U.S. DoJ News: Attorney General Loretta E. Lynch Addresses the European Cybercrime Center at Europol
Wednesday, September 16, 2015
Remarks as prepared for delivery
Thank you, Director [Rob] Wainwright, for that kind introduction – and for your outstanding leadership of Europol. I am deeply appreciative of all that you do to promote collaboration, to protect our nations’ citizens and to uphold the rule of law.
Ladies and gentlemen, thank you all for your warm welcome today. It’s a great honor to stand with each of you today as we come together to reinforce our vital partnership against cybercrime. I am especially excited to have this opportunity to visit such a bold, dynamic and innovative institution. In only three short years, the European Cybercrime Centre has already proved itself to be an indispensable leader in the global effort to fight cybercrime, to protect infrastructure and innovation and to safeguard innocent people from fraud, exploitation and intrusions on their privacy. You have demonstrated your dedication to close collaboration and careful coordination, drawing strength from partnerships with authorities around the world who are working toward common aims. And you have used your convening power and your combined wealth of experience and expertise, to seek new solutions to complex and pressing issues.
Combatting cybercrime and cyber threats is one of my highest priorities as the United States Attorney General. As the world becomes increasingly interconnected and as more of our lives move online, our global community is confronting a host of evolving challenges and emerging threats to our security, our welfare and our way of life. Cybercriminals are getting more sophisticated, more adaptable and more ambitious in their wrongdoing. They are targeting critical information and vital infrastructure. And the fact that their attacks occur in a world without walls or borders requires us to continually reimagine and reinvent our traditional law enforcement responses.
This Centre exemplifies that innovative approach and serves as a model for the kind of open communication, efficient information-sharing and nimble responsiveness that we know is highly effective for ensuring our cybersecurity going forward – and the history of unparalleled cooperation among the United States, partner nations and EC3 shows the virtues of confronting this problem hand in hand. Just this past July, our coordinated effort resulted in a takedown of the Darkode hacking forum – an online underground marketplace where hackers convened to arrange the purchase, sale and trade of malicious software, botnets and other tools designed to facilitate computer intrusions, as well as stolen personal information obtained through illegal hacking. Through the outstanding efforts of the Federal Bureau of Investigation in the United States and the hard work of a coalition of 20 nations’ law enforcement forces – led by EC3 and the U.S. Department of Justice – we were able to charge, arrest, or search 70 Darkode members and associates around the world.
We shared another victory through Operation Onymous in November 2014, during which we worked with more than 15 other countries under EC3’s auspices to bring down so-called “dark market” websites. Those sites relied on the anonymity of buyers and sellers to traffic narcotics, firearms, stolen credit card data, fake passports, computer-hacking tools and other illegal goods and services. Using court-authorized legal processes and Mutual Legal Assistance Treaty requests, our international coalition seized 400 online user addresses and multiple computer servers, disrupting the marketplace and sending an unmistakable message that law enforcement worldwide will not be deterred from action against harmful online activity, no matter how sprawling the crime nor how well-concealed.
We have also been able to make significant progress together on one of our most critical common objectives: combatting the sexual exploitation of children online. Through a sweeping multi-national effort under an investigation that began in 2012 – in which we pooled resources, ran parallel investigations and shared information in real time – the Justice Department and EC3 were able to take more than 200 child sexual exploitation websites offline, derail the activities of tens of thousands of online producers and traffickers of child pornography and prosecute offenders across the world. It was a criminal investigative effort of unprecedented complexity and technical sophistication and it is now a model of operational coordination for all cross-border investigations.
These cases and many others – from the Blackshades Remote Access Tool takedown to the shutdown of the infamous Gameover Zeus botnet – have demonstrated the growing sophistication of online criminal enterprises. They have helped us develop and refine our own abilities to investigate, infiltrate and disassemble malicious cyber networks. And they have reminded us that a global problem demands a global response; that a robust information-sharing infrastructure is critical to our success; and that strong personal relationships among international law enforcers – like those in evidence here today – are the fuel for the progress our nations need and our people deserve.
