Threats to the cybersecurity of the 5G network

Among today’s many technological advancements, 5G (fifth-generation wireless network) is among the ones that will have the most impact on citizens. It offers two significant improvements in data transmission: more volume and more speed. These enhancements to the current network could have a significant effect on both the public and private sectors.

The issue of cybersecurity is one of the challenges facing 5G deployment, and the European Union wants its institutions to be instrumental in dealing with the problem. In March 2019, the European Council and the European Commission presented a series of recommendations outlining the steps and measures to be taken, both at a national and European level, to achieve the necessary high levels of 5G cybersecurity throughout the European Union.

One of the European-level measures was the issue of the Threat Landscape Report to assist member states with their national risk assessments. In October 2019, this was complemented by the publication of the EU coordinated risk assessment of the cybersecurity of 5G networks report. The report was compiled from information provided by Member States and from ENISA (the European Union Agency for Cybersecurity). Its risk assessment outlines the principal threats and threat actors, the assets that could be at risk from those threats, vulnerabilities, risk scenarios, and a set of existing security measures that could be used as a baseline for mitigating those risks and threats.

With regard to principal threats, the scenarios which pose the greatest danger are:

  • Local or global 5G network disruption affecting the availability of the network;
  • Spying of traffic or data in the 5G network infrastructure with implications for confidentiality;
  • The modification or re-routing of traffic or data in the 5G network infrastructure, which could affect the integrity or confidentiality of communications; and
  • The destruction or alteration of other digital infrastructures or information systems through the 5G network, which could affect the integrity or availability of services.

These threats, which already exist for the current network, become more significant with 5G because it increases their potential intensity and impact.

Among the conclusions drawn in the document, four are highlighted:

  • The technological changes introduced by 5G will bring about enhanced functionality at the edge of the network, a less centralised architecture, and an increase in the use of software as part of the 5G equipment. These factors will increase the overall attack surface and the number of potential entry points for attackers.
  • The new technological features of 5G will lead mobile network operators to rely more on third-party suppliers, which, in turn, will increase the number of system attack paths.
  • Any dependency on a single supplier increases the exposure to and consequences of potential supply incidences.
  • 5G networks will play an important role in the supply chain of critical network applications. This will impact the confidentiality, privacy, integrity, and availability of those networks, becoming one of the major national-security concerns and most significant security challenges from an EU perspective.

It should be noted that the Catalan Government has made the deployment of 5G technology a priority for the country, and already has the infrastructure to run usage tests like the one undertaken by TV3 when broadcasting the National Day of Catalonia on the 11th of September 2019.


Aquest apunt en català / Esta entrada en español / Post en français

Constant arrivals of non-accompanied minors (MENA) in the European Union

An emerging reality over recent years throughout Europe is the arrival of foreign minors (MENA). These are foreign minors under the age of eighteen who are nationals of a non-EU state who arrive in European territory without a responsible adult or who abandon them once they are here.

According to UNICEF, the countries with most arrivals of these youths in 2017 were: Italy (15,779), Spain (2,426) and Greece (1,458), and it is estimated that the total number of arrivals in European Union countries was 20,000 non-accompanied foreign minors.

The reason for this increase cannot be explained by one factor alone, as there is a synergy of factors that come into play when a minor ventures into a foreign country in an irregular way. The situations that tend to occur may be: an armed conflict in the country of origin, the hope of a better life, to help their families, because of the poverty they are subjected to in their country of origin, because of the discrimination they suffer, because they are victims of people trafficking or several other reasons.

Because of this increase in destitute youths, the European Union developed the following directives and regulations:

  1. The directive regarding conditions of reception:it aims to guarantee better reception and more harmonised conditions all over the Union. It ensures that applicants have access to housing, food, clothes, healthcare, education and access to employment with certain conditions.
  2. The Directive regarding asylum conditions: it establishes common procedures for all EU member states to concede and withdraw international protection.
  3. The classification Directive: this establishes criteria to classify the status of the refugee, for subsidiary protection and defines the rights conceded to beneficiaries of these conditions. This directive allows member states to apply or maintain more favourable standards than those established in their provisions.
  4. The Asylum, Migration and Integration Fund (AMIF):  was constituted for the 2014-2020 period. It promotes the efficient management of migratory flows and the implementation, the reinforcement and development of a common Union focus on asylum and immigration.

