Cybercrime
threatens "brave new world" of e-commerce
London,
9 December 1999 -
Alarm at the growth of Internet crime and the lack of adequate international
counter-measures was voiced by senior police officials at an ICC conference
between business executives and law enforcement representatives this week.
Speakers said the public
and private sectors must work together in an informal alliance to keep the cybercriminals
in check. Brian Jenkins, an authority on international crime, said that unless
this happened criminals would infest e-commerce "like locusts."
A report on cybercrime
issued by ICC Commercial Crime Services as the conference opened said: "Business
may not be prepared for the risks of crime over the Internet and in the use
of computers and networks.
"As business moves forward
into the brave new world of e-commerce, it needs effective law enforcement and
judicial networks to ensure that Cyberspace does not become a criminal's charter."
Interpol Secretary General
Raymond Kendall, David Veness, Assistant Commissioner at Scotland Yard and Michael
Vatis of the Federal Bureau of Investigation, all called at the conference for
improved cooperation with the private sector through the exchange of information
and know-how.
Pottengal Mukundan, Director
of ICC Commercial Crime Services, briefed participants on the role of his organization's
new cybercrime unit, which is building a database on criminal methods in cyberspace
and will act as an interface between law enforcement and the private sector
to meet the conference's objectives.
The unit provides expert
advice to companies on what they can do to reduce the risk of falling victim
to cybercrime by practicing due diligence - setting up defensive procedures
and alarm systems, and exercising prudence in choice of commercial partners.
Welcoming the ICC initiative,
Mr Vatis told the conference: "The loop between government and business is not
a luxury, it is a necessity. Neither can go it aloneThe cybercrime unit could
be a fantastic machine. ICC is uniquely suited to pull in information."
The Secretary General of
Interpol, Mr Kendall said: "We must rely heavily on the private sector to help
us." Stressing the need for police forces to develop the necessary expertise
to deal with cybercrime, he said: "We are not looking for policemen any more,
we are looking for technicians who can provide support services."
Speakers stressed the vulnerability
of business to cybercriminals and one of the senior police officials present
remarked that the best way to bring a country to its knees was by attacking
its civilian-owned infrastructure.
Michael Vatis, who is Director
of the FBI's national infrastructure protection centre, said: "Companies and
private sector entitites are the new targets for terrorism and acts of war.
This is a problem that's really spreading rapidly and will affect us all."
Business and law enforcement
participants alike emphasized the difficulty of bringing cybercriminals to justice
because
perpetrators are able to remain outside the jurisdictions where their
crimes are committed.
Mr Kendall characterized
responses to cybercrime based on national sovereignty as "old fashioned and
going back to the last century." He noted that it always took several years
between agreement on international conventions, like the convention against
money laundering, and their ratification by national parliaments.
Brian Jenkins, an adviser
to ICC and board member of Commercial Crime Services, told the conference that
creation of new laws invariably trailed behind criminal inventiveness. "The
first round always goes to the criminal when you have a 10-15 time lag in legislation."
These views were echoed
in the special report on Cybercrime "Cybercrime, Risk and Response", published
by Commercial Crime Services and aimed at senior corporate executives. The report
said: "E-commerce on the web is international. For the law to be effective it
is necessary for law enforcement agencies to have mechanisms in place that enable
them to work closely together and, ideally, for legislation across borders to
be harmonized."
Among difficulties facing
investigators of crimes over computer networks, the report lists the transient
nature of data stored in a computer memory, the lack of a unique original document
and the difficulties of accessing, recording and preserving evidence.
"Companies can protect themselves
from most of these risks provided protective measures are updated regularly
to take new products and processes into account," the report said.
Here are a few of the forms
of cybercrime discussed at the ICC conference:
- Illegal entry into computer systems to destroy or change data for financial
gain
- Bogus websites that falsely present themselves as the sites of established
companies for fraudulent purposes
- Spread of computer viruses capable of destroying data files
- Assumption of false identity in e-mail messages for fraudulent purposes
- Software piracy
- Internet auction sites
- Sale of counterfeit goods
- Non delivery of goods paid for by credit card
- Extortion by threat of sabotage
- Posting false information on bulletin boards to manipulate share prices
Full
report on the alliance against commercial cybercrime conference
ICC
Commercial Crime Services