President of the Cyber Threat Alliance: we need to impose costs on cybercriminals
Cybercriminals haven’t been very creative during the pandemic, but cyberattacks certainly grew in scale. And it’s a major headache for law enforcement, as victims usually reside in one country, the perpetrators - in another, and the cyber evidence is saved on a server under completely different jurisdiction.
“A very small share of cybercrime leads to convictions. The share is so small it’s several zeros behind the coma before we even get to one”, Alexander Seger from the Council of Europe said during the EU Cyber Forum panel discussion on global efforts to counter cybercrime.
“We need to broaden our aperture, and look for other ways to impose costs on cybercriminals,” added Michael Daniel, president & CEO of the Cyber Threat Alliance.
Experts noted that during the pandemic, there was a surge in cybercrime worldwide. However, the tools and techniques for stealing online remained the same.
A very small share of cybercrime leads to convictions. The share is so small it’s several zeros behind the coma before we even get to one,said Alexander Seger.
“We haven’t seen new groups, we haven't seen new tools, new techniques. It’s mostly the same old stuff,” said Michael Daniel, president & CEO of the Cyber Threat Alliance.
According to him, cybercriminals changed fishing lures, and now phishing is based on COVID-19. Also, they are targeting people’s home networks.
“If you are an enterprise chief information security officer, your job got harder overnight, because an enormous amount of your workforce suddenly went remote,” said Michael Daniel.
Many cybersecurity companies now find themselves shorthanded, as companies that didn’t care much about cybersecurity before, now consider it vital.
“We are still recovering from that unplanned shift of the vast proportion of the workforce working remotely,” he said.
Moreover, cybercrime is distributed, so it becomes even more important to have the rules for cross-border digital evidence sharing.
We want to increase the scope so that it’s not just protecting Western Europe and the US. And we need to do that at scale. We need a measurable impact across the globe, not just the nibble at the edges,said Michael Daniel.
“Now you have a situation where the victim of a crime is in one country, the perpetrator - in the second, and evidence - in countries 3 and 4,” he said.
The more digitized our world becomes, the more threats arise: “We have digitized more and more of our services, things like our power grid, healthcare systems, and the water systems. We now can’t have good public health and safety, unless we have good cybersecurity.”
Michael Daniel has suggestions on how to fight cybercrime more effectively. Firstly, law enforcement focuses on arrests and prosecutions, and in many cases is not able to get to perpetrators.
“We need to broaden our aperture, and look for other ways to impose costs on cybercriminals,” he said.
Also, it is essential to increase the speed and impose effects in weeks and months, but not in years, as it is at the moment.
“We want to increase the scope so that it’s not just protecting Western Europe and the US. And we need to do that at scale. We need a measurable impact across the globe, not just the nibble at the edges,” concluded Michael Daniel.
The problem of encryption
Governments all around the world have been arguing against encryption for the sake of law enforcement. Even in the US, there’s an attempt to force tech companies to grant access to encrypted communications.
There’s no secret that criminals use encrypted messaging services to a large extent. For example, EncroChat was a network and service provider allegedly used by organized crime groups. Law enforcement hacked and subsequently took down the network by harvesting data, such as passwords, messages, geolocations, and more.
“There’s a quest to constantly improve the protection of private communication, or corporate communication with a surge of services that are using encryption, and more end-to-end encryption, and a very limited technical but also a legal capacity for law enforcement to actually access these and read information,” said Olivier Onidi, deputy director-general of the Directorate-General Migration and Home Affairs at the European Commission.
EU internal note, seen by the Financial Times, proposes to expand “targeted lawful access” of encrypted communications that might help law enforcement crack down on organized crime.
“We embarked on the groundwork with private actors to better understand what could be feasible in order to ensure that we do have whatever sophistication and the degree of protection of encryption, we have the capacity to actually read what’s encrypted,” said Olivier Onidi.
“A very small share of cybercrime leads to convictions”
The capacities of law enforcement are definitely stretched, therefore there’s a huge need for urgent cooperation between the authorities and private enterprises.
“Law enforcement needs to identify the owners of accounts and domains. In other words, they need subscriber information and domain registration data. This is what we need to work on,” said Alexander Seger, head of dvision, Cybercrime Programme Office, Council of Europe.
According to him, a very small number of criminals are actually punished for their cybercrimes.
“The share is so small it’s several zeros behind the coma before we even get to one. (...) We need to underline that measures to increase resilience need to be accompanied by an effective criminal justice response to investigate and prosecute offenders who exploit the COVID-19 pandemic,” said Alexander Seger.
He reckons that the COVID-19 pandemic will not be the last, and “we need to be better prepared for the next one.”
You can find the full discussion about the global efforts to counter cybercrime here.