The TOR (The Onion Router) network, widely used for ensuring anonymous online communication, has been a critical tool for journalists, activists, and whistleblowers. However, its reputation as a secure environment has also made it attractive to criminal organizations. This has put TOR in the crosshairs of law enforcement agencies across the globe. The once seemingly impenetrable network is no longer beyond the reach of investigators, thanks to evolving techniques such as timing attacks, traffic analysis, and international collaboration.
Category: Cybercrime
In recent years, law enforcement agencies across Europe have made headlines with high-profile operations targeting encrypted messaging services like EncroChat, ANOM, SkyECC, and more recently, Ghost. These services, which were primarily used by organized criminal networks, have posed significant challenges for both investigators and defense attorneys.
The takedown of these platforms has led to the capture of massive amounts of data, often including millions of messages that were previously thought to be inaccessible due to advanced encryption. While these operations, like “Project Overclock,” have been celebrated as major successes in the fight against organized crime, they also raise significant concerns, particularly when it comes to the rights of defendants and the difficulties their legal teams face.
Hackbacks, also known as “active cyber defense,” involve measures where a cyber attack on IT systems is actively countered by attacking the target system of the attacker. The goal of a hackback is to stop the original attacker, restore data, or prevent further damage. This can involve infiltrating the attacker’s IT infrastructure, deleting malicious software, or even physically impairing hardware.
In Germany, the protection of trade secrets is governed by the German Trade Secrets Act (GeschGehG), which was enacted in 2019 to implement the EU Directive 2016/943 on the protection of undisclosed know-how and business information against unlawful acquisition, use, and disclosure.
This directive aims to harmonize the protection of trade secrets across the European Union, setting clear standards and requirements for companies. Before the implementation of the GeschGehG, the protection of trade secrets in Germany was primarily covered under §§ 17-19 of the Unfair Competition Act (UWG). The new law provides clearer guidelines and expands the scope of protection, particularly by defining what constitutes a trade secret and what actions companies must take to secure these protections.
Is there a strategy for dealing with ransomware? Ransomware is a type of malware that blocks access to the victim’s system or data and demands a ransom to unlock or release it. Negotiations with cybercriminals over such attacks can be complex and risky.
Ransomware attacks are one of the biggest threats to companies worldwide: dealing with such crises correctly, especially negotiating with the attackers, can be crucial to minimizing the damage and regaining control. I am an atypical source of information here because I usually work as a lawyer for the attackers and therefore have completely different insights.
I would like to loosely explore the question of whether there can be fundamental strategic considerations on this topic. And indeed, based on current studies and practical experience, important insights can be gained and mistakes that can occur during negotiations can be avoided.
In an internationally coordinated operation, the server infrastructure of the illegal darknet marketplace “Kingdom Market”, which is spread across several countries, has been seized since December 16, 2023 and thus shut down.
In the course of the current rulings on data retention, the EU Court of Justice (C-339/20 and C-397/20) has ruled in a further case on a certain handling in France. What appears on the surface to be a pure data retention issue turns out, on closer inspection, to be a potentially landmark decision for the German criminal justice system.
The fact that criminal proceedings arise in Germany because of cryptocurrencies has long since ceased to be a peculiarity. Many tax advisors take on the topic and solicit clients – but those who only think with the view of tax law can cost their clients a lot of money. In recent years, as a German criminal defense lawyer, I have regularly acted as a defender in criminal proceedings concerning cryptocurrencies – and can only urge caution.
Cybercrime is changing more and more, not only in terms of the increasingly monetized and professionalized approach, but also in the investigators’ approach: Whereas in the past the focus was on perpetrators and also delimitable perpetrator structures, today, in my view, it is increasingly infrastructures that are the focus.