B-CCENTRE

Archive for the ‘General’ Category

CERT.be, the federal cyber emergency team, launched the website Safeonweb.be. This new website aims to inform and advise Belgian citizens in a fast and correct manner on cybersecurity, large current cyberthreats and online safety.

A recent CERT.be survey with 2.000 Belgian Internet users between 16 and 70 years old, showed that about half of the Internet users, are seriously concerned about online safety. 70% of respondents also asked for a more active role of the government in providing information about (new) Internet risks. In addition, 50% of respondents indicated the need for a central website with clear objective information about cyberthreats.

The launch of Safeonweb.be is the answer on the request for independent and accurate information about online safety. The website will be the reference for anyone with (non-)urgent questions about on the subject. “Safeonweb.be is the place where we will gather all the information about online security,” says Christian Van Heurck, coordinator of CERT.be. “We can quickly inform Belgian citizens about the biggest current threats. We also want to offer background information, advise and give tips on actions they can take themselves.” “For many computer users, it is not always clear what the impact is of certain threats,” said Van Heurck. “With this website we want to help protecting themselves better against cyber threats.”

Safeonweb.be is managed by CERT.be, which is operated by Belnet, the Belgian research network funded by fedict. The platform will also be supported through Facebook and Twitter.

B-CCENTRE and 27 partners from 14 European countries have joined forces to fight one of the most imminent threats in the Internet, the botnets. One out of five computers connected to the Internet is currently part of a botnet, according to expert estimates. Botnets are made up of computers infected and abused by cyber criminals. They can be used to spread malware and distribute spam emails, among other things.

The new coalition against botnets is supported by the European Union in the ACDC project, which started its activities in February. The new project’s heart is the Advanced Cyber Defence Centre, ACDC, scheduled to become a full-service programme for additional cyber security ranging from prevention to detecting malware. The partners include public infrastructure providers, software vendors, scientific and academic institutions, criminal prosecutors and authorities, as well as banks and certification providers.
 The pilot project has an overall budget of 16 million Euros and is initially scheduled for 30 months.

ACDC is a key initiative supported by the new European Cyber Security Strategy  launched on 7 February 2013. Within the project, B-CCENTRE will, amongst other things, cater for the legal aspects, safeguarding activities of the Advanced Cyber Defence Centre to be in line with the European legal framework and its implementation at national level. Based on the project’s experience and achievements, policy recommendations will be formulated to ensure that legislation at EU level keeps pace with technological evolutions, allowing to fight botnets in an efficient manner.

A fact sheet about the project is available here.

The Prime Minister has presented the Council of Ministers of 21 December 2012 with a memorandum regarding the introduction of a national cyberstrategy (see the press announcement here). The document, prepared by BELNIS (the national consultation forum on information security), identifies 3 strategic objectives which are to be realised through different initiatives in eight identified action domains. These 3 strategic objectives are 1) a safe and reliable cyberspace, 2) an optimal security and protection for critical infrastructures and governmental information systems, and 3) the development of national cyber security capabilities. The B-CCENTRE welcomes of course this strategy, which once again allows us to check off one of our ten action points identified at our Conference on National Information Sharing last year.

This Belgian strategic initiative should be framed against a larger European initiative for the improvement of network and information security. Indeed, the European Commission recently announced its cybersecurity strategy as well as a proposal for a Directive on Network and Information Security (NIS). Particularly this last instrument will – among other things – require Member States to draft and implement a national cybersecurity strategy and a national cooperation plan.

The full text of the Belgian cyberstrategy can be found on our website in Dutch and in French.

The B-CCENTRE organised another two-day training in IPv6 on 21 and 22 February 2013, a co-operation between DistriNet – KU Leuven, the Federal Computer Crime Unit (FCCU) of the Belgian Federal police and Cisco Systems. 18 experts from Belgian Law Enforcement, as well as one expert from the Spanish Guardia Civil, the Irish 2CENTRE and the recently established European Cybercrime Centre at  Europol (EC3) participated in this IPv6 Principles & Forensics training at the Campus of the Department of Computer Science, DistriNet@KU Leuven.

After an introduction of the B-CCENTRE and its training, research and educational initiatives, the course set off with a etrospective of the IPv4 stack. On the first day a detailed explanation was provided of IPv6 Features, Addressing, Extension Headers, ICMPv6, Auto configuration, DHCPv6, and a short introduction in Migration mechanisms. The afternoon was dedicated to a Hands-on computer lab session where gained knowledge could be implemented.

The second day, a more thorough insight was given into the different migration schemes from IPv4 to IPv6, which was followed by an overview of the security risks in IPv6. The last theoretical session of the day was given by an expert of Cisco Systems who explained different forensic issues using double NAT, and IPv6. In the afternoon the FCCU hosted the hands-on computer lab session during which forensic research on logfiles with IPv6 was explained and tested.

This two day training session was closed with a feedback moment and the handing out of a Certificate of attendance from the B-CCENTRE for every participant. The B-CCENTRE wants to thank the trainers for sharing their knowledge and insights in the IPv6 matter, and the participants for their active collaboration, which made this joint academic, public and private training a success.

Some quotes from the training:

Note the deadline for registration:

• 1 March 2013: International / non-EEA students
• 1 June 2013: EEA students
• September: Belgian students

This programme, which builds on the expertise of both the Centre for Intellectual Property
Rights (CIR) and the Interdisciplinary Centre for Law & ICT (ICRI) of KU Leuven, provides
an in-depth study of European IP, ICT and Media Law. The ICT and media sector is a
rapidly evolving and highly complex sector influenced by technological, economic and
sociological developments. In this sector, existing legal frameworks are continuously
challenged and traditional legal concepts and principles are regularly being reinterpreted.
Insight into other connected disciplines is also vital to functioning at a high level.
This programme intends to address the increasing demand for qualified legal practitioners
in the IP, ICT and media sector. To achieve this objective, students will be offered a
comprehensive study of European IP law, IT law and Media and Communications law,
with a specific focus on relevant interdisciplinary perspectives (technology; economy;
socio-political, cultural and media studies), and a number of practical skills that are of
particular importance in this sector. To answer the need for specialised training, the
faculty is drawn from a wide array of academics, government officials, civil servants
from such institutions as the European Commission and national regulatory
authorities, as well as leading practitioners. In this way, the programme offers
academic quality and added value both to graduate students wishing to cap their
curriculum and to practitioners in search of top-quality, cutting-edge expertise.

For the brochure, please click here.

After a successful 2012 edition themed “Connecting generations and educating each other”, the theme of this year’s Safer Internet Day (SID) is “Online rights and responsibilities” with the slogan “Connect with respect”. The idea is to encourage youngsters to reflect on their rights and responsibilities when travelling through cyberspace (watch the promo clip here). Many “real” world rights and obligations have an immediate and comparable application in the online world, an application that gets forgotten from time to time due to the virtual nature of cyberspace. However, fundamental rights such as the right to privacy and to freedom of speech, as well as responsibilities such as the duty to refrain from discrimination are just as valid in the digital world, and may even need special attention in this particular context given its global comprehensive reach. Hence, Child Focus – as the official organiser for the Safer Internet Day in Belgium (NL/FR) – promotes a wide variety of initiatives which aim to concretise these lofty principles in the world of youngsters. Many initiatives have already been announced on the Belgian SID 2013 portal, and for those planning to organise their own events there are a lot of resources available on the official SID website.

The B-CCENTRE, as the Belgian coordinating platform against cybercrime, of course supports the Safer Internet Day 2013. Indeed, B-CCENTRE has identified awareness raising as one of the ten primary action points in the fight against cybercrime in Belgium. Such awareness raising should start with the internet generation of tomorrow.

2012 has been a very active and fruitful year for the B-CCENTRE.

We had a very successful Conference on National Information Sharing end of March where we identified 10 action points for Belgium. During the summer, one of these was realised through the ratification of the Budapest Convention on Cybercrime, implemented in December 2012. A National Cybersecurity Strategy for Belgium  has been adopted by the Council of Ministers on 21 December, providing the framework for actions to be implemented. Challenge for 2013 is the attribution of the necessary resources for the implementation.

On European level we received a number of new colleague National Cybercrime Centres of Excellence, with whom we cooperate and exchange experiences and knowledge. B-CCENTRE was part of the Belgian delegation at the International Conference on Cybercrime in Budapest in October and was represented at different conferences, working groups, and meetings both in Belgium and in Europe. The B-CCENTRE has organised seminars, conferences and training programmes for different target groups, thus providing a platform for sharing of knowledge and expertise in the field of cybercrime.

The year to come will kick off with the launch of operations of the European Cybercrime Centre @Europol on 1 January and will be marked by the adoption of a European Cyber Security Strategy. Amongst the many initiatives that are taken and being planned, we want to catch your attention for some activities to look forward to already.