The Dublin Regulation establishes that the member state is responsible for examining the asylum application. It guarantees quick access to asylum procedures and the in-depth examination of an application for a clearly determined particular state member.

Moreover, there still exists the action plan of the European Union regarding non-accompanied foreigners (2010-2014), an instrument of the European Commission that tries to establish the bases for action by establishing as a first priority the best interest of the minor.

The afore-mentioned regulations are neither homogeneous nor binding, meaning that they are neither specific nor obligatory to any state member of the European Union, as they involve recommendations that may or may not be complied with.


Aquest apunt en català / Esta entrada en español / Post en français

The threats posed by 3D impressions

Additive manufacturing (AM), otherwise known as 3D impression, is a kind of emerging technology with a security-related implication both locally and internationally.

According to RAND Corporations this type of invention would involve a threat in the near future in security issues, as in, for example, the proliferation of weapons and economic insecurity. These are some examples of how these impressions can threaten our security:

  • Hackers can infiltrate the databases of large intelligence networks to steal weapon blueprints with all the associated implications. They can also interfere with real blueprints to cause defects to the product. As a result, there would be cybernetic sabotage with consequences affecting the physical world. To combat this, a computerised algorithm is being developed to detect any deviation during the impression process of the end product.
  • This could result in new criminals and new threats. In the United States a new weapon has already been created, the so-called Rapid Additively Manufactured Ballistics Ordenanceo RAMBO, which fires grenades already made with a 3D impression. Analysts fear that terrorist groups could get hold of these types of technology and apply them to drones and explosives. With such resources, organisation and enough time attackers can get a 3D impresser, put it in a safe place and begin to manufacture all kinds of weapons. Moreover, it will be much more difficult to track down terrorist groups. However, according to RAND investigators, the weapons are not the only threat, as there is also the production and distribution of drugs, perceived as personalised chemical impressions.
  • There may be new game rules in international relations. This would be the case of economic sanctions and embargos, which would be less effective, meaning that, if a state can print whatever it wants, the objective of the sanction is somewhat useless.“ 3D impressions could indirectly support the existence of states like North Korea, which would not suffer sanctions imposed by the international community”- RAND investigators.

In any case, 3D impressions not only pose a threat, as their creation also has positive effects. For example, 3D impressions can cover real needs in ways unknown to us until now. There is the case of an earthquake in a town in Nepal, where the natural disaster destroyed a pipeline supplying the town with water. A 3D impression made it possible to reconstruct it and the extent of the disaster was reduced.

Sources of interest:


Aquest apunt en català / Esta entrada en español / Post en français


The security challenges facing the Internet of Things

Our world is now hyper connected. Current estimations are that there are about 10 thousand million devices with access to Internet and that, at the very least, the number of users will double by 2020. Apart from the numerous advantages and opportunities, an emerging capacity for connected devices to have an impact on the physical world has also been created, with a new series of vulnerabilities and possibilities to be exploited by criminals.

To address these vulnerabilities, addressing them effectively and understanding the great potential on offer, ENISA and Europol gathered together almost 300 experts from the private sector, from the security community and law application community and from the Community Security Incident Response Team(CSIRT) and from the academic world.

Conclusions from the meetings to be stressed are:

  • Security should not be an afterthought when designing systems, and the systems of Internet of Things–IoT– are no exception.
  • Implementing such security needn’t be complicated.
  • Police forces have to be prepared to go beyond responding in defence and incidence via the possibility of investigating and pursuing criminals that abuse the use of connected devices.
  • It is necessary to speak to digital forensic experts concerning IoT and the importance of the protection of data and privacy, bearing in mind their importance and the different categories of data gathered by the IoT.
  • The IoT has great potential and offers great opportunities to improve our way to interact with each other.
  • In 2019 and beyond, it is necessary to promote holistic, pragmatic, practical and economically viable security solutions, and it is necessary to bear in mind the whole ecosystem of IoT.

