How cybercrime is changing across the world
Tue 6 Feb 2018 | Joyce Hakmeh
Joyce Hakmeh, research fellow at Chatham House, comments on the global landscape of cybersecurity ahead of her session at Cloud Security Expo, 2018. In a wide-ranging discussion, she spoke to The Stack about the uphill struggle that law enforcement faces, the impact of trends such as IoT and blockchain on security, and government action against cybercrime, in the UK, the Middle East and North Africa.
If there is one broad prediction that Hakmeh would make for cybercrime, it would be that there will be more of it in the coming years. It continues to develop, and each incidence continues to grow in scale.
IoT, DDoS and ransomware-as-a-service
One particular area of concern is in the growth of ransomware, especially driven by its increasing professionalisation and the rise of ransomware-as-a-service offerings, which makes catching the perpetrators even more difficult for law enforcement.
Not only are these attacks becoming more common and more difficult to stop, they are affecting an increasingly wide range of victims. The WannaCry attacks, for instance, hit hospitals, government departments, telecom operators, car manufacturers and more.
Ransomware is not the only nefarious business model developing. Distributed denial of service (DDoS) attacks, a common tool of cybercriminals for many years, are now being offered as a service.
The relative anonymity of the internet has often, sadly, allowed some of the worst crimes to go unpunished and this has been compounded by the rise in blockchain technology
Those who carry these attacks out are also making use of the many millions of unsecured IoT devices. Known for their poor security, often by design, these devices represent an open goal for online criminals.
By launching DDoS attacks through IoT devices, which very often retain their default factory settings, leaving them vulnerable to attack, hackers have managed to bring down major websites such as Spotify and Netflix, most notoriously through the Mirai malware attacks.
Blockchain’s relationship with cybersecurity
The relative anonymity of the internet has often, sadly, allowed some of the worst crimes to go comparatively unpunished. Hakmeh argues that this is the case for the proliferation of child abuse images, which, according to Europol, is on the rise. She argues that this has been compounded by the rise in blockchain technology, cryptocurrencies and the darknet.
There are, according to Hakmeh, a few major schools of thought in terms of the relationship between cybercrime and blockchain.
From a law enforcement point of view, she argues, the anonymity of cryptocurrencies is fuelling cybercrime because it enables cybercriminals to avoid identification. Its use has become more frequent, particularly through the darknet in order to exchange illicit commodities, as well as for child sexual abuse.
On the face of it, then, a technology (more specifically, its applications, such as Bitcoin), that enables the free exchange of drugs, guns and child pornography, should unanimously be agreed to be a bad thing. However, Hakmeh notes that other innovative payment methods, such as Paypal, were initially associated with criminal endeavours until law enforcement got a better grip on the technology.
She argues that there are a number of applications of blockchain which could be used to actively help fight cybercrime. The decentralised nature of blockchain technologies, for instance, would make DDoS attacks, which target a centralised authority, significantly less impactful. Analysing immutable records of transactions without permission could also come in handy, she argues.
As it stands, then, blockchain technologies have so far effectively been an enabler of bad behaviour online, but with development, they could go some way towards stopping this.
Law enforcement and governmental responsibility
Cybercrime is inherently transnational, and so even with the best law enforcement agencies at its disposal, international cooperation is key for any country
Effective online law enforcement requires smart use of innovative technologies, but it also requires good old-fashioned lawmaking. Well written, sensible and comprehensive laws that carry provisions for procedure as well as criminalisation, says Hakmeh, are very important.
The UK, compared to many other parts of the world, is doing well at this. There is also a significant level of judicial oversight in the country, as well as a series of checks and balances and a strong commitment to civil liberties, that means law enforcement is being given a reasonably good chance to do its job, without infringing on the rights of the individual.
There is, however, a lot more to do. A major problem is the huge number of cybercrimes that are estimated to be committed, compared to the number that are reported. The National Crime Agency (NCA) has reported that only 30,000 of the estimated 1.8 million cybercrimes committed in the UK last year were reported to the authorities.
On the other side of the same coin, there is the question of basic cyber ‘hygiene.’ If everyone applied core principles and carried out the right procedures – things like changing passwords, backing up files and so on, some estimates say that up to 80% of cybercrime would be eliminated, freeing up the police’s time to deal with the more complex crimes.
A key tenet of tackling cybercrime is public-private and cross-border partnerships. Cybercrime is inherently transnational, and so even with the best law enforcement agencies at its disposal, international cooperation is key for any country.
Cybersecurity in the Middle East and North Africa
One of Hakmeh’s specialisms is in policy in the Middle East and North Africa (MENA) region. In these countries, cybercrime is a major threat in large part due to the lack of framework in place to tackle it.
Some countries, she notes, have very few, if any, identifiable cybercrime laws. Those that do, often focus on criminalising online actions and speech – for instance, criticism of national leaders, religious and perceived blasphemy crimes, as well as things like organising protests.
While it is, of course, the prerogative of each country to define its own laws, harmonization of cybercrime laws between the countries would go a long way in avoiding certain countries becoming havens for cybercriminals. Cybercrime laws which focus on criminalisation without elaborating on other important aspects of the law such as procedures and international cooperation do not play their intended role in fighting cybercrime.
The lack of boundaries that cybercriminals have to deal with, whether they are regulatory, ethical or geographical, puts them at a permanent, and unfair, advantage
Though each MENA country has its own particularities, there can be some broad strokes that can be applied to certain regions within it. The oil-rich countries in the Gulf region have begun to take on digitisation projects, meaning there are considerably more avenues for attackers to pursue than in poorer countries such as Yemen.
Cybercrime and the State
The relationship between the State and cybercrime has been brought into stark relief in recent years, and nowhere was it more controversial than in allegations of tampering by foreign governments in the U.S. election and in elections in France and Italy.
Russia, in particular, has been accused of carrying out online influence campaigns – accusations, Hakmeh notes, that have been backed up by American intelligence agencies with ‘high levels of confidence.’
Hakmeh argues that the most sinister impact of these influence campaigns, and the constant shouts of ‘fake news’, is the damage it does to the general population’s faith in the democratic process.
Cybercrime, it is clear, can have a major impact on our lives, and Hakmeh likens the battle between law enforcement and cybercriminals to a bout in the ring between a professional boxer and a child. The lack of boundaries that cybercriminals have to deal with, whether they are regulatory, ethical or geographical, puts them at a permanent, and unfair, advantage.
The answer, believes Hakmeh, is a continued focus on international and public-private cooperation. It is only through working together, she argues, that the playing field can be levelled.
Joyce Hakmeh will be speaking at the forthcoming Cloud Security Expo, which takes place on 21st and 22nd March 2018 at London’s ExCeL Centre. To hear from Joyce and other security experts from around the world, register today for your FREE ticket.
Cyber Research Fellow, International Security Department, and Co-Editor of the Journal of Cyber Policy