Proposal - Dealing with Cyber crime – Challenges and Solutions
The threat from cyber crime is multi-dimensional, targeting citizens, businesses, and governments at a rapidly growing rate. Cyber criminal tools pose a direct threat to security and play an increasingly important role in facilitating most forms of organised crime and terrorism.
There is now a sophisticated and self-sufficient digital underground economy in which data is the illicit commodity. Stolen personal and financial data – used, for example, to gain access to existing bank accounts and credit cards, or to fraudulently establish new lines of credit – has a monetary value. This drives a range of criminal activities, including phishing, pharming, malware distribution and the hacking of corporate databases, and is supported by a fully fledged infrastructure of malicious code writers, specialist web hosts and individuals able to lease networks of many thousands of compromised computers to carry out automated attacks.
Whilst the value of the cyber criminal economy as a whole is not yet known, the most recent estimate of global corporate losses alone stands at approximately €750 billion per year1.
- Active targeting of underground forums to disrupt the circulation of powerful and easy to use cyber criminal tools, such as malware kits and botnets.
- Disrupt the infrastructure of malicious code writers and specialist web hosts through the active identification of developer groups and a joint action of law enforcement, governments and the ICT industry to dismantle so-called “bullet proof” hosting companies.
- Active targeting of the proceeds of cyber crime (e.g. money mules) in collaboration with the financial sector.
- Continue to develop insight into the behaviour of the contemporary cybercriminal by means of intelligence analysis, criminological research and profiling techniques, and based on the combined law enforcement, IT security industry and academic sources, in order to deploy existing resources more effectively.
In the last decade advances in communications technologies and the "informatisation" of society have converged as never before in human history. This has given rise to the industrialisation of a type of crime where the commodity, personal information, moves far too quickly for conventional law enforcement methods to keep pace.
The unprecedented scale of the problem threatens the ability of the authorities to respond – with (according to one estimate) more than 150,000 viruses and other types of malicious code in global circulation, and 148,000 computers compromised per day. At the same time, the authorities have more data on criminal activity at their disposal than ever before, and now have an opportunity to harness this information in ways which make intelligence development and investigation more streamlined and cost effective.
Cyber crime rates continue to increase in line with Internet adoption: mobile Internet access and the continuing deployment of broadband internet infrastructure throughout the world therefore introduces new levels of vulnerability; with potential victims online for longer periods of time and capable of transmitting much more data than before; the adoption of these internet technologies in developing countries poses a potential external threat to the EU; and the increasing trend for outsourcing data management to third parties presents imminent risks to information security and data protection.
At the same time, the organic development of Internet technology has resulted in the existence of myriad actors in the information security field. By way of illustration, the (ENISA) directory of network and information security stakeholders in the EU alone already stretches to over 400 pages.
- More must be done to harness the intelligence of network and information security stakeholders, not only to provide a more accurate and comprehensive assessment of cyber criminality, but also to ensure that responses are effective and timely. Active partnerships with ISPs, Internet security organisations and online financial services are key. The private sector needs to be assured of a confidential relationship in which information can be exchanged for investigative and intelligence purposes.
- Collaboration, particularly with the private sector, to proactively identify features of future communications technologies liable to criminal exploitation, and to design vulnerabilities out of technologies and environments which are in development. Law enforcement must work in partnership with those who will influence the future business and operating environment, so that all concerned can better anticipate changes in criminal behaviours and technological misuse.
Cyber crime is a truly global criminal phenomenon which blurs the traditional distinction between threats to internal (criminality and terrorist activity) and external (i.e. military) security and does not respond to single jurisdiction approaches to policing. The liability of networks to exploitation for a number of different ends, and the ease with which individuals may move from one type of illegal activity to another suggests that territorialism in all its forms (both of nations and regions, and specific authorities within nations) hinders efforts to successfully combat the misuse of communications technology.
At present, national authorities are overcoming jurisdictional restrictions by coordinating regionally (as in the EU, ASEAN and AMERIPOL nations) or with agencies with similar levels of capability/capacity (as in the Virtual Global Taskforce) to better understand and respond to Internet-facilitated crime.
- More centralised coordination at regional (e.g. EU) and interregional levels, to streamline the fight against cybercrime.
- The establishment of virtual taskforces to target internet facilitated organised crime. These should be responsive to the evolving criminal environment – e.g. more permanent groups for information sharing, more ad hoc arrangements for specific operations such as dismantling botnets. In all cases the authorities need to have the flexibility to include a variety of stakeholders (law enforcement, military, private sector, academia, user groups) in order to achieve the desired outcome.
1The State of Internal Security in the EU, A Joint Report by EUROPOL, EUROJUST, and FRONTEX