by Jimmy Fong
Phishing and ransomware attacks on businesses and governments are on the rise, and criminals are becoming smarter with their tactics. The message is clear: enhanced international cooperation in strengthening cybercrime legislation.
By enhancing collaboration among countries, we can effectively address the growing challenges posed by cyber threats and close the enforcement gap.
Current cybercrime landscape
Cybercrime is increasing for individuals, businesses, and nations alike. All countries are becoming increasingly affected by data breaches and phishing.
Looking at 93 different countries, the SEON Global Cybercrime Report discovered that the countries with the highest cybersecurity risk are currently Afghanistan, Myanmar, and Namibia due to a lack of or limited legislation.
Those with the lowest cybersecurity risk are Belgium, Finland, and Spain – protected by a combination of cybercrime legislation and secure technology.
An inability to properly enforce cybersecurity, whether that’s on a governmental or business level, is known as the enforcement gap.
While all countries tackle their own specific cybercrime issues, we can extrapolate from US-based data provided by the FBI-run US Internet Crime Complaint Center (IC3) that phishing and pharming attacks are on the rise generally.
This is because these types of attacks can affect all internet users regardless of nationality. Both practices involve convincing internet users to give away sensitive information such as passwords or credit card details.
Criminals can use tactics like social engineering to convince their victims that they are providing data to a trusted person (such as an IT support worker or boss).
Also, thanks to the recent rise of Bitcoin, ransomware criminals are starting to demand cryptocurrencies from their victims. This is because it is difficult to trace the movement of currency from one anonymous account to another.
NPR found that: “if the cyber thieves live in countries like Russia — which many do — there’s virtually no chance of getting caught.” The above data demonstrates the significance of government legislation in protecting countries, businesses, and citizens against cybercrime.
Below, we will look at current efforts to improve international cooperation and where improvements can be made.
Need for international cooperation
Cybercrime is a global issue that requires collective efforts. Therefore, this should take the form of sharing information, resources, and expertise.
The US government has proposed that some of the challenges to international cybercrime prevention include:
- Being able to commit the right personnel and resources, being able to identify criminals successfully;
- The ability to share the information collected on criminals internationally;
- The right laws are in place to prosecute cybercriminals.
Developing a common legislative framework that all countries agree upon has, so far, proven to be a challenge.
The Convention on Cybercrime is considered the first international treaty in place to help address cybercrime globally.
While the Convention deals with cases of fraud like phishing and pharming, it also aims to tackle criminal activity on the internet and computer technology generally.
According to the Council of Europe, it has been signed by 68 countries, including the USA, Canada, the United Kingdom, and Japan.
As the CCDCOE says, 80% of countries currently base their own legislation on the Convention. However, some countries have not agreed to sign the Convention: India has refused to sign, perhaps due to a lack of involvement in its original negotiation.
To combat cryptocurrency-related cybercrime (and therefore tacitly ransomware-based cybercrime), the United Nations plans to introduce a new treaty for all countries that aims to strengthen financial surveillance laws.
This would apply to any organization working with digital currency, requiring them to collect information on crypto users, which could remove some of the anonymity associated with cryptocurrency.
Challenges to a common cybercrime legislation
As cyber threats rapidly evolve – such as in the case of cybercriminals using AI to improve their phishing and pharming techniques – countries with less sophisticated methods and resources for dealing with cybercrime become at greater risk.
Therefore, the ability to share resources and solutions between countries is a possible solution to this issue.
Citizen knowledge of new techniques and discussion of legislation around cryptocurrency may also prove useful in keeping ahead of cybercriminals.
Education surrounding safe cryptocurrency usage is one weak point: thanks to the rise of new phishing techniques, cryptocurrency users are at risk of account takeover fraud if they provide sensitive information to criminals accidentally.
What’s more, many developing countries do not have the personnel and resources to prevent cybercrime, even if they agree to common frameworks for dealing with it.
In response to this, the United Nations has established the Global Programme on Cybercrime, in particular for countries in Central America, Eastern Africa, MENA, South East Asia, and the Pacific.
Some of its aims are to strengthen communication between governments and the private sector on cybercrime, as well as help to build a long-term: “whole-of-government response to cybercrime, including national coordination, data collection, and effective legal frameworks.”
Strengthening enforcement mechanisms
As a response to escalating cybersecurity concerns, we propose measures to improve investigative capabilities, such as investing in technology and training for law enforcement agencies.
While the private sector has worked hard to prevent fraud with the help of device fingerprinting and identity verification tools on the market, businesses and governments must work to combat new forms of cybercrime as they arise.
In their Global Security Outlook 2022, the World Economic Forum expressed that preventing ransomware attacks was a growing concern, emphasizing the importance of more secure networks, regulation of cryptocurrencies, and a more concerted effort on the part of law enforcement to arrest cybercriminals.
Finding common ground when it comes to cybercrime legislation is a complex task, but it is significant in helping to tackle new trends like phishing and crypto-ransomware attacks. Internxt’s article on online safety, staying safe online, is essential for anyone who uses the internet.
In truth, no one can afford to be reckless with their information online. Even today, there is a clear need for more harmonized laws, enhanced enforcement mechanisms, and information sharing to combat cyber threats effectively. We can close the enforcement gap and create a safer digital environment by fostering international collaboration.