The IoT has many advantages at a policing level as a new tool to fight against crime. The police are already using connected devices like intelligent cameras for big events and to combat theft, fire alarm sensors to monitor when and with what frequency they are used, etc. It is important that the application of the law also invests in the security of devices connected to the IoT, to protect the privacy of the citizens they are working for.

Crime scenes are changing because of IoT: the data of doors, cameras, thermostats, fridges, etc. can provide vital and crucial evidence. The forensic techniques and training necessary will have to be used to protect this data. The big data gathered by IoT devices, for example, for facial recognition of camera images after an important incident will become an integral part of a crime investigation, but this also requires the necessary means to protect the privacy of the public.


Aquest apunt en català / Esta entrada en español / Post en français


Golden visa: a money laundering tool?

The prerequisites to gain a country’s nationality or a residence permit are not the same everywhere. Within Europe, examples range from Austria to Ireland. The first, one of the most restrictive in terms of granting nationality, where even being born there is no guarantee, unless one of the progenitors is Austrian. To gain nationality of the second country, however, simply having lived in the country for five years or if one of your progenitors is Irish (even if you were born elsewhere) is enough.

With money, however, these prerequisites are waived. Since the beginning of the second decade of 2000, most European countries have established a new way of acquiring nationality: via high-level investment such as buying luxury property, investing in a national development fund, government bonds or buying shares in a national company. This phenomenon is known as a Golden Visa programme.

goldenvisaCurrently, in Europe there are 4 countries that permit the acquisition of a passport with golden visas: Austria, Bulgaria, Cyprus and Malta, and 13 where a residence permit can be acquired with the same method: Bulgaria, Cyprus, France, Greece, Latvia, Ireland, Luxemburg, Malta, the Netherlands, Spain, the United Kingdom and, until last July, Hungary. The volume of investment required is determined by each country and ranges from 250,000 Euros in Greece to the 10 million Euros required in some cases in Austria. In Spain, the amount required is a minimum of 500,000 Euros in the case of purchasing property and 2 million if government bonds are acquired.

On 10 October 2018, Transparency International published the study European Getaway: Inside the Murky World of Golden Visas, where the European Union warns of the risks in terms of corruption due to Golden Visas and how they can become a threat to the Union’s integrity, as not all countries thoroughly monitor the source of the money involved. The study reveals that foreign investors, especially from Russia, China and Ukraine, are using Golden Visas as a tool to launder money in Europe.

Regarding European host countries, the ones granting most visas are Spain, Hungary, Latvia, Portugal and the United Kingdom, with over 10,000 applications accepted by each. These countries, however, have not published the names of new residents. The only countries that make them public, of all the 13 that offer a visa or passport, are Malta and Austria.

The publication reveals that there a range of factors that question the suitability of using this method as a way to attract foreign investment in exchange for a visa or passport:

  • First of all, the fact that one particular state is benefiting economically from a European asset, not a national one, as is agreed by what are known as the four freedoms: free circulation of goods, services, people and capital within the European Union countries.
  • In 2017, The Guardian revealed cases of corruption scandals involving Russian multimillionaires who had acquired a Cypriot passport and, therefore, European citizenship thanks to the Golden Visa programme.
  • Europe acts as an escape valve if those possessing a visa have legal problems in their country of origin.

Transparency International denounces the lack of operational integrity on the part of governments when following processes prior to granting visas and the lack of a common regulation in all Union countries, as the product on offer is common and has an impact on all countries.

Therefore, the study concludes with a series of recommendations for the Union to take action and for countries that offer visas and passports using this method. Among others, it recommends establishing common processes and strengthening mechanisms to determine the origin of the money invested, and fight against fraud and the laundering of capital, and how to adopt infringement procedures against state members that offer Golden Visas without respecting the common principles and objectives of the Union.


Aquest apunt en català / Esta entrada en español / Post en français

Video surveillance in Newark (EEUU): the arrival of Big Brother?

The Citizen Virtual Patrol is a programme that aims to involve the general public in surveillance work. The wish of the authorities is for the general public to report crimes they see and collaborate with police investigations.

