You are currently viewing Cyber Crimes – The Interpol Approach
Cyber Crimes - The Interpol Approach - by Alessandro Civati

Cyber Crimes – The Interpol Approach

Cybercriminals have become more sophisticated โ€“ increasingly using emerging technologies and tools to target data and associated infrastructure maliciously. Cyber-attacks have become more destructive and costly. Direct damages caused by malicious cyber activity are projected to cost the global economy over $6 trillion. Stakeholders in cybersecurity need to work together to address arising issues.

Just like the pandemic compelled the global workforce to relook at and change its working model, Interpol needs to change its approach. Cybercrime is a worldwide nightmare โ€“ numerous sophisticated actors with different intents. Cybercriminals employ a broad range of skills at a low cost. Cybercrime has taken on a business model and increasingly becoming a criminal business supply chain. Law enforcement needs to move away from traditional methods.

Threat Intelligence Sharing

The international community has taken commendable action to enhance national law enforcement capabilities and facilitate international cooperation on cybercrime through Interpolโ€™s Global Cybercrime Programme and Innovation Centre in Singapore. International crime syndicates such as drug trade and money can be targeted using tools anchored on bilateral agreements. However, cybercrime is highly widespread and borderless affecting users across several countries. Some countries are yet to enact laws and policies around cybercrime. Other jurisdictions lack the budget to contract cybersecurity specialists and other technical professionals to help law enforcement agencies combat cybercrime.

Interpol, just like law enforcement agencies, undertook the entire criminal justice process from incident response, and investigations, to the prosecution of criminals. With cybercrime, thereโ€™s a realization that we canโ€™t arrest ourselves out of the cyber security nightmare. It calls for a concerted effort by the global community. There are continued efforts to promote public-private threat intelligence sharing among other initiatives.

The private sector is providing the technical skills and capabilities required to investigate and prosecute cybercriminals. The public sector, especially law enforcement, lacks the resources and lags in developing technical skills. Cooperation and intelligence sharing help to close the gap.

Intelligence sharing with Interpol member countries’ law enforcement agencies has helped in investigating cybercrime and gaining deep insights into the global threat landscape. It becomes easier to attribute attacks to different crime rings.

A public-private partnership in threat intelligence sharing provides increased capabilities and capacity on the global stage. It eliminates the need to have a big room of professionals looking into issues and nuances across different cyber incidents. Working closely with government agencies and law enforcement helps to harden infrastructure, create new security policies, and share technical indicators of data compromise. Private security vendors have greater visibility across different regions of the threat landscape which helps achieve improved contextualization and attribution to threat actors.

Address Geopolitical Elements

There are geopolitical elements that may impact the effectiveness of the fight against cybercrime. Jurisdiction has always been a gray area for cybercrime investigations โ€“ criminals can live in one location and carry out criminal activity in other locations. Law enforcement agencies will lack the jurisdiction to effectively investigate and prosecute across national boundaries.

Geopolitical events may affect the offensive efficiency of law enforcement in disrupting their ability to take coordinated actions in detecting, preventing, investigating, and disrupting cybercriminals.

Conventional government-to-government criminal justice efforts, however, are proving too limited to meet the challenge. The policing model needs to change with calls for Interpol to grow its network and reach. The operations center in Singapore needs to expand further into Asia and the South Pacific. The model needs to filter down from the global, to the regional, and to the local to foster enhanced cooperation and data sharing.

Operationalization at Speed and Scale

Interpol and law enforcement carry the bulk of the work of operationalizing cyber security laws and policies. Cybercrime poses the greatest risk to the fourth industrial revolution. Global networks are evolving at lightning speed which necessitates a corresponding speed in law operationalization and enforcement.

Policies, laws, standards, and frameworks must effectively adapt to and address this evolving environment. Effective operationalization will lead to arrests, prosecutions, and even the freezing of assets. The idea is to send out a message to act as a deterrence and stop cyber criminals in their tracks.

Reports have highlighted a big enforcement gap for cybercrime. For example, the US still finds it very difficult to successfully prosecute a cybercrime with an estimated 0.05% success rate compared to a 46% rate of prosecution for violent crime.

Recent actions from Interpol include:

  • A public-private backed operation that led to the arrest of 11 Nigerian nationals thought to be members of a prolific Business Email Compromise (BEC) scam ring that targeted thousands of companies globally.
  • Operation Cyclone, an Interpol-led international law enforcement effort, led to the arrest of six Clop ransomware gang members in Ukraine late last year. The operation spanning 30 months was coordinated from Interpol’s Cyber Fusion Centre in Singapore and used threat intel provided by Trend Micro, CDI, Kaspersky Lab, Palo Alto Networks, Fortinet, and Group-IB through the Gateway project.
  • Interpol plans to lead a cyber-operation in 30 African countries in a coordinated effort with Gateway threat-sharing security partners. The focus is to avail resources towards identifying threats and empowering local law enforcement in disrupting cybercrime rings. The idea is to make it expensive for cybercrime rings to operate.

Cybercrime can be systematically stopped by confronting the source of the cybercriminal activity, reducing the payoff, and making the risk of prosecution real for cyber actors. Government efforts will be insufficient in the face of mounting threats. It will require the cooperation of public and private sector actors both locally and globally in a fast-evolving threat landscape. The importance and relevance of Interpol are heightened as a convergence point for efforts against cybercrime.

Author: Alessandro Civati

Blockchain iD: https://x88.life/VmLRd30b1X