimization, both offline and online, suffered by victims of child sexual abuse. To summarise the article, we provide a list of key findings. This list helps us understand the challenges that law enforcement and we as a society face in fighting this type of crime.
The Internet Organised Crime Threat Assessment (IOCTA) is a strategic analysis report that provides an assessment of the latest online threats and the impact of cybercrime within the EU. The report provides a law enforcement centric view of the threats and developments related to cybercrime, in order to inform decision-makers at strategic, policy and tactical levels in the fight against cybercrime, with a view to updating the operational focus for EU law enforcement authorities.
The IOCTA is chiefly informed by operational information shared with Europol by EU Member States and third partners, combined with expert insights and open-source intelligence. The following analysis is based on a set of indicators established by Europol, focusing on developments related to criminal actors and networks, criminal processes, infrastructure used, financial transactions, and the impact on society. This ninth edition of the IOCTA appears in an updated format. The current summary presents the main overarching findings concerning the different typologies of cybercrime, namely cyber-attacks, online fraud schemes, and online child sexual exploitation (OCSE). It is accompanied by a series of spotlight articles covering each of these crime areas in-depth.
You can find the full report on the Europol website. Below, we focus solely on OCSE.
In recent years, the threat of online child sexual exploitation has been further increasing in terms of quantity and severity. Offenders of all crime areas continue to take advantage of legal and criminal privacy services to mask their actions and identities as their knowledge of countermeasures increases.
The central commodity of this illicit economy is stolen data. Child sexual exploitation offenders groom victims in order to obtain sensitive information that can be then exploited for extortion purposes. Data theft is a core threat as stolen data can be used in a wide array of criminal activities, including commodification, access to systems, espionage, extortion and social engineering.
Cybercrime is often interlinked, presenting a concatenated set of criminal actions that often results in the same victim being targeted multiple times. This is particularly apparent in child sexual exploitation offences, malware attacks and online fraud schemes. For instance, investment frauds are in some cases linked to other types of frauds, such as romance scams (i.e. pig butchering) and therefore re-victimising the target. Following the theft of the investments and the realisation of the fraud, criminals often contact their victims posing as lawyers or law enforcement agents offering help to retrieve their funds, in exchange for a fee.
Victims of child sexual exploitation suffer re-victimisation both offline and online. Hands-on abusers often perpetrate their offences for a significant amount of time and, in several cases, encourage other offenders to abuse the victim as well. The depiction of sexual abuses on children results in their repeated victimisation. The child sexual abuse material (CSAM) produced by offenders is in fact shared at many levels, from closed communities of trusted perpetrators to large communities on online forums. The receivers of this imagery in most cases share it further, resulting in the same CSAM being encountered by investigators over many years and the same victim being impacted.
Ransomware groups make use of forums on the clear and dark web to recruit new affiliates, pentesters, company insiders. Ransomware leak sites have also been identified as places where affiliates are being recruited. Similarly, child sexual exploitation offenders make extensive use of these types of forums to digitally meet like-minded individuals, enhance their criminal knowledge, exchange and consume CSAM.
Dark web forums are also an important source for gathering information on operational security (OpSec). Users give recommendations on how to avoid detection and identification in dedicated forum discussions. Guidelines and tutorials on topics such as fraud methods, child sexual exploitation, money laundering, phishing and malware are widely distributed. Furthermore, manuals and FAQs are available on how to operate on a dark web marketplace and to conduct illicit trades.
Europol’s mission is to support EU Member States and cooperation partners in preventing and combating all forms of serious international and organised crime, cybercrime and terrorism. In 2013, Europol set up the European Cybercrime Centre (EC3) to strengthen the law enforcement response to cybercrime in the EU and thus to help protect European citizens, businesses and governments from online crime. EC3 offers operational, strategic, analytical and forensic support to Member States’ investigations. At the level of operations, EC3 focuses on cyber-dependent crime, child sexual exploitation, illicit trade on the dark web and alternative platforms as well as online fraud schemes including payment fraud.
We remain committed to adding value in this domain and are keen to continue cooperation with experts across Europe. If you want to engage the PPHS team about these issues, please reach out.
Source
Europol (2023), Internet Organised Crime Threat Assessment (IOCTA) 2023, Publications Office of the European Union, Luxembourg.
Prevention—doesn’t it just make sense?
Working in the security domain is incredibly diverse. It brings together experts from different fields—law enforcement, …
As online threats continue to evolve, law enforcement agencies (LEAs) are under growing pressure to tackle the urgent challenge of child sexual abuse. Developed…
Child sexual abuse and exploitation crimes are among the most devastating in society, leaving deep and lasting impacts on survivors. To combat these heinous act…
Dołączyłem do Platformy w listopadzie 2017 roku. Przez długi czas byłem odpowiedzialny za realizację krajowych i europejskich projektów związanych z bezpieczeństwem. W związku z dynamicznym rozwojem PPBW oraz powstaniem Działu Komunikacji, zająłem się promocją i upowszechnianiem rezultatów naszych działań.
Obecnie koordynuję komunikację projektów finansowanych przez UE z obszaru bezpieczeństwa. Do moich obowiązków należy również zarządzanie kanałami online PPBW oraz wspieranie zespołu w bieżących pracach.
Posiadam szeroki zakres umiejętności, który pozwala mi realizować różnorodne zadania, takie jak tworzenie treści (teksty, zdjęcia, wideo), planowanie strategii komunikacyjnych i procesów, budowanie społeczności i relacji, a także administrowanie platformami online.
I’ve been working at PPHS since November 2017. For a long time, I was responsible for implementing both international and national security projects. As PPHS developed and the Communication Department was established, I was promoted to a role focused entirely on communication.
I currently serve as the Communication & Dissemination Manager for EU-funded security projects. My responsibilities also include managing the online channels run by PPHS and supporting the team with ongoing tasks.
I have a broad set of skills, enabling me to handle a variety of tasks such as content creation (texts, photos, videos), communication and process planning, community and relationship building, as well as managing online platforms.