Tackling Cybercrime: Time For The Regional Gulf Cooperation Council To Join Global Efforts

International cooperation is essential to successfully combatting the threats posed by cybercrime. So, despite another major attack recently, why won’t the regional Gulf Cooperation Council (GCC) join the global fight?

The recent malware attack on Saudi Arabia’s transport sector and other government agencies shows yet again that, despite high investment in sophisticated cybersecurity measures, cybercrime remains a major threat for the GCC governments and businesses alike. And with high mobile penetration rates, a large and growing number of internet-linked devices, and the governments’ supposed prioritization of “the digital economy”, this is a threat which is only more likely to escalate.

Coincidentally, just a few days after the Saudi attack was revealed, an international coordinated operation managed to successfully dismantle a global cyber-criminal network known as “Avalanche”. This was the result of four years of investigation and cooperation between police in 30 countries and agencies such as FBI, Europol, Eurojust.

Despite the obvious benefits of using international cooperation in cybercrime, the Gulf countries remain outside these international efforts, thereby exposing their governments, corporations and citizens to increased vulnerability.

More aggressive, complex, organized and unpredictable

But two major reasons should be enough motivation for the GCC countries to revisit how they are approaching this globally daunting challenge. Firstly, on a strategic level, international cooperation helps identify the best responses to emerging challenges in cybercrime. Today’s cybercrime is more aggressive, more complex, more organized and – importantly - more unpredictable than before.

In trying to combat it and mitigate its impact, governments are finding themselves in uncharted waters coping with situations they are not able to predict or contain. And the life span of counter-cybercrime responses tend to be short-lived as new ways and techniques for perpetrating cybercrimes are developing on a continuous basis. So what might work today might not work in a month or even in weeks.

The technological knowledge of cyber criminals often exceeds that of the law enforcement agencies tasked to fight them, which intensifies the challenge of combatting cybercrime and makes the initiated efforts rudimentary. Therefore, the only way forward to fight cybercrime is one that is based on imagination, creativity and above all, cooperation.

Countries need to be sharing information, intelligence, experiences and lessons learned in order to find the best ways to curb cybercrime and tackle its emerging challenges, just as cybercriminals do the same within their own networks. The regulatory, legal and technological tools should be developed collectively and updated on a continuous basis. This is what international cooperation aims to achieve.

Secondly, on an operational level, international cooperation helps overcome challenges to cross-border criminal investigations and prosecutions. Cybercriminals have an upper hand over law enforcement agencies due to their modus operandi. They tend to operate in organized groups, based in one or more jurisdictions while their actions affect computers and victims in other jurisdictions, and therefore other countries.

Given that law enforcement agencies, such as the police and the prosecution offices, are confined to their own national jurisdiction, their efforts in prosecution and in the timely collection of electronic evidence are made more complicated. And because of national sovereignty, any cross-border investigations have to be subject to proper legal channels to request assistance.

This process can be lengthy and complicated, limiting the success of the entire investigation and, more often than not, letting cybercriminals off the hook. However, international cooperation platforms, such as the 24/7 points of contact (opens in new window), do help mitigate this challenging environment, and international cooperation also provides law enforcement agencies with powers enabling them to effectively “join hands” in transnational criminal investigations - removing national barriers while still respecting the safeguards of the rule of law.

The simple reality is that, as things stand, current international cooperation is a conversation involving just one-third of the world. The Convention on Cybercrime (also known as the Budapest Convention) is considered the most relevant international instrument on fighting cybercrime – but currently it only has 50 states as parties to it and another dozen as either signatories or countries in the process of accession. And none of the GCC countries are signatories.

This situation is having a negative impact on the global fight against cybercrime and is widening the global divide in terms of capacity and response. Being vigilant is not enough. In 2012, the Shamoon malware attack on oil giants Saudi Aramco became known as the world’s biggest hack in history. And yet, fast forward to November 2016, and it is known that the attack on Saudi’s transport sector and other government agencies used the same malware.

The investigation into the attack is still ongoing, the motivation behind it and the ultimate damage caused is yet to be announced. But clearly little has been learned in those four years. By maintaining a solo approach, the GCC is unnecessarily jeopardizing its security and economic prosperity by exposing its governments, corporations and citizens to increased vulnerability.

Counter-cybercrime efforts can no longer be developed in isolation, and international cooperation is essential to successfully combatting the threats. If the GCC countries want to ensure safe internet infrastructure and boost their economic prosperity, they must couple cybersecurity investments with international cooperation efforts and establish themselves as major players in the fight against cybercrime.

Chatham House:   

Joyce Hakmeh is a recognised expert on cybercrime and an Academy Fellow at the Royal Institute of International Affairs, London 

 

 

« Amazon Makes First Successful UK Drone Delivery
Making Sense Of Cyber Insurance »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Digital Gurus Recruitment

Digital Gurus Recruitment

Digital Gurus provide specialist recruitment services in areas including IT and information security

Hiscox

Hiscox

Hiscox offers cyber and data risks insurance to protect your business against the risks of holding data and using computer systems..

Onapsis

Onapsis

Onapsis is a pioneer in cybersecurity and compliance solutions for cloud and on-premise ERP and business-critical applications.

Atlantic Council Digital Forensic Research Lab (DFRLab)

Atlantic Council Digital Forensic Research Lab (DFRLab)

The Atlantic Council’s DFRLab has operationalized the study of disinformation by exposing falsehoods and fake news, documenting human rights abuses, and building digital resilience worldwide.

Stealthcare

Stealthcare

Stealthcare is a full service, global cyber security firm offering solutions that educate, empower and protect.

Netsecurity AS

Netsecurity AS

Netsecurity is a Norwegian owned company focused and specialised within IT security and cybersecurity-as-a service.

SOOHO

SOOHO

SOOHO helps to detect security vulnerabilities earlier. Our blockchain security platform audits from smart contracts to on-chain transactions.

Cyber Wales

Cyber Wales

Cyber Wales provides a focus and forum for everyone in the industry, helping businesses come together and collaborate both within Wales and internationally.

ZEBOX

ZEBOX

ZEBOX is an international incubator & accelerator of innovative startups. Focus is on Transport/Logistics and Industry X.0 including technologies such as AI, Blockchain and Cybersecurity.

Network Intelligence

Network Intelligence

Network Intelligence are a global cybersecurity provider offering services across 6 broad spectrums - Assessment, BCMS, GRC, Professional Services, MSSP & Training.

Seadot Cybersecurity

Seadot Cybersecurity

Seadot offer cybersecurity services to organizations with a high demand for regulatory compliance and security.

Altospam

Altospam

Altospam is a full service corporate email protection, integrating multiple security levels for your emails.

Security BSides Cayman Islands

Security BSides Cayman Islands

Security BSides is a non-profit, community-driven event built for and by information security community members. Our aim is to help build an Information Security community in the Cayman Islands.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.

Forensic IT

Forensic IT

Forensic IT is a specialised cyber security firm with expertise in Digital Forensics and Incident Response (DFIR).

StackGen

StackGen

StackGen (formerly appCD) automatically generates Infrastructure from Code (IfC) based on application code with golden standards applied.