The programme began in April 2018 with the installation of 62 video surveillance cameras that anyone can see in real time as long as they subscribe via social networks.

The areas monitored by cameras are places where there is a lot of people movement and all these areas have access to the Citizen Virtual Patrol warning. In June over 1,600 people had already subscribed to the website to be able to see the city of Newark’s cameras online.

Relations between the police force and the public in the city of Newark are not devoid of conflict and the police hope that this project can help to improve police-citizen relations.   Police abuse in Newark is not reported according to an investigation initiated in 2011 by the federal authorities. Also, there are more identifications, arrests and searches involving minorities as opposed to whites and, in many cases, without any justification whatsoever.

About 100 additional cameras are expected to complement the initial 62. In addition, the creation of an APP is expected so that videos can be seen via Smart phones. Indeed, police chiefs are already discussing requests for cameras from community members in areas that still do not have video surveillance.

The project has not been slow in sparking controversy and there are human-rights defending people and organisations that openly criticise “big brother” where members of the community are required to keep an eye on each other. This surveillance could, according to critics, help actual offenders and thieves as they will know where people are when they want to offend or steal.



Aquest apunt en català / Esta entrada en español / Post en français

Fake news, a new challenge

At present Internet gives us access to an immense world of information that we are constantly exposed to. Information is incessantly appearing on digital platforms, notably including social networks and instant messaging. With such constant traffic of information, many users spread fake news [1].

False news aims to air either false or partially false information. This can be produced on the basis of false content with no relation to a real incident, based on distorted real content to change the meaning, or with information taken from satirical websites or based on the construction of false news that goes on to be spread as real.

Reported cases

Just before the presidential elections in the United States 2016, a fake news item was put out to undermine the image of the democrat candidate according to which, supposedly, Wikileaks confirmed that Hillary Clinton was responsible for the sale of weapons to the terrorist group Islamic State. This fact, which took place one month before the elections were held, amounted to a serious blow for the democrat party and influenced the country’s public opinion.

In Spain, false news like the news about the return of obligatory military service caused uproar among network users, who took a stand against this measure. The news, later denied via ‘Maldito Bulo’ [2], for example, kept the general public feeling unsure, an insecurity that quickly spread across information platforms.

Similarly, there is a significant presence of fake news involving gender issues. The Catalan Audiovisual Council issued the report13/2018 in March, which presented a study of fake news spread on the network about gender issues and analysed a range of news items. Some of these were: ‘Iceland’s government will pay men who marry an Icelandic woman’, ‘Oxford University will give women more time to do their examinations’ or ‘Saudi scientists conform that woman is a mammal but not human’. The report concludes that false news items construct arguments that generate the idea that women are inferior, rhetoric contrary to gender policies and elements that undermine movements for gender equality.

Possible pretensions of fake news

Fake news, which takes prominence in different contexts like politics or economics, among others, insist on the modus vivendi, the population’s opinions and decisions, and, as they have a high level of virality, contents are spread and consumed instantly, anywhere, via a connection to Internet. If they can affect election results, counter certain policies or create uncertainty among the population, how can fake news have an impact on security? Would it be convenient to access the state legislative agenda or would it be better to create a manual of global good practices to educate citizens about the consumption of truthful and verified information? These are the new settings brought about by the new Internet era, globalisation and emerging technologies, which are evolving faster and faster both in terms of quantity and quality.

[1] Fake news: Completely or partly false information presented as news by different types of platforms.

[2] MalditoBulo: part of a journalist project aimed at giving readers tools to enable them to distinguish fake news.


Aquest apunt en català / Esta entrada en español / Post en français

Cyber threats and cybercrime: Emerging trends

Ransomware attacks are at the forefront of the landscape of current threats followed by a massive increase in phishing, malicious bots and exploits

ENISA is a specialised knowledge agency for cybernetic security in Europe that came to being in 2004 with the aim of advising the private sector and member countries on prevention, detection and responding to information security problems by raising awareness about networks.

At the beginning of the year, ENISA published the report on the state of cybernetic threats 2017, its sixth publication in this field. This comes with new changes like the creation of the ETL website; the first event in the field of cybernetic threat intelligence; and the development of the first version of the ‘CTI maturity model’ to identify deficiencies in the current tools for sharing information about threats which still prevail in 2018.

