[Infowarrior] - Cybercrime Law Enforcement Debated
Richard Forno
rforno at infowarrior.org
Tue Apr 1 13:37:33 UTC 2008
Cybercrime Law Enforcement Debated
Tuesday April 1, 7:38 am ET
By Jan Sliva, Associated Press Writer
http://biz.yahoo.com/ap/080401/eu_cybercrime.html?.v=1
Europe Debates Cybercrime Law Enforcement in NATO, Council of Europe
Meetings
BRUSSELS, Belgium (AP) -- Two groups working separately to boost Europe's
defenses against online crime will present proposals this week, almost a
year after most of the nation of Estonia's links to the Internet were
disrupted for days or weeks.
At a two-day conference starting Tuesday in Strasbourg, France, the Council
of Europe will to review implementation of the international Convention on
Cybercrime and discuss ways to improve international cooperation.
Cyber defense also will be on the agenda when heads of state from NATO's 26
member nations gather in Bucharest Wednesday for three days. The leaders are
expected to debate new guidelines for coordinating cyber defense.
The Convention on Cybercrime, a binding treaty ratified by most members of
the 47-nation Council of Europe, provide guidelines to protect computer
users against hackers and Internet fraud.
The controversial agreement also covers electronic evidence used in
prosecution of such offenses as child sexual exploitation, organized crime
and terrorism. At this week's conference, the council will discuss
guidelines to bolster the convention to improve cooperation between
investigators and Internet providers, according to the council's Web site.
Participants and speakers at the conference -- including police officials
and representatives of technology companies such as Microsoft Corp., eBay
Inc., McAfee Inc. and Symantec Inc. -- also will address training.
NATO's three-day summit, which is to focus on enlarging the treaty
organization and on its operations in Kosovo and Afghanistan, will include a
special briefing on cyber defense, according to the treaty organization's
Web site.
Some cybercrime experts are casting current Internet security challenges in
terms of terrorism, while others remain focused on data loss, identity theft
and fraud.
Marco Gercke, lecturer in computer law at University of Cologne in Germany,
said cybercrime poses new law enforcement challenges because data can now be
exchanged very fast over vast international reaches.
"Compared to regular terror attacks, it is much easier for the offenders to
hide their identity. There are at least 10 unique challenges that make it
very difficult to fight computer-related crime," said Gercke, one of the
conference participants. "The success rate of cybercrime is very high."
Privacy advocates, the American Civil Liberties Union and others are
concerned that the Cybercrime Convention presses businesses and individuals
to aid law enforcement in new ways and subjects them to surveillance that
violates the U.S. Constitution.
President Bush signed the treaty in 2003 and the U.S. Senate ratified it in
2006. The convention has been ratified by 21 other nations.
The type of assault Estonian Internet service providers suffered -- which
included denial-of-service attacks, where criminals flood a server with so
many requests for connections that it is overwhelmed -- is particularly
difficult to block because servers can't easily distinguish between
legitimate and bogus requests for access, experts have said.
Estonian officials initially blamed the attacks on the Russian government
but later acknowledged they had no proof of government involvement, though
they said most of the computers launching the attacks were in Russia.
Estonia has set up a center to tackle computer-related crime and wants a
global treaty on combatting cyber attacks because laws in many countries are
inadequate or conflict, which can make prosecution of cyber criminals
difficult.
The tiny Baltic state, which has one of the world's highest rates of
Internet use, has said the attacks damaged its economy because it depends
heavily on the Internet.
Russian officials deny any involvement in the cyber onslaught which erupted
during violent protests by ethnic Russians against moving a Soviet-era
monument out of the Estonian capital of Tallinn.
Web sites run by media outlets, government institutions and banks denied
access to users outside Estonia. Among other impacts, Estonians traveling
abroad couldn't get at their bank accounts.
The attack also included e-mail spam.
http://www.coe.int/cybercrime
http://www.nato.int/docu/update/2008/04-april/e0402b.html
(This version CORRECTS short headline to delete reference to EU)
More information about the Infowarrior
mailing list