I have to tell you — I'm not really happy about the fact that the majority of serious cyber crime on the Internet happens without any legal prosecution.
I spend an enormous amount of time — far beyond my "day job" and exceeding what some might consider my professional capacity — tracking cyber crime.
I also work closely with law enforcement (both in the U.S. and abroad) to assist in the intelligence gathering process, putting the pieces of the puzzles together, connecting the dots, and so forth.
And most of the major criminal organizations are still operating (pretty much) in the open, with fear of retribution or criminal prosecution, for a number of reasons.
And in fact, it makes me a bit angry. Okay — more than a bit. A lot.
But getting beyond my own feelings, I think it is worthwhile to examine some of the reasons why this horrible situation exists.
First, allow me to say that I have thorough respect, and an empathy, for the work that my law enforcement colleagues have to deal with. Political, bureaucratic, and operational barriers that I well understand.
But I have to make the observation — also — that if we were really *serious* about tackling cyber crime, these would be minor issues.
Unfortunately, these issues are only the tip of the iceberg.
I've had many colleagues ask me, "Why can't we [meaning U.S. Law Enforcement] just work with [Insert Eastern European Country] law enforcement to go and kick down some criminal doors?"
Of course, that's just a paraphrased question, but it brings up a couple of very serious issues.
First, the United States Government (whether it be law enforcement of any other agency) doesn't have the trust of the rest of The World. I won't go into why that is, but I can imagine that most of the people reading this understand the nuances here.
Secondly — and feeding off the the first issue mentioned above — is that there are Geo-Political issues involved that preclude the U.S. Government (or any official representatives) from *ever* having any gravitas with some nations.
Third — and I'm not exactly sure I should count this as a separate issue, but I will anyway — is that the United States has consistently refused to sign the multinational treaty involving criminal cases brought before the International Criminal Court (ICC), which seriously inhibits the U.S. Federal Law Enforcement's ability to multilaterally investigate e-crime and indict the perpetrators of these crimes.
Without a Mutual Legal Assistance Treaty (generally fueled by participating in the ICC), there simply is *no* real cooperation between law enforcement agencies in the countries which could actually make a difference in prosecuting Cyber Crime.
If you think this isn't a problem, you haven't been listening.
The criminals are winning.
We have *major* organized criminal operations working pretty much without fear of retribution in various countries in Eastern Europe. And they are making hundreds of millions of illicit dollars a year.
And you are paying for it, whether you realize it or not.
All of these fraud & theft losses have to be paid for somehow, and as banks and merchants settle fraud claims, etc. they are passing along the cost of these losses to their customers.
Let's be smarter — let's get the U.S. Government to be an enabler on this issue, not a barrier.
The United States needs to realize it is part of a global community — not an island — and start to tear down these ridiculous barriers which prohibit us from interacting with the global law enforcement community to track these scumbags down and put them in jail.
By Fergie, Director of Threat Intelligence
|Data Center||Policy & Regulation|
|DNS Security||Regional Registries|
|Domain Names||Registry Services|
|Intellectual Property||Top-Level Domains|
|Internet of Things||Web|
|Internet Protocol||White Space|
Afilias - Mobile & Web Services