Interpol orders immediate cybercrime action

International law enforcer calls for immediate co-operation to fight escalating cybercrime phenomenon
Written by Will Knight, Contributor

The head of Interpol has warned nations, law enforcement groups and companies to act swiftly if they are to stand any chance of beating cybercrime.

Speaking at a conference in London Wednesday, Raymond Kendall, secretary general of Interpol said his organisation is concerned that unlawful computer techniques are developing at such a rate that they represent a "new phenomenon" for international law enforcers. Kendall urged international organisations not to wait for conventions to be passed before drawing up guidelines for an allied response to the threat of cybercrime.

The council of Europe last week held talks to iron out draft proposals for an international treaty governing computer crime laws. This is expected to unify national laws to outlaw hacking tools and techniques, and give investigators increased powers to search and seize computer systems regardless of jurisdictional issues.

"Things are moving forward," says Kendall. "I think everybody was taken by surprise by the speed and explosive nature of the development [of sophisticated cybercrime]. Here we are faced with a new phenomenon, and a phenomenon that has already developed very, very quickly. That means that the response ought to be developed quickly as well."

Recent incidents, most notably the release of the Lovebug virus and the distributed denial of service attacks on major Web sites, are estimated to have cost businesses billions in damages.

According to Kendall, Interpol is developing a new strategy for monitoring computer crime trends and working with the United Nations to assess ways to disseminate that information efficiently. Interpol is keen to see businesses -- the principle victims of computer crime -- share information with it about computer attacks and vulnerabilities.

Another significant challenge for law enforcers is the lack of international precedent for dealing with computer crime. This was evident when the FBI traced the Lovebug virus to the Philippines where sophisticated laws controlling computer crime do not exist.

Efforts to coordinate international agreements on cybercrime have, in fact, come from many quarters. As well as the Council of Europe and the G8 nations, the United Nations, the European Union and the Organisation for Economic Cooperation and Development (OECD) have all carried out investigations into measures needed to tackle global computer crime.

Local governments, including Blair's administration, have established domestic laws -- such as the RIP Act -- to combat computer crime. Kendall believes disparate legal protocols around the globe could lead to chaos later. "All of these things are going on at the same time," he said. "There are two things that are missing as far as I'm concerned. First of all a coordinated, concentrated international approach on the part of governments and international organisations, and how we put this together with the private sector."

Atomic Tangerine, the US e-commerce company hosting the London conference The Global Security Imperative: Removing Barriers to e-Business, believes there could be a synergy between the private sector and law enforcement agencies. "One of the roles that Interpol can play is proposing a method of disseminating information," says vice president of Atomic Tangerine and computer security specialist, Karen Worstell. "Something that is very important for businesses is security trends."

One danger of not getting full international cooperation over the development of a computer crime convention, says Kendall, is that international havens for computer criminals might emerge. He believes, however, that most countries will be eager to follow the lead of the world's industrialised nations.

Some groups have voiced concerns that an international treaty increasing law enforcers' powers could threaten individual rights and restrict legitimate security experts. Kendall says that these concerns are legitimate and recommends that nations work within their own domestic laws regarding individual rights.

The Council of Europe is expected to produce a second public draft of its cybercrime convention in the next few weeks and the convention may evolve into a globally recognised pact for fighting computer crime.

Take me to the Hackers News Special

What do you think? Tell the Mailroom. And read what others have said.

To have your say online click on the TalkBack button and go to the ZDNet News forum.

Editorial standards