The report states that the current trends are characterised by the complexity and sophistication of cybernetic attacks, the greater anonymity of the attackers, the transformation of malicious infrastructures with multi-purpose functions, the monetising of cybernetic crime as the main factors underlying threatening agents, and the dynamic entrance of cybernetic war in cyberspace.

Ransomware attacks have been at the centre of current threats. This last year roughly 4 million samples of ransomware were detected every day. Moreover, surfers known as Firefox and Chrome are reinforcing their security due to the appearance of 22 million new examples of malware in the first term if 2017. Mac, Linux and Windows are also the objective of ransomware. The latter experienced an increase of 20% in 2017 reaching levels such as 75% of attacks of this nature in July. Most financial malware continues to depend on website-based attacks as they try to detect surfers’ weaknesses.

The ‘WanaCry’ outbreak that took place on 12 may 2017 is an example of how ransomware and denial-of-service attacks (DoS) can be combined. There has been an increase in extortion attempts with DoS attacks where the price of the ransom ranging between entre 5 and 200 bitcoins. Furthermore, they have increased even more since the increase in the value of this virtual currency in June 2017. The sector under most attack has been the gambling sector with 80% of attacks. In the first term of 2017, there was a rise of 69.2% in the use of malicious software and some tools took advantage of phishing in electronic mails to transform devices into bots.

Phishing has increased in volume and sophistication. It is widely used as a first step of a cybernetic attack and uses social engineering to obtain confidential information by using fraudulent means.  According to recent research “an average of 1.385 million phishing websites are created every month”. The Spear-phishing modality is of particular note, via electronic mail against specific persons or companies to obtain money or cybernetic espionage, used in 40%.

Exploit kits are able to identify the surfer’s exploited vulnerabilities or on the website application and exploit them automatically. They have the habit or orientating surfing complements like Java and Adobe Flash. At present, it is the only threat mentioned in the 2017 report that has had a decrease in attacks.

The report concludes that because of new attack practices, new technology will have to develop new controls and key performance indicators (KPI) to minimise the risk to organisms where cybernetic threat intelligence is concerned. Similarly, it points out the importance of the development of technical and legal policies related to this changing phenomenon of cybernetic threats and crime.


Aquest apunt en català / Esta entrada en español / Post en français

Internet of Things: when electrical appliances become the object of cyber attacks

With a minimum on 20 thousand million devices predicted to be connected to Internet by 2020, Internet of Things is here to stay. Although it has many undeniably positive effects, the related risks and threats are multiple and are evolving very quickly.

For this reason, ENISA (European Union Agency for Network and Information Security) and Europol have joined forces to address these security challenges along with members of the private sector, police and security sector, the Community Emergency Response Team (CSIRT), the general public and academia.

Internet of Things is a broad and diverse ecosystem in which devices and interconnected services gather, exchange and process data to dynamically adapt to a context. This means that our cameras, televisions, washers and heating systems are “intelligent” and create new opportunities for our way of working, interacting and communicating, and as devices react and adapt to us.

It is important to understand the need to secure these connected devices and develop and implement appropriate security measures to protect the Internet of Things from cybernetic threats. Apart from technical measures, the adoption of Internet of Things has created many legal and legislative challenges, which are new and have far-reaching and complex effects. To address such challenges, cooperation between different sectors and between different actors is essential.

The work of Europol, along with the determination of all pertinent international actors to ensure the numerous benefits of the Internet of Things can be fully appreciated, together address the security challenges and the fight against the illegal use of these devices, making cyberspace a safer place for all:

