As cyber-crime continues to grow around the world and criminals of every level getting in on the act, low level script-kiddies and international organised crime gangs alike develop more capabilities which allow them to go from robbing banks, not by holding a shotgun, but rather a sophisticated ransomware attack. This has allowed criminals to operate cross-border, at scale, and even offer their services to others.
A panel convened at SC Congress Amsterdam's session on preventing cyber-crime. The panel broadly agreed that we need to consider the threat, our response and how we might become equally and better organised than our opponents. The group agreed that deep cooperation and sharing of intelligence, resources and skills to defend our common interests is the best way to overcome today's modern cyber-adversaries.
Despite his self-proclaimed short three month tenure as head of Europol's EC3, Steve Wilson kicked off SC Congress's session about ‘preventing cyber crime' stating that thanks to member states working within the EU, it has presented a much stronger task force to fight cyber-crime.
Wilson said that the challenges really haven't changed – the rogue nation states, terrorists, activists and script kiddies are all still there. However, thanks to the Europol's EC3, a group of member states named JCAT, have solved four major cases this year alone, and in 2015 they cracked nine. This level of cooperation coming from working together as one big “cyber jigsaw” has allowed for these crimes to be solved and perpetrators brought to justice.
Niran Sariki, an experienced senior cyber-security consultant said that “we need cyber-security awareness training on an ongoing basis, rather than a one time thing”. Wilson agreed and said that “were using 19th century laws to fight very modern problems”.
Sariki, a cyber-security advisor for the European Parliament said cloud computing technology, despite its exponential growth, are seeing users and businesses alike share a hazardous trait in the cyber-security world. They want things done immediately, and this opens them up to endless cyber attacks and potential threat vectors.
Melanie Rieback, CEO of Radically Open Security and asst. Professor of computer science at Amsterdam University said that in cyber-crime “sharing is caring”. Citing groups like MISP and Shadows which share information to fight online threats, she argued that “information is currently heavily siloed and needs to be more open source”, to assist in fighting cyber-crime.
Rieback expressed that there are lots of threat intelligence companies who charge thousands of pounds for the privilege of looking at their information and said that we need to over come this to become more agile at combating cyber-crime.
Finally, Bart Hogendoom, Member of the Nederland ICT board asked Tom Reeve, SC's deputy editor to stand up and face him. Hogendoom air-punched Reeve as something of an object lesson to try and explain that the most critical part to fighting cyber crime is how we respond.
Pointing out that when Reeve ducked, he had his natural defences arm him for the situation, Hogendoom explained that if we had no information sharing which, he says is imperative to the industry, Reeve would not have been able to duck Hogendoom's air-punch.