Only 100 cybercrime brains worldwide says Europol boss Published duration 10 October 2014

image copyright Getty Images image caption Troels Oerting (right) believes that there are a limited number of skilled malware producers

There are only "around 100" cybercriminal kingpins behind global cybercrime, according to the head of Europol's Cybercrime Centre.

Speaking to the BBC's Tech Tent radio show, Troels Oerting said that law enforcers needed to target the "rather limited group of good programmers".

"We roughly know who they are. If we can take them out of the equation then the rest will fall down," he said.

Although, he added, fighting cybercrime remained an uphill battle.

"This is not a static number, it will increase unfortunately," he said.

"We can still cope but the criminals have more resources and they do not have obstacles. They are driven by greed and profit and they produce malware at a speed that we have difficulties catching up with."

The biggest issue facing cybercrime fighters at the moment was the fact that it was borderless, he told the BBC.

"Criminals no longer come to our countries, they commit their crimes from a distance and because of this I cannot use the normal tools to catch them.

"I have to work with countries I am not used to working with and that scares me a bit," he said

The majority of the cybercrime "kingpins" were located in the Russian-speaking world, he said.

Relationships with Russian law enforcers have not always been good but were "improving". He revealed that he had recently been on a trip to Moscow to discuss four big cybercrime cases and was hopeful that arrests and jail sentences would follow.

Mr Oerting described how Russian-speaking criminal gangs were creating and testing malware and then selling it as a service in online forums.

"Then it is downloaded by all kinds of criminals, from Eastern Europe, Europe, Africa and America," he said.

This commercialisation of cybercrime is making his job harder.

"It is so easy to be a cybercriminal. You don't have to be a cyber-expert because you just download the programs that you want to use."

Identity theft

image copyright Reuters

On the issue of what consumers should be worried about, he said: "What I think you should be afraid of is the stealing of your private, sensitive information - your inbox credentials, your Facebook account. If they know a bit about you they can reset your Google accounts, your Apple accounts. Then they simply take over your life," he said.

He also spoke about how the job of containing the cybercrime threat was getting harder as the internet acquired more users and widened its reach. The so-called internet of things - where previously dumb objects are connected to the network - "widens the attack surface a bit", he said.

And he revealed how the Edward Snowden revelations, which exposed mass government surveillance programmes, had played a part in hampering law enforcement's efforts to contain cybercrime.

"There is confusion among the good guys on the internet between anonymity and privacy. I don't think they are the same. I think that you have right to privacy but that doesn't mean that you have the right to anonymity," he said.

The increasing trend towards greater encryption of online communications is not acceptable, he said.

"Imagine in the physical world if you were not able to open the trunk of a car if you had a suspicion that there were weapons or drugs inside... we would never accept this.

"I think that should also count for the digital world. I hate to talk about backdoors but there has to be a possibility for law enforcement, if they are authorised, to look inside at what you are hiding in your online world."