Home / Blogs

Glaring Weaknesses in Prosecuting International Cyber Crime

Fergie

I have to tell you — I'm not really happy about the fact that the majority of serious cyber crime on the Internet happens without any legal prosecution.

I spend an enormous amount of time — far beyond my "day job" and exceeding what some might consider my professional capacity — tracking cyber crime.

I also work closely with law enforcement (both in the U.S. and abroad) to assist in the intelligence gathering process, putting the pieces of the puzzles together, connecting the dots, and so forth.

And most of the major criminal organizations are still operating (pretty much) in the open, with fear of retribution or criminal prosecution, for a number of reasons.

And in fact, it makes me a bit angry. Okay — more than a bit. A lot.

But getting beyond my own feelings, I think it is worthwhile to examine some of the reasons why this horrible situation exists.

First, allow me to say that I have thorough respect, and an empathy, for the work that my law enforcement colleagues have to deal with. Political, bureaucratic, and operational barriers that I well understand.

But I have to make the observation — also — that if we were really *serious* about tackling cyber crime, these would be minor issues.

Unfortunately, these issues are only the tip of the iceberg.

I've had many colleagues ask me, "Why can't we [meaning U.S. Law Enforcement] just work with [Insert Eastern European Country] law enforcement to go and kick down some criminal doors?"

Of course, that's just a paraphrased question, but it brings up a couple of very serious issues.

First, the United States Government (whether it be law enforcement of any other agency) doesn't have the trust of the rest of The World. I won't go into why that is, but I can imagine that most of the people reading this understand the nuances here.

Secondly — and feeding off the the first issue mentioned above — is that there are Geo-Political issues involved that preclude the U.S. Government (or any official representatives) from *ever* having any gravitas with some nations.

Third — and I'm not exactly sure I should count this as a separate issue, but I will anyway — is that the United States has consistently refused to sign the multinational treaty involving criminal cases brought before the International Criminal Court (ICC), which seriously inhibits the U.S. Federal Law Enforcement's ability to multilaterally investigate e-crime and indict the perpetrators of these crimes.

Without a Mutual Legal Assistance Treaty (generally fueled by participating in the ICC), there simply is *no* real cooperation between law enforcement agencies in the countries which could actually make a difference in prosecuting Cyber Crime.

If you think this isn't a problem, you haven't been listening.

The criminals are winning.

We have *major* organized criminal operations working pretty much without fear of retribution in various countries in Eastern Europe. And they are making hundreds of millions of illicit dollars a year.

And you are paying for it, whether you realize it or not.

All of these fraud & theft losses have to be paid for somehow, and as banks and merchants settle fraud claims, etc. they are passing along the cost of these losses to their customers.

Let's be smarter — let's get the U.S. Government to be an enabler on this issue, not a barrier.

The United States needs to realize it is part of a global community — not an island — and start to tear down these ridiculous barriers which prohibit us from interacting with the global law enforcement community to track these scumbags down and put them in jail.

By Fergie, Vice President, Threat Intelligence, Internet Identity. More blog posts from Fergie can also be read here.

Related topics: Cybercrime, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

dotStrategy Selects Neustar's Registry Threat Mitigation Services for .BUZZ Registry

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

What Does a DDoS Attack Look Like? (Watch First 3 Minutes of an Actual Attack)

Joining Forces to Advance Protection Against Growing Diversity of DDoS Attacks

Why Managed DNS Means Secure DNS

Rodney Joffe on Why DNS Has Become a Favorite Attack Vector

Motivated to Solve Problems at Verisign

Diversity, Openness and vBSDcon 2013

Neustar's Proposal for New gTLD Collision Risk Mitigation

IT Project Management: Best Practices in Small-Scale Engagements

DDoS Attacks in the United Kingdom: 2012 Annual Trends and Impact Survey

7 Keys to Professional Services Value: A Client-Side Perspective

Neustar Launches Global Partner Program

MarkMonitor Named a Top Trusted Website in OTA's 2013 Online Trust Honor Roll

Neustar Chief Technology Officer Appointed to FCC's Technological Advisory Council

Hope is Not a Strategy: Neustar Releases 2012 Annual DDoS Attack and Impact Survey

How Neustar Technology Can Help Mitigate DDoS Attacks

Reducing the Risks of BYOD with Nominum's Security Solution

Neustar Launches Enterprise Professional Services Offerings

Nominum Releases New Security Intelligence Application

Sponsored Topics