Interpol World 2015: Cybercrime increasingly challenging for law enforcement

Delegates at this week's Interpol World conference in Singapore urge for deeper industry collaboration, as populations become increasingly connected just as cybercriminals are increasingly collaborative.
Written by Eileen Yu, Senior Contributing Editor

Governments and enterprises must continue to work together and beef up their cybersecurity capabilities, especially in an environment where people are increasingly connected and cybercriminals also are increasingly collaborative.

Technological advancements, globalization, and urbanization had enabled criminals and terrorists to pose a new wave of threats that could shake the security foundation of local markets as well as globally, said Singapore's Second Minister for Home Affairs and Trade and Industry S. Iswaran, during his opening address Tuesday at Interpol World 2015. The three-day summit gathered some 8,000 participants and 200 exhibitors from across the globe.

"From surveillance and planning, communications and transportation, to concealment of crime and expansion of its reach, crime is committed in new ways that defy traditional security counter-measures," Iswaran said.

Stressing the severity of cyberthreats today, the minister noted that the global online penetration rate had hit 40 percent, with the adoption of computers, smartphones and internet pervasive among businesses and personal lives.

He added that the emergence of the Internet of Things (IoT) would further expand the world's connectivity, pulling homes, vehicles, and healthcare devices into the web network. While these devices could improve user experience and optimize resources, the increased network usage would lead to higher risk exposure.

"New cybercrime attack vectors and more points of entry are being introduced, allowing criminals to easily steal personal information for fraudulent activities, or even worse, cripple entire systems simply by targeting one device," Iswaran said, adding that growing cloud adoption also posed security threats.

"The move to cloud computing aggregates immense data in computer servers around the world. This poses higher security risks, as hackers can now access massive amounts of data by hacking just one server." He further noted that mobile phones contained large amounts of personal data, but few individuals practise good security hygiene.

Increasing dependence on technology had enabled criminals and terrorists to easily manipulate information viewed by individuals on their screens, especially with the availability of tools that could intercept data transmitted wirelessly. He added that secured communication channels had been known to be hijacked by man-in-the-middle malware.

In his presentation at the conference, DarkTrace's director of technology Dave Palmer predicted that cybersecurity attacks would continue to increase over the next couple of years as hacking tools and services continued to made available for sale, giving adversaries the ability to buy access into their targeted organizations.

Someone who dislikes a company can do damage to the business out of spite, rather than for monetary gains, Palmer said, and people who do have the skills to cause serious damage can do so simply by buying the tools or services to attack an organization.

According to Kelvin Wee, Hewlett-Packard's enterprise security products regional product management director of ArcSight, monetization and espionage had driven the evolution of security threats to its current state.

Wee said adversaries often collaborated to share information and trade services in a common marketplace, as well as collectively target identified organizations.

Palmer added that enterprises should dispel the assumption that their defence systems were sufficient to fend off attacks, adding that these were far from perfect and technologies people relied on today were insecure. On the other hand, adversaries were getting more skilled in their ability to penetrate networks.

Businesses should build IT infrastructures to work like the human immune system, which would have the abilities to self-learn, understand behavior, adapt, and react in real-time, he said, touting DarkTrace's portfolio. These traits would allow IT systems to develop mathematical models normal behavior so they would be able to identify abnormal activities, and understand the behaviors of individual user, device, and the enterprise as a whole.

"Everyone in the organization is a conduit for an external adversary," Palmer explained, stressing the importance of learning from raw traffic passing through the company's network to analyze data and be better able to identify potential threats from within the internal network. Enterprises then would be able to build learning models for each user and device, use these to detect normal and abnormal behaviors, and calculate the probability of threat based on anomalies.

Wee supported efforts to start by looking within the organization, noting that "it's difficult to boil the ocean".

Enterprises should aim to first understand their organization's infrastructure, decide the components and applications that were critical to their business, and prioritize these in their cybersecurity strategy. Wee said security analytics played an important role in the future of security operations centers, allowing enterprise to study attack patterns and better identify threats.

Iswaran urged nations to build the necessary security mechanisms and capabilities, and be better prepped for cyberattacks that could come at a greater scale and cause severe impact.

With globalization, criminals also had been able to operate "in loose and fluid networks" to avoid investigations and prosecution, he said. The global reach of crime indicated that geographical boundaries were no longer constraints in launching attacks of scale and high impact.

In addition, increasing urbanization was changing the operating landscape for law enforcement agencies worldwide, where more than 35 cities were home to a population of more than 10 million each. Higher population and infrastructure density would lead to increased diversity and social changes, presenting new security challenges.

Madan Oberoi, director of cyber innovation and outreach for Interpol Global Complex for Innovation, concurred, noting that the borderless nature not just of the internet, but also of the services most commonly used today as well as the globalization of business operations posed a serious cybersecurity challenge for law enforcement.

While the industry had grown increasingly borderless, law enforcement remained governed by local jurisdiction. To drive multi-jurisdictional cooperation and interoperability, SOPs (standard operating procedures) and processes must be established, Oberoi noted.

However, even if such SOPs were in place, the question remained whether all countries or jurisdiction would have the capacity or necessary infrastructure to support such processes, he said, pointing to the disparate level of readiness between nations as another key challenge in cybersecurity.

Iswaran further observed: "Criminals and law enforcement agencies are locked in a competitive cycle of co-evolvement, where we fight for technological competitive advantage. There is, thus, an urgent need for law enforcement agencies to leverage latest technologies and adopt innovation as a key enabler of policing work.

"Innovation in policing methods and tools is the key to ensuring that law enforcement agencies stay ahead of criminals and ultimately triumph." He called for law enforcement agencies around the world to collaborate and leverage each others' resources, and build expertise as well as introduce "innovative policing solutions".

With the borderless nature of crime, he underscored the need for international cooperation between governments, which would support quicker identification as well as mitigation of threats. The minister also highlighted the importance of closer cooperation between the government and private sector, pointing to information sharing, research and development, as well as capacity building and training.

Separately, the Interpol Global Complex for Innovation in Singapore was officially opened on Monday to support the organization's research efforts to improve its forensics and data capabilities. It is one of three nodes of a Global Command and Coordination Center and will assist in 24/7 operational police support.

Operational since last November, the Singapore site houses some 110 officers from more than 50 countries and has the capacity to hold 350 staff.

Editorial standards