by Ian Heritage
Few people could dispute the vital role government strategy plays in efforts to tackle cybercrime and state-sponsored attacks. The security industry also plays a crucial part in developing products and generating key intelligence to keep organisations safe. But there’s a third essential pillar to these efforts: law enforcement. And the good news is, cross-jurisdictional operations are starting to generate significant results. But recent news from within the EU has shown us that education and societal intervention is just as important as arresting hardened criminals.
Industry professionals wanting to find out more about this valuable work should get down to Trend Micro’s annual CLOUDSEC event in London next month, where leading figures from law enforcement will be sharing their thoughts and expertise.
Arrests and interventions
Global police have been on a roll over the past couple of years, dismantling thriving dark web marketplaces like AlphaBay, Hansa, Wall Street Market and Silkkitie and disrupting major cybercrime rings like Rex Mundi. However, in Europe, there’s a potentially even more important operation currently being run.
The Hack_Right initiative isn’t designed to track down and arrest suspected cyber-criminals, but instead to step in to prevent first-time-offenders becoming serial hackers. It works quite simply: when police spot a possible cyber crime, they visit the suspect and explain what happened – offering the culprit a type of community service rather than pushing them towards the criminal justice system. In this way, the individual gets 10-20 hours of ethical hacking training and help and advice on possible career paths or further education.
It’s a remarkably mature and progressive approach to policing reflective of the fact that the average age of a convicted cyber-criminal is just 19, according to Dutch cyber police. So far the UK’s National Crime Agency (NCA), which is running the programme along with its counterparts in the Netherlands, has already spoken with 400 youngsters. It’s proof of the vital role law enforcers can play in providing a deterrent to would-be offenders. Time will tell how well it works, but it’s worth a shot: the economics of cybercrime and the ease with which tools and know-how can be bought on the dark web mean there will always be a lure for budding black hats.
Focus on policing at CLOUDSEC
An increasingly important part of the CISO’s role is to co-ordinate effectively with law enforcement. That may be in the event of a major cybersecurity breach, where time is of the essence in terms of incident response. Or it could be during outreach and education programmes run by the police themselves. Whatever the cause, it makes sense to get familiar with how policing works in the high-tech crime prevention space.
That’s where CLOUDSEC comes in. Trend Micro’s annual event in September will feature an impressive roster of speakers from law enforcement. There’s former head of the UK’s Police National Cyber Crime Unit, Charlie McMurdie; UN cybercrime advisor, Alexandru Caciuloiu; and others to be announced.
Make sure you reserve your place today!
What: CLOUDSEC 2019
When: 13 September 2019
Where: Old Billingsgate Market, London