A few months ago, I had the opportunity to sit in on a talk given by Christian Karam, a digital crime officer, cyber innovation and outreach, with Interpol, at G DATA’s 30th anniversary celebration. It was a fascinating discussion (and I got to continue it a bit on a shared cab ride with Karam the next day) about how cybercrime is universal yet regional, and how it is continuously evolving.
Karam’s talk focused on the difficulties facing law enforcement when it comes to stopping cybercrime internationally. Unlike security companies, law enforcement – Interpol specifically – isn’t just concerned with stopping cybercrime, but with putting the cybercriminals in prison. Why? Karam said:
If you just stop the criminals from their activities, they will come back with a smarter, faster, more elegant way to do damage.
He also quoted the person who used to head up the European Cybercrime Center, saying that there are only about 100 malware coders in the world, and if you block them, you stop about 70 percent of cybercrime. The bigger problem is the ease of committing cybercrime itself.
Cybercrime doesn’t have borders, and those involved in cybercrime are acting more like big business every year, with CEOs and recruiters and worker bees, just like any other business setting. However, cybercrime isn’t the same everywhere. There might be shared aspects to it, but different regions, countries, or even cities, are targeted differently. For instance, Karam said the worst places for mobile threats are Dubai and Singapore. The reason is to capture emails that reveal important investment data that is funneled through to managers and other players willing to pay for the information. These “kingpins,” as Karam called them, then go on to make legal investments and make legal money through the compromised emails. Karam went on to say:
It’s not only about stealing bank accounts and stealing money directly, but it’s also about using the information, doing the extortion, and investing in the legal market. . . . The state of organized crime is making it easier for others to commit cybercrime.
The biggest problem for Interpol – and I would say for any country or community fighting cybercrime – is the lack of law enforcement with an expertise in cybersecurity (funny how that mirrors the lack of qualified security professionals). The amount of different types of threats is stunning, and some of those threats are incredibly individualized. Karam discussed those threats in depth, from ransomware to malware hidden in Bitcoin.
The lack of qualified law enforcement is one reason cybercrime is so hard to control, but Karam also pointed out another problem. We become so focused on one task that we aren’t able to see the other issues and surprises that pop up around us. That’s why it is so important for organizations and governments to work together. He said:
If we don’t all jump in, we’re not going to get the whole picture. This is the gist of international collaboration talks. Everyone has something to bring to the table.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba