International agreements to

combat electronic crimeThe European perspective

by Michalis Mavis, MSc, MSc

f. Chairman of the Hellenic Fraud Forum

TELECOM FORUMSULTANATE OF OMAN

13-15 April 2015

The environment today

• Electronic crime is on the rise, day by day.

• A recent PricewaterhouseCoopers report says that 92% of firms have experienced a malicious security breach at some time.

• Today's cyber criminals are better resourced, more sophisticated & much more difficult to track down.

• Few companies have adequate defenses in place.

• “The internet is a great place to connect crime: It is shared and integrated, offering anonymity and lack of traceability...“, according to security officials.

• Modern mobile devices (e.g. smart-phones) bring new threats when they become web-enabled and/or are used for financial services.

Some problem areas• Telecommunications fraud and stealing of

services.

• Corporate hacking, piracy, id-theft, attacks

against critical infrastructures.

• Electronic vandalism, terrorism and extortion.

• Pornography and other offensive material.

• Electronic fund transfer crime and electronic

money laundering.

• Large scale espionage attacks

and hacking the Internet of

Things (the connection of physical devices

such as home appliances and cars to the internet).

Gaps and low

preparedness…

• A lot of gaps exist, in terms of national capabilities and

coordination, especially in cases of incidents spanning

across borders.

• Every country has an agency with the mission to secure against

e-crime, but cooperation between countries is rare, making

efforts to protect citizens and prosecute perpetrators

increasingly difficult.

• On the other hand the overall preparedness

of the private sector to cope with security

incidents is low.

The main cybercrime actors

in each country

• Almost each country has one or more CERTs (Computer

Emergency Response Teams). CERTs’ mission is to contribute

to the national cyber-security effort, namely in the

treatment and coordination of security incidents.

• The collaboration of CERTs and Law Enforcement

Agencies (LEAs), is of paramount importance, for

effective cybercrime fighting.

• These two communities most of the time work mainly

on their own !

• There are a lot of operational-technical, legal and

cooperation aspects of the fight against cybercrime.

LEAs in national & international level

• National police (like FBI in USA) and law

enforcement agencies.

• EUROPOL (EU).

• EUROJUST (EU).

• ASEANAPOL (Asia).

• CYBERPOL (Cyber Police).

• AMERIPOL (America).

• CLACIP (LatinoAmerican area)

• INTERPOL and others.

What is needed

• Trust. Integrating cybercrime teams (LEAs &

CERTs) is sometimes a good practice.

• Formal and informal communication and

cooperation should exist.

• Collaboration has to be bilateral. Information

should flow in both directions.

Private cybercrime groups

• In Europe a group of independent firms have come

together to form the ECSG (the European Cyber

Security Group), a private consortium formed in

response to the growing need for increased collaboration

on cyber security.

• It is the largest independent cyber defence force in

Europe. The founding members of the ECSG include

S21sec (Spain), Lexsi (France), CSIS (Denmark), and

Fox-IT (The Netherlands).

• ECSG’s collective resources provides a coordinated and

collaborative approach to tackling CERT engagements

of any scale for its corporate and government clients.

ENISA (European level)

• The European Network and Information

Security Agency (ENISA) is a center of

network and information security expertise

for the EU, its member states, the private

sector and citizens.

• ENISA’s role is to be a body of expertise in

cyber security; NOT an inspecting, or

directly operational, or regulating EU-

authority.

EU-US cooperation on cybercrime

EU-US cooperation on cybercrime

• A Working Group, was established at the

EU-US Summit in November 2010

(MEMO/10/597) tasked with developing

collaborative approaches to a wide range

of cyber-security and cyber-crime issues.

• During the meetings it was agreed to

strengthen trans-Atlantic cooperation in

cyber-security by defining the issues to be

tackled by the EU-US Working Group.

A model for other countries(some tasks of the WG)

• Expanding incident management response capabilities jointly and

globally by joint EU-US cyber-incident exercises.

• Engage the private sector, sharing of good practices on

collaboration with industry. Key issue areas included fighting

botnets, securing industrial control systems (such as water

treatment and power generation), and enhancing the resilience and

stability of the Internet.

• Immediate joint awareness raising activities, sharing messages and

models across the Atlantic.

• Continuing EU/US cooperation to remove child pornography from

the Internet, including through work with domain-name registrars

and registries.

• Collaboration to assist states outside the EU region in meeting its

standards and become parties.

International Cooperation or

“nationalistic cyberattacks” ?• From time to time there are international

tensions

between

big nations

related to

cyber attacks.

CONCLUSIONS

• Cooperation between various countries

governmental and private organizations

dealing with cybersecurity, CERTs &

national-internationals LEAs is needed in

order to protect citizens-companies and

prosecute perpetrators.

• Tensions between nations on cyber

attacks should be resolved with dialogue

and not with aggressive actions.

Thank you Michalis Mavis, MSc, MSc//gr.linkedin.com/in/mmavis