Conference focuses on challenges of fighting cybercrime
Date: September 18, 2004Source: Network World Fusion
By:
Preserving the digital crime scene poses one of the biggest challenges in the global fight against cybercrime, said participants this week at a major international conference on fighting Internet-based crime.
The two-day conference, organized by the Council of Europe and held in Strasbourg, France, was meant to encourage more countries to sign the Council's convention on cybercrime, which aims to strengthen international cooperation in combating computer-based crime and to harmonize national legislation. The conference drew more than 200 participants from government and the private sector.
Law enforcement officials attending the conference stressed the importance of rapid cross-border cooperation between agencies to bring cybercriminals to justice.
"Communications networks between law enforcement agencies have to be strong and rapid," said Andy Leatherby, of the U.K.'s National Hi-Tech Crime Unit (NHTCU) in a telephone interview.
Getting evidence before the tracks vanish is a major issue, he said. Dealing with computer-based crime requires officers to trace back IP packets over the Internet, but very few countries have legislation requiring ISPs to retain data and some even have laws preventing ISPs from preserving connection records, he said.
Nevertheless, this is precisely the information investigators need, he argued. Normally, investigators are only interested in traffic data, not in information about content accessed, so there should be less concern about privacy protection, he said.
His view is shared by Bernhard Otupal of Interpol. Greater understanding of investigators' needs would make cooperation easier, he said, also speaking by telephone.
"Data protection would not be a big problem if people knew what law enforcement actually does with it. The huge problem is identifying people by IP or telephone number," he said.
There shouldn't necessarily be a clash between effective enforcement and data protection, said Christopher Painter, deputy chief, of computer crime at the U.S. Department of Justice.
"There's an issue of security versus privacy but if we're doing our job properly we're protecting privacy by stopping personal information getting into the hands of people who will misuse it," he said.
The Convention made a major contribution to this process by asking signatories to provide a round-the-clock point of access where other agencies can request data needed in an investigation, law enforcement officials said.
"It requires each country to set up a 24-7 point of contact so in case of an incident, a law enforcement office can phone a contact point in another country and preserve the digital crime scene," Leatherby said. There are currently 89 countries in the 24-hour network worldwide.
Participants stressed the need for as many countries as possible to sign up, emphasizing that in fighting cybercrime it is important to avoid the mistakes made in the battle against money-laundering and to prevent the creation of places where criminals operate beyond the reach of the law. "We don't want countries to have safe havens because it is easy for a hacker to route communication through third countries," Painter said.
While the business community is taking the problem more and more seriously because of the cost implications of failing to protect their systems, some participants said there is still work to be done raising awareness of the threat from cybercrime.
Add comment Email to a Friend