Think like the attacker

Cybercrime is not new, dating back three decades. As the world gets increasingly digital, financial cybercrime has emerged as one of the most significant threats to citizens. Cyber criminals are expanding their attack surface. The pandemic saw the levels of financial cybercrime frothing up with devastating results. Read more here.

What is the attacker thinking of as the key barrier areas? - including jurisdiction limitations, prosecution restraints, limited reporting of cybercrime, and the complications in proving cybercrime cases.

The jurisdiction loop hole

Jurisdiction is the #1 barrier to prosecuting cybercrime. In the digital world, most times the person committing the crime is outside the legal jurisdiction of the court and prosecutors seeking conviction and attribution is complex. In our remote first environment, no longer are we going to physical locations of our workplace, our banks, our healthcare institutions and hospitals as well as our learning institutions. They know it, and this has to urgently change!

Enhancing and enlarging the subjective territorial/ local regulation and law enforcement will have a long-term effect on fighting cybercrime.

Prosecution limitations

Our legal system, refined over centuries, was created for the physical world and physical crimes. But when crime involves remote computers or people, it is hard to figure out the legalities. Further, there are regional differences to approach a particular crime. Federal legal systems have led the way to define and prosecute cybercrime, but it takes time, high costs, and extra processes. Knowing this, cyber criminals are brazenly targeting citizen populations based on commercial success and prosperity index. Can we address this?  

International law enforcement partnerships will exercise powerful trans-national and extraterritorial jurisdiction.

Cybercrime reporting

Increasing incidents of pig butchering, sex-tortion, romance scams are blighting our citizen’s lives. For the victim, there is overwhelming personal embarrassment, confusion and disgust because these crimes are not normalized – relegating them to silence. Further, a vast majority of the victims have no idea where and how to report cybercrime, or even if they do, rarely does anything come out of it. If enough people don’t raise the alarm, cybercrime will keep growing under the radar. They know it, and it is time to normalize cybercrime reporting.

We need an ‘Internet Police’ with a valid '911' to call!

Lack of digital forensics  

Bulletproof evidence of cybercrime is hard to get. E.g., you get an accurate log file/ incident report that shows an intruder breaking into your system. You then copy that log file and report it to the police, but rarely will it withstand the assault of the defense attorney. Some sample questions:

How do we know the log file hasn’t been tampered with? Who had the access to the log file? Is the time and date stamp accurate? How do we know your system accurately detected the originating IP address — can’t IP addresses be faked? Was the log file originally written to write-once, read-only media? What has been the chain-of-custody of that log file until now? What experience does the computer team have with obtaining legal evidence? And so on.

This is a clear use case for application of computer science and investigative procedures, examining digital evidence, search authorization, chain of custody, validation with mathematical tools, repeatability, reporting, and expert testimony. Isn’t this where we lack public – private partnership? They know it and make it work for themselves.

I also suggest that success should be measured in prosecution as well as disruption of cybercrime networks. Let’s not stop at defensive security, but we need to highlight technologies to offensively repel cyber attackers including decoys, enhanced firewalls, pentesting, IPS/ IDS, and web-based deception solutions.

It is time to speak up in public forums. This is especially important for our schools and our kids. They need the information about critical aspects of cyber security, and also the critical thinking to tackle this crisis. Our children are the ‘sitting ducks’!

Read about REACT and Deputy DA Erin West’s efforts in this regard. Come join us in raising the collective consciousness about cybercrime, cyber security and cyber hygiene. Re-post this article forward.