Police, Security Officials Meet on Cybercrime Strategies

When the "ILOVEYOU" worm crippled computer systems worldwide 10 years ago this spring, authorities in the Philippines didn't even have a law to properly charge its author.

. What's this?

By Jeremy Kirk

March 25, 2010 — IDG News Service — When the "ILOVEYOU" worm crippled computer systems worldwide 10 years ago this spring, authorities in the Philippines didn't even have a law to properly charge its author.

Since that time, many countries have developed computer crime laws in part due to the 2001 Convention on Cybercrime, an international treaty that lays out legal guidelines for high-tech crime legislation.

This week, more than 300 experts met at the Council of Europe's conference on cybercrime to discuss the treaty and better cooperation in a fast-changing landscape where criminals clearly still have the upper hand.

From advance fee frauds to spam to malicious software, the Internet has become a wild west-style frontier where law enforcement officials have had notable successes in recent years but where most cybercriminals operate with near impunity.

"Criminal actors know that law enforcement investigations take time," said Kauto Huopio, senior information security adviser at the Finnish Communications Regulatory Authority. "They are looking for areas where they are less likely to get caught and where there are challenges in international cooperation."

Much of the effort at the Council's conference is focused on uniting various Internet stakeholders that have only a recent history of tenuous cooperation, such as Internet governance groups, network providers,domain-name registries, law enforcement and commercial enterprises.

Close ties between law enforcement and private companies is sometimes viewed as a sign of corruption, said Bernard Otupol, assistant director for the financial and high-tech crime sub-directorate at Interpol. In some developing countries cybercriminals have co-opted network infrastructures where police don't have many resources.

"A lot of countries have a lot of problems," Otupol said.

The London Action Plan is one organization that works to foster ties between industry and government on antispam and spyware enforcement and improve information sharing, said Shaundra Watson, counsel for International Consumer Protection at the U.S. Federal Trade Commission.

But that cooperation is "not a given in many places in the world," she said.

Law enforcement officials are seeking ways to make it easier to get information from other countries during breaking cybercrime cases. They need quick information from other police agencies as well as contacts at ISPs (Internet service providers), which can help preserve electronic evidence that might quickly disappear, hampering cases.

"It's safe to say law enforcement successes have been in spite of the landscape rather than because of it," said Paul Hoare, senior manager and head of e-crime operations for the U.K.'s Serious Organised Crime Agency (SOCA).

SOCA and the U.S. Federal Bureau of Investigation have proposed stronger verification checks for people registering domain names and a revamp of privacy services that make it hard for investigators to find out who is running a domain.

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
RESOURCE CENTER