Are Cybercrime Fighters Doing Enough?
by John Hawes
In the last few weeks we’ve seen several signs that cybercrime is finally getting the attention it deserves in policing, both in the US and UK.
Meanwhile, Microsoft’s opening of a state-of-the-art Cybercrime Center offers hope of better collaboration between law enforcement and industry experts in fighting online threats.
The question is, how will these developments affect the safety of the digital world, and is there more that needs to be done?
In the UK, responsibility for fighting cybercrime formerly fell mainly to the Police Central e-crime Unit (PCeU), run by London’s Metropolitan Police. The unit claimed much success, including keeping £1.01 billion ($1.6 billion) out of the hands of cybercrooks.
The newly-formed National Crime Agency’s National Cybercrime Unit (NCCU) has taken over the nationwide remit, including a large chunk of the PCeU staff, and has already started announcing its own successes.
Nevertheless, the London police will continue to operate a substantial cyber force to cover digital crimes within the capital, and recently revealed plans to hire up to 500 staff to further their efforts.
To cover the rest of the country, the NCCU has also made it clear that it will be expanding, with a drive to fill another 400 potential posts announced last month.
This will take the UK’s dedicated cyber police force from under 100 to close to 1000, although no definite timescales have been given and just how they hope to find enough skilled and trained people to fill all these places remains unclear.
In the US, the FBI is also taking cybercrime seriously, as FBI director James B. Comey made clear in an address to a government committee last week.
Speaking to the Senate Committee on Homeland Security and Governmental Affairs, Comey devoted a large chunk of his testimony to cybercrime issues, suggesting that efforts in this direction could overtake real-world work against terror.
The diverse threats we face are increasingly cyber-based. Much of America’s most sensitive data is stored on computers. We are losing data, money, and ideas through cyber intrusions. This threatens innovation and, as citizens, we are also increasingly vulnerable to losing our personal information. That is why we anticipate that in the future, resources devoted to cyber-based threats will equal or even eclipse the resources devoted to non-cyber based terrorist threats.
The FBI apparently now has dedicated Cyber Task Forces in all of the 56 regional field offices they operate across the US.
Comey also stressed the importance of cooperation with the private sector, as private firms are both the biggest victims and the biggest sources of expertise on cyber security issues.
This aspect of the fight has been helped by the unveiling last week of a major new cybercrime resource hub on Microsoft’s Redmond campus.
The high-tech facility, complete with wall-size video screens, will accommodate 100 full-time Microsoft staff, including a dedicated Digital Crimes Unit.
While the focus will be mainly on piracy and other problems directly affecting Microsoft, it will also provide space and resources for law enforcement, government and private companies to work together on cybercrime issues.
This kind of collaboration is clearly vital. Cybercrime is a global problem which often requires global insight to track its roots, and also often needs speed and flexibility to prevent crimes, trace stolen funds or ensure evidence is safely retrieved.
Law enforcement agencies often find themselves hampered by bureaucracy when trying to deal with foreign counterparts. Large global security firms, on the other hand, are able to operate across borders much more easily, and have deep expertise often unavailable to law enforcement.
So it falls to the private companies to step in where the cops can’t, at least on their own, as we routinely see with takedowns and sinkholing of botnet control systems, for example.
This sort of ad hoc cooperation for the most part works well, although sometimes a lack of joined-up communication between researchers can lead to collateral damage and the loss of potentially vital information.
Hopefully the expansion of law enforcement in both manpower and financial resources will help with this, providing better liaison between the various parties involved in monitoring cybercrooks and intervening in cybercriminal activities.
There is one more area of cooperation that still has some way to go though, and that is the realm of international cyber law. As the name suggests, law enforcement relies on having laws to enforce, and private companies are also constrained by the laws of the countries in which they operate.
So for the fight against cybercrime to make much progress, we need to see better collaboration between nations on defining what is permissible and what is not. If there are safe haven countries from which crooks can operate with impunity, that’s exactly what they will do.
At a summit on cyber collaboration held at Stanford University earlier this month, Chinese information minister Cai Mingzhao stressed exactly this point in a keynote speech, calling for international rules governing the cyber arena and also recommending a centralised entity to monitor the impact of global cybercrime.
This may not be exactly the right way of going about things, but it seems to be at least pointing in the right direction. It’s clear that we need much more cooperation between the world’s governments and lawmakers to ensure that the law enforcers are given the power to take appropriate action against cybercrime.
Funds and manpower for police agencies can only help so much, real progress is going to require laws and regulations which keep pace with the ever-changing online world.
About John Hawes
John Hawes is Technical Consultant and Test Team Director at Virus Bulletin, running independent anti-malware testing there since 2006. With over a decade of experience in security testing, John was elected to the board of directors of the Anti-Malware Testing Standards Organisation (AMTSO) in 2011. He wrote this for the Sophos Naked Security blog: http://nakedsecurity.sophos.com/2013/11/18/cybercrime-fighters-ready-to-up-their-game-but-will-it-be-enough/. Sophos is headquartered in Oxford, UK, www.sophos.com.