  • The need for more cooperation and the participation of multiple interest groups to deal with inoperability, as well as security problems, especially with the emerging development of the 4.0 industry, autonomous vehicles and the arrival of 5G.
  • How to ensure that the final device can become technically difficult and expensive to acquire, the focus must therefore be to secure the architecture and the underlying infrastructure, creating trust and security in different networks and domains.
  • There is the need to create stronger incentives to address security problems related to the Internet of Things. This means achieving an optimal balance between opportunity and risk in a market in which scalability and time to market prevail, placing security as a differentiating commercial advantage.
  • To efficiently and effectively investigate the criminal abuse of the Internet of Things, deterrence is another dimension which requires close cooperation between the application of the law, the CSIRT community, the security community and judicial authority.
  • This creates an urgent need for the application of the law to develop the necessary technical skills and experience to successfully combat the fight against cybercrime related to the Internet of Things.
  • These efforts must be complimented by increasing awareness of end-users of the security risks of devices.
  • Taking advantage of initiatives and existing frameworks, a multidisciplinary focus is required to combine and complement actions at a legislative, regulating and political level, and the technical level to secure the ecosystem of the Internet of Things.


Aquest apunt en català / Esta entrada en español / Post en français




2017, the year when cybercrime accelerated

From the end of 2016 and much of 2017, a series of worldwide cybernetic crimes took places which were unprecedented because of their impact and extension. They are the cause of much public concern even though they only represent a small sample of the wide range of cybernetic threat which presently exists.

Internet Organised Crime Threat Assessment (IOCTA) of Europol, identifies the main cybercriminal threats and provides key recommendations to address such challenges.

Assessment of the threat of organised crime via Internet in 2017 presents an in-depth study of key events, changes and emerging threats related to cybercrime last year. It is based on the contributions of member states of the EU, of Europol expert personnel and members from private industry, the financial and academic sectors. The report emphasises the most important events in different areas of cybercrime:

  • Ransomware(malicious software programming)has overshadowed most other cyber-threats with global campaigns which indiscriminately affect victims in multiple industrial and private sectors.
  • The first serious botnet attacks (malicious programmes) took place using internetworking of infected physical devices (IoT).
  • Filtering of data continues to lead to the spreading of large amounts of information, with over 2,000 million recorded relating to citizens of the EU which came to light during the twelve-month period.
  • The dark web continues to be a key transversal facilitator for different fields of crime. It provides access, among other things, to drugs and other psychoactive substances; the provision of firearms which have been used in terrorist attacks; payment details to be able to commit different types of fraud; and fake documents to facilitate fraud, people trafficking and illegal immigration.
  • Criminals continue to use the dark web and other related platforms to share and distribute material involving sexual abuse of children and participate with potential victims, often trying to coerce or sexually extort vulnerable minors.
  • Payment fraud affects almost all industries, which has a major impact on the retail, aeronautic and accommodation sectors.
  • Direct attacks on banking networks to manipulate credit card balances, take control of cash dispensers or directly transfer funds, known as commitments of the payment process, constitute one of the greatest emerging threats in this area.

In spite of the growing threats and challenges, there were some important successful operations last year, like the dismantling of two of the big markets of Darknet, AlphaBay and Hansa, the neutralising of the Avalanche network and Airlineactiondays.

The IOCTA wishes to formulate recommendations for the application of the law and plan in consequence by responding effectively and consensually to cybernetic crime.

  • The application of the law must continue to focus on actors who develop and provide the tools and cybercriminal attack services responsible for ransomware, banking trojans and other malicious programmes and suppliers of DDOS attack tools, antiretroviral services and botnets.
  • The international community must continue to foment trusting relationships with public and private members, CERT communities, etc, so that it is prepared to provide a rapid and coordinated response if there is a global cybernetic attack.
  • The member states of the EU should continue to give support to and deepen its commitment to Europol in the development of pan European campaigns of prevention and awareness-raising.
  • While investigating online child sex abuse, the member states of the EU must guarantee sufficient resources for the fight against crime.
  • The growing threat posed by cybernetic crime requires a legislative commitment which allows for the presence and application of the law to an online environment. The lack of such legislation is leading to a loss of investigative leadership.

All the details are available on 2017 Internet OrganisedCrimeThreatAssessment (IOCTA): IOCTA 2017 website  | IOCTA 2017 PDF version

The IOCTA was presented during the annual session of the CibercrimEuropol-INTERPOL conference, held in The Hague on 27-29 September 2017.

You can consult entries on the previous IOCTA blog at:

IOCTA 2015

IOCTA 2016


Aquest apunt en català / Esta entrada en español / Post en français