Home / Blogs

Glaring Weaknesses in Prosecuting International Cyber Crime

Fergie

I have to tell you — I'm not really happy about the fact that the majority of serious cyber crime on the Internet happens without any legal prosecution.

I spend an enormous amount of time — far beyond my "day job" and exceeding what some might consider my professional capacity — tracking cyber crime.

I also work closely with law enforcement (both in the U.S. and abroad) to assist in the intelligence gathering process, putting the pieces of the puzzles together, connecting the dots, and so forth.

And most of the major criminal organizations are still operating (pretty much) in the open, with fear of retribution or criminal prosecution, for a number of reasons.

And in fact, it makes me a bit angry. Okay — more than a bit. A lot.

But getting beyond my own feelings, I think it is worthwhile to examine some of the reasons why this horrible situation exists.

First, allow me to say that I have thorough respect, and an empathy, for the work that my law enforcement colleagues have to deal with. Political, bureaucratic, and operational barriers that I well understand.

But I have to make the observation — also — that if we were really *serious* about tackling cyber crime, these would be minor issues.

Unfortunately, these issues are only the tip of the iceberg.

I've had many colleagues ask me, "Why can't we [meaning U.S. Law Enforcement] just work with [Insert Eastern European Country] law enforcement to go and kick down some criminal doors?"

Of course, that's just a paraphrased question, but it brings up a couple of very serious issues.

First, the United States Government (whether it be law enforcement of any other agency) doesn't have the trust of the rest of The World. I won't go into why that is, but I can imagine that most of the people reading this understand the nuances here.

Secondly — and feeding off the the first issue mentioned above — is that there are Geo-Political issues involved that preclude the U.S. Government (or any official representatives) from *ever* having any gravitas with some nations.

Third — and I'm not exactly sure I should count this as a separate issue, but I will anyway — is that the United States has consistently refused to sign the multinational treaty involving criminal cases brought before the International Criminal Court (ICC), which seriously inhibits the U.S. Federal Law Enforcement's ability to multilaterally investigate e-crime and indict the perpetrators of these crimes.

Without a Mutual Legal Assistance Treaty (generally fueled by participating in the ICC), there simply is *no* real cooperation between law enforcement agencies in the countries which could actually make a difference in prosecuting Cyber Crime.

If you think this isn't a problem, you haven't been listening.

The criminals are winning.

We have *major* organized criminal operations working pretty much without fear of retribution in various countries in Eastern Europe. And they are making hundreds of millions of illicit dollars a year.

And you are paying for it, whether you realize it or not.

All of these fraud & theft losses have to be paid for somehow, and as banks and merchants settle fraud claims, etc. they are passing along the cost of these losses to their customers.

Let's be smarter — let's get the U.S. Government to be an enabler on this issue, not a barrier.

The United States needs to realize it is part of a global community — not an island — and start to tear down these ridiculous barriers which prohibit us from interacting with the global law enforcement community to track these scumbags down and put them in jail.

By Fergie, Vice President, Threat Intelligence, Internet Identity. More blog posts from Fergie can also be read here.

Related topics: Cybercrime, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

3 Questions to Ask Your DNS Host About DDoS

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

Neustar to Build Multiple Tbps DDoS Mitigation Platform

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

New gTLDs and Best Practices for Domain Management Policies (Video)

Nominum Announces Future Ready DNS

New from Verisign Labs - Measuring Privacy Disclosures in URL Query Strings

DotConnectAfrica Delegates Attend the Kenya Internet Governance Forum

3 Questions to Ask Your DNS Host about Lowering DDoS Risks

Continuing to Work in the Public Interest

Verisign Named to the OTA's 2014 Online Trust Honor Roll

4 Minutes Vs. 4 Hours: A Responder Explains Emergency DDoS Mitigation

Dyn Acquires Internet Intelligence Company, Renesys

Tips to Address New FFIEC DDoS Requirements

Smokescreening: Data Theft Makes DDoS More Dangerous

dotStrategy Selects Neustar's Registry Threat Mitigation Services for .BUZZ Registry

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

What Does a DDoS Attack Look Like? (Watch First 3 Minutes of an Actual Attack)

Sponsored Topics

Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
dotMobi

Mobile

Sponsored by
dotMobi
Verisign

Security

Sponsored by
Verisign
Afilias

DNSSEC

Sponsored by
Afilias