Sunday 29 June, 2014
Written by: Anonymous Singer
Cybercriminals increasingly know how to plunder bank accounts, steal data from
companies and infect computers with malware. The used technologies become more
and more sophisticated, but how to counteract it?
Cyber Security company McAfee and American think tank Center for Strategic and International Studies computed in a new report that cybercrime costs the world economy annually 325 billion Euros. Therefore, the reason to intervene is clear.
Various experts admit that the risk of being caught as a cyber criminal is currently still very low. Cybercriminals are generally able to do their businesses on the Internet anonymously.
Many attacks are carried out by so-called botnets, which consist of infected computers from people all over the world. These make larger attacks possible, but also provide an additional ‘layer of protection’ between the target and the attacker.
Especially companies are victims of cybercrime.
How can companies protect themselves and how can authorities tackle cyber criminals? The experts point out to three important things.
A better defence
It may seem obvious, but good defence to keep cyber criminals away is essential. That goes beyond just installing software that block attacks, says Giles Watkins, who is responsible for the department of information protection at the consultancy firm KPMG.
“You need to have the mentality of counterespionage” he says. More often, cybercriminals are trying to get information for months or years. “You need to know how your company looks in a normal state, so you can directly see whether there is happening something abnormal.”
Companies can therefore deliberately spread false information on their network to deceive attackers. “These techniques have existed since the First World War; that you give misinformation or leave a trap.”
It is also very important that companies are open when they are attacked. “The first thing we encourage everyone to do is to report these problems,” said Raj Samani, who is the European technical director of McAfee.
Because companies fear damage to their reputation, they often do not let it know when they have been attacked by cybercriminals, said Paul Gillen, who is head of operations of the European Cybercrime Centre (EC3). The EC3 is part of Europol and let cybercrime departments of several European police forces work together to tackle cybercriminals.
“The suffering of reputational damage after an attack is currently an unfortunate reality,” says Gillen. It is, according to him, unjust that the companies are held responsible for successful cyber attacks on them.
“If a bank is robbed by two men, armed with military weapons, and they stole 250,000 Euros, the bank would be the victim of a crime. If a hacker steals the same amount of money of the same bank with a piece of malware, then the bank is an idiot and the hacker is a genius. “
If companies do not dare to announce that they have been an attack’s target, leads, according to Gillen, to a vicious circle: the lack of information ensures that the police will not be able to know what exactly happened. Therefore, there will be no tools available to combat cyber criminals and because of that, criminals can continue with doing their business.
Affected companies, governments and security companies have to tackle the problem of cybercrime together, experts say.
Although there is a relatively low chance of detection for cyber criminals, there are some recently successes in tackling cybercrime, says Gillen. As an example he cites Operation Tovar, which took place in late May. Police forces from more than ten countries worked together to get the Gameover ZeuS botnet offline.
The private sector made a removal tool that can remove malware from infected computers. At the time of creation, the companies involved did not know exactly wherefore it could be used, because the private sector wanted to avoid a prematurely revelation.
“After 31 years as a cop and 18 years on the cybercrime department, I was in a room with police officers from the U.S., Japan, Canada, New Zealand, Great Britain, Netherlands, France, Germany, Italy and Ukraine,” says Gillen. “They were drinking coffee, eating the same bread and working on the same cases in the same room. That was inspiring.”
International collaboration is important because cybercriminals often use networks with infrastructure spread across the globe. The criminals themselves are often ‘on the road’, says Gillen. “Russian-speaking organized crime gangs can actually be in Alicante, Spain and they can work from an apartment nearby the beach of Scheveningen or Noordwijk.”
NATO is also trying to promote collaborations between countries, says Christian-MarcLifländer, who advises the organization on cyber defense. NATO focuses on securing military networks.
“We have established what countries at least should do to be safe in cyberspace”, said Lifländer. “So we do try to bring changes.”
According to him, not all countries are advanced in combating cyber crime and so are the governments. “If you know something, and you share it with others, you run the risk that your sources and methods will be known.”
The situation slowly changes, according to Lifländer. Countries that share information with others often see the advantages of it, he says. The key message is clear: “We have to take the tackling serious.”
There is a kind of common sense that cyber is for nerds. My point is the opposite. It has now become part of life. We have to embrace technology. As far as NATO is concerned, the alliance is safer as the countries get stronger and the proverbial ‘weakest switch’ gets stronger.