Limitations of Europol/Eurojust's 2024 Report: "Common Challenges in Cybercrime"

The Europol/Eurojust 2024 report on cybercrime challenges, published on January 31, 2025[1], has substantial shortfalls on three essential issues: Open-Source Intelligence or OSINT methodology, Dark Web investigations, and intelligence grading standards[2].

The report does not recognise the core role OSINT plays in modern cyber investigations. It speaks of the growing challenge associated with cybercrime. Still, it fails to identify the crucial role of publicly available intelligence sources such as social media, forums, breached data, and blockchain analysis. In addition, the omission of misinformation challenges, data validation processes, and adversarial OSINT deception techniques weaken the investigative framework of this report. This gap worsens because OSINT is a key intelligence source for cybercriminal attribution and infrastructure tracking. The report also fails to cover the increased role of corporate OSINT and threat intelligence firms in cyber investigations[3].

The report treats dark web investigations superficially. While it acknowledges the place of the Dark Web in cybercrime, the publication does not elaborate on the methodology of investigations, challenges monitoring would present, and techniques for attributing some attacks. Essential parts such as operational security considerations for the investigator and analysis of criminal tradecraft are barely covered. The little said about de-anonymisation tactics, blockchain forensics, and exit scams leaves nothing much to use by practitioners. Furthermore, the complex landscape of Dark Web financial flows, including cryptocurrency laundering techniques and mixer services, receives insufficient attention[4].

Another significant weakness is the report's intelligence grading and verification standards approach. It lacks standardised intelligence grading criteria, such as the 3x5x2 UK Intelligence Grading System or North Atlantic Treaty Organisation (NATO) classifications. While providing general cybercrime statistics, it fails to address confidence levels, reliability ratings, or contextual data gaps. The unclear distinction between tactical and strategic intelligence complicates policy-making and resource allocation decisions. This absence of robust intelligence grading affects the reliability of cybercrime reporting and risks misattribution of cyber operations.

Several improvements are necessary. The report needs to embed comprehensive OSINT methodologies and acknowledge private-sector intelligence contributions. A dedicated section on Dark Web investigative challenges and techniques would provide necessary operational guidance. Integrating standardised intelligence grading frameworks would reinforce data reliability and cross-border intelligence sharing.

The Report identifies the key obstacles, particularly in digital evidence, and examines how new legislative measures could help address them. The challenges law enforcement agencies face are the overwhelming volume of digital data, the risk of data loss, and the persistent barriers to accessing critical information due to legal and technical constraints.

Europol must establish a clear pathway for implementing OSINT and make specific plans for integrating it into its current cybercrime operations[5]. The two improvements mentioned above would drastically increase the report's value to European Union (EU) law enforcement, cybercrime and OSINT investigators.

Europol needs to establish a clear pathway for implementing OSINT and make specific plans for integrating it into its current cybercrime operations. The two improvements mentioned above would drastically increase the value of the report to EU law enforcement and cyber investigators.

?

Authored by: Paul Wright?(United Kingdom) — Experienced Cybercrime, Intelligence (OSINT & HUMINT) and Digital Forensics Investigator

Founder of?‘eCrime Intelligence’?and co-founder?‘The Coalition of Cyber Investigators’

? 2025 eCrime Intelligence and The Coalition of Cyber Investigators. All rights reserved.

[1] Common challenges in cybercrime. (n.d.-b). Eurojust. https://www.eurojust.europa.eu/publication/common-challenges-cybercrime (Accessed 31 January 2025)

[2] UK OSINT COMMUNITY LTD. (2024, December 28). Embracing grading, handling, and dissemination practices in OSINT. https://www.osint.uk/content/embracing-grading-handling-and-dissemination-practices-in-osint (Accessed 31 January 2025)

[3] Flare. (2023, September 22). Dark web investigations: best practices. Flare | Cyber Threat Intel | Digital Risk Protection. https://flare.io/learn/resources/blog/dark-web-investigation/ (Accessed 31 January 2025)

[4] Darknet investigations. (n.d.). United Nations?: UN Toolkit on Synthetic Drugs. https://syntheticdrugs.unodc.org/syntheticdrugs/en/cybercrime/detectandrespond/investigation/darknet.html (Accessed 31 January 2025)

[5] Ysart, P. W. a. N. (2025, January 24). A watershed for intelligence professionals. UK OSINT COMMUNITY LTD. https://www.osint.uk/content/a-watershed-for-intelligence-professionals (Accessed 31 January 2025)

?

?