Threat landscape has changed, not just in terms of tech but also motivation
Don’t be surprised if cybercriminals are targeting the Internet of Things
FOR the International Criminal Police Organisation (Interpol), the key to combating cybercrime would be via strong partnerships with various stakeholders.
“At Interpol, we believe in a multidisciplinary approach. We need to foster strong partnerships with various parties – from law enforcers and technology companies, to enterprises and academia,” said Dr Madan Oberoi, director of Cyber Innovation & Outreach at the Interpol Global Complex for Innovation (IGCI).
According to Madan, the cyber-threat landscape has evolved over the years, and it is becoming more challenging to predict how it will evolve in the years to come.
“In the past, many cybercrimes were conducted by college students, who wanted to show off their skills without any specific motive. They usually targeted systems to find out their vulnerability,” Madan told Digital News Asia (DNA) in Jakarta recently.
“Today, it is a whole new landscape. Besides new technologies, motivations have also changed,” he added.
READ ALSO: Mobile banking apps more vulnerable than you think: Researcher
There are many benefits expected from the Internet of Things (IoT), in which consumer devices are equipped with sensors and connected to the Internet.
For example, sensors that monitor the heart can contact the nearest hospital when the user exhibits the symptoms of a heart attack. Sensors in a car can contact the police, hospitals and even toll trucks when it is involved in an accident. The list goes on.
Market research firm Gartner Inc, in a 2014 report, said it expects the IoT industry to grow to 26 billion units installed by 2020 – which would give cybercriminals 26 billion reasons to target this industry.
“Looking at how cybercrimes are evolving, I would not be surprised if the IoT is one area cybercriminals are looking at,” said Madan.
Factors driving cybercrimes
According to a report by McAfee and Intel Security, it was estimated that the likely annual cost to the global economy from cybercrime is more than US$400 billion.
While this may suggest that money is the main driver for cybercriminals, Madan (pic) believes the truth is more complicated than that.
“It is not only the lure of making millions, but also the perception cybercriminals may have that they can get away with these criminal acts.
"This is the myth that we have to shatter ... we have to send a clear message that wherever cybercriminals are, the law will catch up with them,” he said.
When asked how well prepared and equipped Interpol is in combating cybercrime, Madan said that the organisation’s capabilities in this area have been significantly developed.
“There have been tremendous improvements in this area – we are much more prepared,” he said.
However, he stressed that combating cybercrime is not the work of one organisation or one country.
This is partly because today’s cybercrime organisation commits activities across various countries, and sometimes various regions – this multi-jurisdictional approach sometimes makes it challenging for the relevant authorities.
For example, victims may come from different countries; the place where the hacker was located when he committed the crime, and the place where the information was stored, can also be in different countries.
While it is challenging to handle such cases, it is not impossible, Madan argued. He said that in 2014, Interpol facilitated an operation targeting an extortion case whose victims were in many jurisdictions including the United Kingdom, Singapore and Hong Kong.
“Interpol provided a platform so that these various parties from different countries were able to share information. As a result, 58 people were arrested,” he said.
Due to ever-changing cybercrime trends and the evolving threat landscape, Interpol decided to set up the Interpol Global Complex for Innovation (IGCI) in Singapore in 2013.
The IGCI is a research and development facility for the identification of crimes and criminals, as well as for training, operational support, and partnerships. It complements Interpol’s General Secretariat in Lyon, France.
One of the IGCI’s key partners is NEC Corp, with the Japanese multinational providing technical and human resources for a Digital Forensic Lab and Cyber-Fusion Centre within Interpol’s Digital Crime Centre, which is part of the IGCI.
NEC also provides cyber-threat environment simulations to train law enforcement officials about combating cybercrime.
It would appear that only developed economies can combat cybercrime effectively, as they have more resources in terms of talents and funds. However, this does not mean that emerging economies can afford to neglect the issue.
“There are ways to address these multiple challenges, and one of the most important includes government agencies working closely with the private sector and academia,” said Madan.
Interpol lays out response blueprint for global cybercrime war
Cybersecurity: Public sector left in the lurch
Security chiefs call for investments in ‘transformative’ technologies
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.