Global Policy Forum

Organized Crime May Be Behind Carbon Permit Thefts, EU Says

Hackers, linked to organized crime, have mounted sophisticated cyber attacks on trading systems in the European carbon market, calling into question the security of these exchanges. The hackers stole CO2 permits and resold them in the market before their owners realized that they were missing. The attacks pose a threat to the legitimacy of the carbon market, but EU officials claim the raids do not undermine their carbon trading scheme.




By Ewa Krukowska

January 31, 2011


Organized crime may be responsible for the theft of European Union emission allowances this month, a top EU climate official said, and national authorities working with Europol aim to recover missing permits.

"Investigations are now being carried out by member states, and the Europol is involved," Jos Delbeke, director general for climate at the European Commission, said in an interview. "They are looking everywhere where evidence can be found."

Computer-hacking attacks led the EU regulator on Jan. 19 to suspend the registries in 30 countries that track carbon permits. "Sophisticated" criminals in the latest attacks may be linked to so-called "carousel fraud" and "phishing attacks" last year, Rob Wainwright, director of the Hague-based Europol, said in an e-mailed statement. Thieves who steal CO2 permits try to sell them in the market before owners realize they are missing, according to Czech carbon trader Nikos Tornikidis.

Trades for immediate delivery on the BlueNext SA exchange in Paris and ICE Future Europe exchange in London remain closed for a 12th day. Futures markets weren't closed by the suspension, and EU permits for delivery in December rose 0.3 percent to 14.80 euros at 11:45 a.m. on the ICE Futures Europe exchange in London.

Retrieving Missing Permits

The commission estimated as many as 2 million permits valued at 30 million euros ($42 million) in the world's biggest cap-and-trade program may have been missing in thefts earlier this month. Greek cement company Halpys Building Materials SA was able to block thieves from reselling about 300,000 carbon permits that were stolen from its account on Jan. 18, Pagona Ligou, an Athens-based spokeswoman, said today.

"We have blocked the sale and the next step is to get the permits back," she said. Halpys was informed on Jan. 18 that the carbon permits were missing, she said. The investigation is continuing she said.

CO2 hackers in Greece have been traced and arrests will be announced in the next few days, The Wall Street Journal reported today, citing "senior people directly involved in the matter."

The Austrian registry announced on Jan. 21 that it tracked down 488,141 missing carbon credits in Sweden and Liechtenstein shortly after a Jan. 10 hacking attack, and authorities blocked them from use.

Closed for 12th Day

The Europol suspects the persons behind the last attacks "are linked to some of those who earlier have used the trading system for carbon credit fraud, although the modus operandi seems more sophisticated now," Wainwright said. "With some of the EU member states affected, Europol is trying to identify how the thefts have been carried out in order to see if it is merely sophisticated phishing or if malware has been used."

Holcim Ltd., the Swiss cement maker, reported in November 2010 that it lost 1.6 million of allowances to CO2 thieves. Romanian prosecutors said today they asked five countries to provide legal information and data that were linked to the criminal investigation on the theft of carbon permits.

"Protracted closures" may jeopardize liquidity in Europe's six-year old carbon program, according to the International Emissions Trading Association, at a time when global climate talks are stalled and industries in Japan and U.S. oppose the introduction of cap-and-trade plans.

The EU suspended all registries in the region after Blackstone Global Ventures, a trader based in the Czech city of Brno, informed national administrators on Jan. 19 that 475,000 allowances were missing from its account. Last week CEZ AS, the largest Czech power producer, it lost 700,000 allowances in unauthorized transfers in the raids on the registry.

Tracking Serial Numbers

The allowances stolen from Blackstone went through accounts in national registries in Poland, Estonia and Liechtenstein, said Tornikidis, manager of Blackstone's carbon portfolio.

"When we realized on Wednesday that something happened with our accounts I immediately called BlueNext and ICE exchanges, and as soon as I got the serial number of the allowances I sent them out," Tornikidis said. "But since the illegal transfer happened on Tuesday around midday, that means that those guys had six trading hours to do whatever they wanted. We don't know if the permits were eventually sold by the thieves. The investigation is still ongoing."

The commission is requiring national carbon registries to present independent reports showing their security systems meet minimum requirements set by the EU before they can resume full operations. The first registries may reopen in the second half of this week, the commission said Jan. 28.

'Relatively Negligent'

"Since the first accidents, the commission has been acting immediately, but it's a bit sobering to see that what we had been requiring has not always been followed up by member states," Delbeke said. "Despite our repeated actions, member states are still relatively negligent, and even companies are being negligent. We have very different cases, but we also have indications that in some of them companies gave passwords to strangers."

The EU estimated earlier this month that half of the bloc's member states lack adequate carbon security measures. The EU's security requirements are confidential, and Delbeke said the commission won't reveal them or set a deadline for lifting the suspension on registries. Henry Derwent, president of IETA, the trading association, last week called for the commission to set a date for security upgrades. While he acknowledged the need to suspend the registries, Derwent said the commission's communications on the matter have been insufficient.

"We regret the process by which minimum security measures were decided behind closed doors and remain unknown," Derwent said in a Jan. 28 statement.

Delbeke rejected that criticism. "IETA would like to have us publish the minimum criteria, and I have one question about it: is IETA expecting us to educate the gangsters?"

'Environmental Effectiveness'

Organized crime targeting the carbon market doesn't undermine it as a way to fight climate change, Delbeke said. "The environmental effectiveness is not threatened," he said. "We collectively underestimated the importance of having tight security systems."

The ETS was started in 2005 and intended to be a model for a global carbon program. It put emission limits on more than 11,000 utilities and manufacturers, capping their greenhouse gas discharges at 2.08 billion metric tons of carbon-dioxide a year between 2008 and 2012. Its trading volume was 80 billion euros last year, according to Bloomberg New Energy Finance.

The suspension of the registries was imposed to "maintain the trust of market participants," Delbeke said. During the suspension, all transactions except for allocation and surrender of allowances are blocked.

"There's a short-term pain, but I'm convinced it'll become a long-term gain," he said. "Once this is behind us, we'll have a much stronger system, with a much stronger infrastructure."


FAIR USE NOTICE: This page contains copyrighted material the use of which has not been specifically authorized by the copyright owner. Global Policy Forum distributes this material without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. We believe this constitutes a fair use of any such copyrighted material as provided for in 17 U.S.C § 107. If you wish to use copyrighted material from this site for purposes of your own that go beyond fair use, you must obtain permission from the copyright owner.