The Department of Justice I lead – and the entire Obama Administration – is deeply committed to doing our part. Our FBI and Secret Service are investigating cyber intrusions while staying vigilant against individuals, organized groups and state actors who might attempt to steal sensitive data or inflict harm. We’re laying the groundwork to respond swiftly to future cyber-attacks and intrusions and using our expertise to prevent them from happening in the first place. And we recently created a new Cyber security Unit within the Justice Department’s Criminal Division, staffed with experienced prosecutors steeped in the law, policy and practice of cybercrime prevention. One of the unit’s primary missions is to engage private industry leaders – because cyber security is also a shared responsibility between government and the private sector. That’s why I’ve been meeting with corporate executives across the United States to emphasize the need for law enforcement officials and members of the business community to keep one another informed of cybercrime, to collaborate on comprehensive strategies and to work together to ensure that everyone is safe from exploitation and abuse online.
Of course, these attacks don’t just exploit the vulnerable, strike at our financial well-being and flout the rule of law; they also may represent threats to the fundamental security interests of our nations – threats that are appearing in a variety of forms, including those that target critical infrastructure. We see cases of economic espionage and trade secret theft from private companies and violations of the export control laws committed through cyber-enabled means. And we are all too aware of terrorist groups that rely on the Internet and social media to push propaganda, lure new recruits and plot attacks both on- and off-line. To address the frequency, sophistication and seriousness of those threats, the United States government is pursuing an inclusive “whole-of-government” approach, modeled on our comprehensive response to terrorism threats in the wake of the September 11th attacks, which focused on facilitating interagency coordination and sharing information widely and rapidly.
We also continue to reach out to our partners beyond the United States. Just this fiscal year, the FBI’s Cyber Division established three new permanent Cyber Assistant Legal Attaché positions – in London, Ottawa and Canberra – as well as five new temporary positions. Those attachés are embedded in law enforcement and intelligence agencies in their host nations to help facilitate information-sharing, improve cooperation on investigations and build even stronger relationships with our allies. We will be adding four more cyber attachés in the next fiscal year and I expect the number will continue to grow into the future – along with the collaboration and partnership those positions will foster.
As part of our outreach to international partners, we’re also building our capacity to provide mutual legal assistance to other countries in cybercrime cases and cases involving electronic evidence. We’ve created a cyber-unit in our Office of International Affairs to focus exclusively on responding to and executing requests for electronic evidence from foreign authorities. To help process the increased volume of requests for electronic evidence – which has increased by 1000 percent over the past ten years – we are actively hiring 38 more attorneys and 26 additional professional staff for OIA’s Mutual Legal Assistance Treaty Modernization Project and we are hopeful that – with increased funding from our legislature – we will be able to develop even greater capacity in the coming months.
I am also very happy to announce today that – with the support of Europol and Eurojust – we will be temporarily assigning a prosecutor from our Department’s Criminal Division to sit in Eurojust and work with EC3. This assignment is a sign of the importance we attach to Eurojust, Europol and EC3 – and we look forward to assessing together whether this should be a permanent arrangement in the future.
Of course, while efficiency, information-sharing and effective law enforcement represent paramount objectives, we must also make certain that we are protecting the privacy and civil liberties of our people. I am pleased to note that, just a few days ago, the United States and the European Union initialed the “Umbrella” Data Privacy and Protection Agreement, which will enhance the ability of law enforcement and prosecutorial agencies on both sides of the Atlantic to combat crime and terrorism while protecting personal privacy.
These are all important accomplishments – and we still have more work to do. There can be no doubt that we face difficult challenges, complex issues and evolving threats. We will need to confront increasingly sophisticated criminals and find ways to respond to technological changes that complicate the ability of law enforcement officers to gather evidence when acting under lawful authority. But I also know, through the collaborations that have already taken place during this Centre’s short existence, that this extraordinary gathering – with our friends and partners around the world – is more than equal to these tasks. Our very presence here today is a testament to our commitment.
We are here because of what we can do, together, to safeguard our citizens, to protect our nations and to strengthen our global society against threats to its most fundamental values. We are here because we aspire to the same high ideals that have brought our nations together in years past. We are here, at this moment of challenge and change, to break new ground, forge new paths and build a brighter future for individuals around the world. And we are here, in the words of this beautiful city’s motto, to fight for “Vrede en Recht” – peace and justice. As we go forward, let us continue to hold fast to that determination. Let us redouble and reaffirm that commitment.
Thank you, once again, for your outstanding work, your invaluable partnership and your devotion to the mission we share. I look forward to all that we will continue to achieve together in the months and years to come.