Shadowserver Europe

Introduction

Here we will describe the different efforts that have been completed as well as being planned for Shadowserver EU. All of the tentative plans are all governed by our ability to seek and procure funding for those projects. Some will be completely accomplished by Shadwoserver EU and some done in partnership with Shadowserver US. But in all the cases these projects are to further expand out our current capabilities or to build new capability for our organizations. All the projects will fit under our mission to help promote Internet security as well as add to our data sets that we share for free with all the network owners.

2023

Participated in two year EU Internal Security Fund (ISF) project MISP-LEA focusing on empowering Law Enforcement Agencies through improvements to the Malware Information Sharing Platform (MISP) and supporting data sets to enhance information sharing and investigations.
Assisted Law Enforcement in cybercrime investigations, disruptions and botnet takedowns.
Continued to provide support to UK FCDO funded cyber capacity building projects in the Indo-Pacific and Gulf Region.

2022

Participated in three year Connecting Europe Framework (CEF) project VARIoT to improve our honeypot sensor network and global IP scanning to provide additional actionable information about IoT device security. CAPRICA (post-SISSDEN) honeypot sensor network enhanced and expanded. VARIoT project website .

Participated in three year Horizon 2020 project SOCCRATES focusing on classifying sandbox/DNS/malware DGA data using machine learning to improve malicious domain detection. SOCCRATES project website.
Assisted Law Enforcement in cybercrime investigations, disruptions and botnet takedowns.
Suported additional UK FCDO funded outreach effort to Africa, the Indo-Pacific and CEEC regions plus public Dashboard.

2021

Participated in three year Connecting Europe Framework (CEF) project VARIoT to improve our honeypot sensor network and global IP scanning to provide additional actionable information about IoT device security. CAPRICA (post-SISSDEN) honeypot sensor network enhanced and expanded.
Participated in three year Horizon 2020 project SOCCRATES focusing on classifying sandbox/DNS/malware DGA data using machine learning to improve malicious domain detection.
Assisted Law Enforcement in cybercrime investigations, disruptions and botnet takedowns.
Suported UK FCDO funded outreach effort to Africa and the Indo-Pacific regions.

2020

Participated in three year Connecting Europe Framework (CEF) project VARIoT to improve our honeypot sensor network and global IP scanning to provide additional actionable information about IoT device security. New free daily report types for MQTT, IPP and CoAP added. CAPRICA (post-SISSDEN) honeypot sensor network enhanced and expanded.
Participated three year in Horizon 2020 project SOCCRATES focusing on classifying sandbox/DNS/malware DGA data using machine learning to improve malicious domain detection.
Assisted Law Enforcement in cybercrime investigations, disruptions and botnet takedowns.

2019

Participated in three year Horizon 2020 project SISSDEN designing, building and operating global honeypot sensor network. Data provided free of charge each day to National CERTs and network owners through Shadowserver's daily network reports. Multiple new report types added over past 3 years. Project completed April 2019 - summary blog and video released describing post-SISSDEN roadmap (CAPRICA).
Participated in three year Connecting Europe Framework (CEF) project VARIoT to improve our honeypot sensor network and global IP scanning to provide additional actionable information about IoT device security. Project started July 2019. Progress tracked on the VARIoT project blog.
Participated in three year Horizon 2020 project SOCCRATES focusing on classifying sandbox/DNS/malware DGA data using machine learning to improve malicious domain detection. Project started September 2019. Progress tracked on the SOCCRATES project blog.
Assisted Law Enforcement in cybercrime investigations, disruptions and botnet takedowns.

2018

Participated in three year Horizon 2020 project SISSDEN designing, building and operating global honeypot sensor network. Data provided free of charge each day to National CERTs and network owners through Shadowserver's daily network reports.
Assisted Law Enforcement in cybercrime investigations, disruptions and botnet takedowns.
Planned to participate in future Horizon 2020 and Connection Europe Framework (CEF) projects.

2017

Participated in three year Horizon 2020 project SISSDEN designing, building and operating global honeypot sensor network. Data provided free of charge each day to National CERTs and network owners through Shadowserver's daily network reports.
Assisted Law Enforcement in cybercrime investigations, disruptions and botnet takedowns.

2016

Participated in three year Horizon 2020 project SISSDEN designing, building and operating global honeypot sensor network. Data to be provided free of charge each day to National CERTs and network owners through Shadowserver's daily network reports. Three year project started May 2016, with progress tracked on SISSDEN project blog.
Assisted Law Enforcement in cybercrime investigations, disruptions and botnet takedowns.

2015

Planned to participate in a Horizon 2020 project which has the purpose of deploying a larger global sensor network to gather in more attack information as well indicators of malicious activity. The data will be made available to our normal constituents for free as well as building a sharing platform so that the different National and Government CERT’s as well as educational institutions will be able to have a greater repository of malicious data for the purposes of research and statistical trending.
Assist Shadowserver US in the deployment of increase the size of the current global sensor network.
Assist in Law Enforcement takedowns in the EU related to botnets.

2014

Completed incorporation and PBO process for Shadowserver EU

Activities