In January

• The fifth International Forum on Cybersecurity in Lilles on 28-29 January : FIC 2013
• The Global Cyber Security Conference organised by the European Security Round Table & Estonian Ministry of Defence on the 30th of January at the Résidence Palace in Brussels. The Conference to which the Irish Presidency of the Council of the European Union is associated, takes place in the context of the issuance of the EU Cyber Security Strategy.

In February

• On 1 February the Advanced Cyber Defense Center (ACDC) Project starts its activities to effectively tackle botnets, with the B-CCENTRE as partner in a consortium of 28 partners from 14 countries. We are looking for a new colleague to help us in this great challenge: see the vacancies
• Safer Internet Day on 5 February
• the launch of a Manual on Cybercrime, looking into cybercrime from a criminal law perspective – authored by two Belgian magistrates experts in the field (in Dutch).
• cybercrime training for magistrates in Belgium, organised in French by IGO/IFJ on 6 to 8 February

In March:

• An introduction to the legal aspects of cybercrime organised by the B-CCENTRE on 1 March in Namur:  JURITIC Cybercriminalité (in French)
• cybercrime training for magistrates in Belgium, organised in Dutch by IGO/IFJ on 4 to 6 March
• Afternoon debate on Police and Social Media on 19 March in Antwerp (in Dutch)

After March:

• The international COSIC course on cyber security and cryptography is organised by COSIC, a research group from the KU Leuven, a research team of iMinds and partner of B-CCENTRE,  in cooperation with L-SEC in Leuven from 3 to 6 June
• A high level conference on Moving towards Trustworthy Digital Ecosystems in Leuven from  4 to 7 September 2013
• October is the National Cybersecurity Awareness Month during which we will pay extra attention to cybersecurity throughout Europe

Many more events are in the pipeline for next year, this is just a glimpse of the upcoming activities. Please inform us also about your ideas and events and keep an eye on the calendar to stay informed!

Best wishes for an excellent 2013!

On 20 August 2012 Belgium ratified the Convention on Cybercrime. This treaty, established under the auspices of the Council of Europe, has been open for signature since November 2001. Generally speaking, this Convention has four main objectives: a) the establishment of a commonly accepted terminology regarding cybercrime, b) harmonising domestic substantive criminal law in order to ensure that cybercrime offences are penalised in all Member States, c) harmonising domestic criminal procedure law so that legal procedures keep abreast with technological developments, and d) setting up an effective regime for international cooperation, considering the transnational scope of cybercrime offences. Furthermore, the Cybercrime Convention has a reach beyond Europe’s borders, since countries such as Canada, Japan, South Africa and the USA have chosen to become a signatory to the Convention.

Although it has taken Belgium eleven years to finally ratify the Convention it signed in 2001, the national legislator had incorporated the Convention’s content into national law much sooner. Indeed, with the Act on Computer Crime of 28 November 2000 Belgium was one year ahead of the Convention with adapting domestic criminal law and criminal procedure law to the new threats and challenges brought about by the ICT revolution. But with its present ratification of the Convention, Belgium now formally joins the other Member States in their common fight against cybercrime.

The text of the Convention on Cybercrime can be found here.
The text of the Belgian Act on Computer Crime can be found here.
As soon as the Act ratifying the Cybercrime Convention is published in the Belgian Official Gazette (Belgisch Staatsblad/Moniteur Belge), we will add the link to the official publication here. Please note that the Act ratifying the Convention will enter into force on the first of December 2012.

On 18 July 2012 the B-CCENTRE organised a meeting with representatives of the European Commission, its main partners in Belgium and representatives from other Cybercrime Centres of Excellence. The objectives of the meeting encompassed taking stock of one year of B-CCENTRE activities, developing ideas for the future and assessing what role the centre could play in the European context. Fuelled by a great turn-out of participants, many inspiring ideas and perspectives were shared, which in turn led to some very interesting discussions.

To start off, several past, on-going and planned B-CCENTRE activities were presented and were subsequently very well received. Next, four key Belgian partners, namely the FCCU, the IGO, Fedict and Febelfin, gave an overview of their experience with one year B-CCENTRE and clearly expressed their continued support for the centre’s activities in the future. The French, Irish and Estonian 2CENTREs presented their current and planned activities and views for inter-centre cooperation within the 2CENTRE network. Finally, the Commission representatives sketched the European perspective on the interoperability of the 2CENTRE network with the planned European Cybercrime Centre (EC3).

On the whole the assessment after one year of activities of the B-CCENTRE was very positive: the meeting has been a great success and has led the different partners to look to the future with an optimistic yet realistic, an ambitious yet cooperative eye.