FBI, Europol and NCA Want Global Approach to Fighting Cyber-Crime

Uploaded on 2015-06-11 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Law

infosec-15-law-enforcement-540x334.jpg?1433736416

A high-level panel of law enforcement experts discussed cyber-crime policing during the ‘Know your adversary: Who is the cyber-criminal?' keynote at InfoSec Europe in London, which was moderated by BH Consulting's Brian Honan.

Andy Archibald, deputy director of the National Crime Agency's National Crime Unit (NCCU), started the conservation saying that cyber-crime is, and remains, a major challenge for law enforcement. “The way cyber-crime has changed criminality is the biggest challenge for law enforcement, certainly during my time in law enforcement,” he said.
FBI's assistant legal attaché Michael Driscoll agreed and said that there are especially concerns around evidence gathering, given the global nature of such attacks. “The realm has changed when it comes to looking at the criminal threats for us. We are no longer back in the days when we're working on bank robberies and organised crime, where we could rely on law enforcement to obtain records needed, and seek out those responsible. 
“As things move more and more to cyber realm that becomes more difficult for us…We can't access that information, we don't see as quickly as you do out in the private sector, especially those who work in the security sector, those are the ones who are seeing it frequently before we do.”

Wil Van Gemert, deputy director of operations and acting head of Europol's European Cybercrime Centre (EC3), said that the cyber-crime threat is very real, as also indicated by GCHQ director general Ciaran Marti, and he sees traditional organised gangs move into this field. He said that cyber-crime-as-service, anonymisation via DarkNet and encryption were problems for law enforcement, continuing that encryption was "for law enforcement, not in balance at this moment".
On the threats in cyber space, FBI's Driscoll added that he was struck how similar the threats are internationally, citing botnets, malware, DDoS, and said that the volume of low level fraud on the internet is ‘staggering'. He said average bank robbery yield similar rate to online fraud, saying that FBI's own Internet Crime Complaints Center receives 22,000 online complaints a month, 270,000 roughly in a year. “We think, and the numbers verify this, that's about 10 percent what goes on,” he said of cyber-crime reporting, adding that it would likely be the same scenario in the UK.
Archibald agreed that the threats are similar across the globe, pointing to the NCA's own work disrupting the Shylock and Gameover Zeus botnets, and said that impact sustained in these attacks would be “no different” to any financial services company, wherever they may be in the world.

Professor Alan Woodward, a Europol advisor and visiting professor of the Surrey Centre of Cyber Security at the University of Surrey, said that "it wasn't as simple" as China being responsible for stealing IP and Russia for targeting financial services.
“The fact is that we now have organised crime gangs, they are international, and they don't come from one place. The C&C (command and control) might be in the UK but the gang itself might be in Ukraine. Its do disrupted that the only way you can fight this is with international collaboration,” he said.

Archibald added that it remains ‘really important' that law enforcement dedicate resources to attribution, adding this was possible lower down the criminal infrastructure. “There's realms of opportunity as part of a disruption strategy,” he said.
The panelists said that, with cyber-crime-as-a-service emerging, the evidence suggests that as few as 1 in 200 are the enablers of such attacks, meaning that law enforcement agencies should be focusing their energies of technological disruption.

But the key to all of this, said the panel, was that only international collaboration would help bring cyber-criminals to justice. "We need to pool resources together, that's the way forward," said Driscoll.
SC Magazine:  http://bit.ly/1dS364R

« US Stuxnet Attack Against N. Korea Failed
Berners-Lee Urges UK to Fight 'snooper's charter' »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Gigamon

Gigamon

Gigamon provides intelligent Traffic Visability solutions that provide unmatched visbility into physical & birtual networks without affecting the performance or stability of production environments.

Italian Association of Critical Infrastructure Experts (AIIC)

Italian Association of Critical Infrastructure Experts (AIIC)

AIIC acts as a focal point in Italy for expertise on the protection of Critical Infrastructure including ICT networks and cybersecurity.

IUCC Cyber Unit - Israel

IUCC Cyber Unit - Israel

IUCC Cyber Unit safeguards Israel’s National Research & Education Network (NREN).

NESECO

NESECO

NESECO is an IT security integration and consulting firm providing security products, solutions, support, consulting, and training services.

GuardianKey

GuardianKey

GuardianKey is a solution to protect systems against authentication attacks.

Vanbreda

Vanbreda

Vanbreda Risk & Benefits is the largest independent insurance broker and risk consultant in Belgium and the leading insurance partner in the Benelux.

Startups.be

Startups.be

Startups.be helps tech entrepreneurs to be successful by providing quality access to service providers, business partners, customers and investors.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

Wolf Hill Group

Wolf Hill Group

Wolf Hill Group, a Slone Partners company, is a national recruitment firm focused on Cybersecurity.

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

MTS-ISAC promotes and facilitates maritime cybersecurity information sharing, awareness, training, and collaboration efforts between private and public sector stakeholders.

Network Utilities (NetUtils)

Network Utilities (NetUtils)

Network Utilities provide identity centric network and security solutions to organisations from Telecoms and ISPs to SMEs and large corporates.

Vantea SMART

Vantea SMART

Vantea SMART have decades of experience in cybersecurity resulting in an approach of proactive prevention - Security by Design and by Default.

Three Wire Systems

Three Wire Systems

Three Wire is a leader in innovative and efficient technology solutions for government agencies and large enterprise corporations.

WaveLink

WaveLink

WaveLink offers low risk, results-oriented Engineering Services and best-of-class Technical Support Services. Areas of expertise include cyber and security engineering.

Loccus AI

Loccus AI

Loccus are developers of AI solutions in the voice safety space. We build identity verification solutions, deepfake detection systems and fraud protection products for companies and end-users.

Cyber Guru

Cyber Guru

Cyber Guru is an effective cybersecurity awareness training platform, enabling organisations to increase their resistance to cyber-attacks by changing employee behaviour.