A new bill introduced this week in the U.S. Senate would threaten countries with funding restrictions if they fail to properly address cybercrime within their boundaries.
The proposed bipartisan legislation known as the International Cybercrime Reporting and Cooperation Act — introduced Tuesday by Sens. Kristen Gillibrand, D-N.Y., and Orrin Hatch, R-Utah — would require the president to annually report to Congress on countries where there is evidence of cybercriminal activity directed against the United States coinciding with limited law enforcement investigations and prosecutions of such actions.
The White House would develop an action plan for these so-called cybercrime havens to help their governments "improve [their] capacity to combat digital offenses." If they fail at meeting the demands, the nations in question would face certain economic punishments, such as restrictions on receiving new Trade and Development Agency (TDA) assistance or Overseas Private Investment Corp. (OPIC) financing.
The senators said fighting cybercrime requires international cooperation, and the bill, in fact, was spurred on by recent news of the Google-China attacks.
"Cybercrime is a serious threat to the security of the global economy, which is why we need to coordinate our fight worldwide," Hatch said in a statement. "Until countries begin to take the necessary steps to fight criminals within their borders, cybercrime havens will continue to flourish."
A key first step for these nations is getting laws on the books that make cybercrime illegal, Sy Goodman, a professor of international affairs and computing at Georgia Tech, told SCMagazineUS.com.
"Otherwise there is no basis for stopping it," he said Wednesday. "There's got to be sin before there can be punishment."
Goodman estimated that half of the world's approximately 200 countries are "defenseless" against cybercrime, either because they lack laws or are unable to detect incidents, or both. As a result, the federal government must help these countries with things such as setting up computer emergency response teams (CERTs).
"There are some implicit obligations on our part," Goodman said. "If we're going to threaten them for our sake and their sake, we ought to do something to help them."
Maxim Weinstein, executive director of StopBadware, a nonprofit aimed at fighting bad software on the internet, said cybercrime is particularly rampant in countries such as China and in Eastern Europe, but also in nations not typically thought of as cybercriminal hubs, such as Brazil.
"Clearly the U.S. has a big stake because so much of the U.S. economy is driven by internet-based technology," Weinstein told SCMagazineUS.com on Wednesday. "So much is moving to the internet as a platform for commerce."
But he added that all nations should have an economic incentive to curb malware and hacking.