In mid-April of this year INTERPOL launched its brand new cyber-division in Singapore – the INTERPOL Global Complex for Innovation (IGCI) – which I believe is a landmark achievement for the global state of cybersecurity. I’d been personally campaigning for something like this to happen for several years beforehand, so now, finally, what seemed once a distant dream has come true. And I’m very proud that my company has been a partner of INTERPOL and been supporting it in its ambitious goals for several years.
Why is it so important?
For the last two decades the IT security industry has been in a constant fight against cybercriminals. My company and our competitors have learned a great deal about their techniques, their objectives, their motivation. We’ve often had to learn to predict new threats and develop preventive measures to protect our customers even before the criminals launch their attacks. But as private companies, we’re fundamentally limited in how we can deal with these threats. We can provide protection to our customers, research malware, carry out forensic studies of our customers’ computers, investigate sophisticated attacks, and track criminal activities on the Internet with various sensors and honeypots. But we can’t physically stop criminals launching a new attack after we’ve thwarted their previous one. We need law enforcement agencies to catch them, and courts to put them behind bars.
Unfortunately, there’s been limited success in prosecuting cybercriminals on a global scale so far. Cybercrime is far from being contained, and it continues to evolve and grow – as does the global economic damage it causes. There are three reasons for this. First, police and courts lack technical expertise in the fight against cybercrime, which is why they may require support from security experts. This varies wildly from region to region: though there are notable exceptions of countries where police have a good grasp of how the cyberworld and cybercrime works, globally there’s still a great deal of work to be done to train up police forces. Second, law enforcers and courts are limited by their national jurisdictions. And third, cybercriminals are not limited so: they live online in a cyberworld that has no borders: as they stage cross-border attacks, they exploit the limitations of international police agreements and communications.
The opening of the IGCI is a major step in addressing all three of these reasons. Since there are no borders for cybercriminals, security needs to have no borders too. A cyber-INTERPOL not only enables transnational cooperation of law enforcement to stop cybercriminals, it also helps in spreading the expertise on how digital crime should be investigated and prosecuted. One of our top malware researchers has been based in Singapore for several months already, advising on the technical setting up of the new organization, in particular the building of its own state-of-the-art digital forensics lab.
I’m certain that INTERPOL’s new division is capable of tackling a very disturbing trend in the development of cybercrime: its merger with traditional offline organized criminal groups. There used to be a clear distinction: on the one hand you had spammers, botnet operators, etc., who were earning their criminal income online; on the other – drug traffickers, racketeers, etc. Today such a distinction seems to be fading and traditional gangsters are adding various cybercriminal elements to their business portfolios. Since INTERPOL has very significant know-how in the fight against various mafias, it can leverage that know-how in the fight against cybercrime as well.
Of course, I don’t think that despite all global efforts it is possible to eradicate cybercrime completely – just as it has been impossible to defeat offline crime for millennia. However, good law enforcement makes a difference. For the computer-savvy younger generations, a realistic prospect of being caught and put behind bars would significantly raise the personal risk connected with joining cybercrime gangs. While by successfully prosecuting existing hacking groups it’s possible to significantly increase the level of security online, both for businesses and individual users. The IGCI has a lot of important work to do, and we’re only too happy to help it succeed.
This article was written by Eugene Kaspersky from Forbes and was legally licensed through the NewsCred publisher network.