European Cybercrime Centre holds promise of coordinated effort in a war we are losing

By | March 29, 2012

Posted in: Network Security Trends

Perhaps the best news to come out of the EU this week was not the proposed legislation to define cyber crime and set minimum sentences across the members national boundaries, but the European Commission announcement establishing a European Cybercrime Centre.

Let’s face it, the problem really isn’t defining cyber crime. The proposed EU legislation would standardize what constitutes a cyber crime, and there are obvious advantages in overcoming differences among national jurisdictions. But there are certainly laws on the books that cover most if not all the things that go bump on the Internet. Most digital mischief, by extension, can be prosecuted under statutes that predate the PC. And the problem isn’t punishing cyber criminals if you catch and convict them.

It’s the catching and convicting that’s the hard part. It’s detecting and stopping the attacks. It’s not so different from physical crime: protect what you own from theft and fraud and destruction. Try to catch the bad guys. The war doesn’t end, in either the physical or the digital worlds. We do our best to protect ourselves, and we try to catch and incarcerate as many of the criminals as possible.

The war against cyber crime is all the more difficult because our adversaries — profit driven gangsters, politically/ideologically motivated hacktivists, unscrupulous competitors, unfriendly nation states — attack in anonymity and across international borders. The odds are daunting even with international cooperation. The words of the FBI’s outgoing top cyber cop, Shawn Henry, are dispiriting:

“I don't see how we ever come out of this without changes in technology or changes in behavior, because with the status quo, it's an unsustainable model. Unsustainable in that you never get ahead, never become secure, never have a reasonable expectation of privacy or security.'

Cyber crime is international big business, and, at least from a law enforcement prospective, should be contested as such.

The Cybercrime Centre, to be implemented within the European Police Office (Europol) in the Hague, will investigate criminal activity, warn national law enforcement agencies against urgent and emerging threats and provide support. It will focus heavily on crimes such as identity theft and data theft, as well as child molestation and threats to critical infrastructure. It is expected to become active in 2013.

The potential for coordinated investigation, information-sharing, training, discussion and support among nations holds some promise. We face common adversaries — skilled, elusive and distributed throughout the world. We should engage in common purpose.

 

You May Also Be Interested In: