On the web, personal information can be as valuable a currency as cash. Citizen’s attitudes towards the privacy of their personal information are evolving and as a result unwittingly making the challenge greater. Increasingly, the definition of privacy is changing. Where once privacy meant not revealing information unless to a trusted third party, in the social media world information is willingly shared, but privacy concerns relate to how that information is used once shared.
Much cybercrime relies on the fact software is bug-ridden or
contains flaws in its design. There is a clear need and opportunity for
greater industry cooperation, standardisation and testing of software products
to reduce the opportunity for hackers.
We have already seen examples of alleged international cyber-attacks,
such as that on Estonia, and UK security services warning businesses of rampant
cyber espionage originating in the Far East. We all know that, at some level,
everybody is prying and spying on everybody else’s cyber presence. Many experts
see a future cyber war to be inevitable – so why don’t we try to prevent it
before it happens?
An agreement of an
international cyber peace treaty whereby signatories would agree that their
infrastructure would not be used, or allow it to be used, for cyber-attacks.
This proposal requires discussion at the highest forums. On the internet a state
is not defined by its weapons or politics, but by its laws and regulations.
Without a common base level of data protection and computer misuse legislation,
there will always be territories that provide a safe haven for cyber criminals
and hackers. Involvement in key global trade bodies should be dependent on
an acceptance of such regulation.
Organised cyber criminals have realized that it is easier to steal
$1 from a million people, than to steal $1m from one person. But in many cases,
the response from law enforcement does not reflect the problem. One person
complaining to the police about losing $100 through cyber-crime, or the theft
of personal identity information, is rarely sufficient to elicit a response. In
the UK, for example, police have delegated responsibility for small-scale cyber-crime
reporting to the banks. How well are co-ordinated attacks spotted? Are trends
and patterns sufficiently analysed? If one person loses $1m, the police
response would be broad and well-co-ordinated. If a cyber-crook made a million
from a million individuals, would they ever be caught?
Banks and law enforcers need to co-ordinate better, and
reporting of crimes by individuals affected needs to be simpler and better
policed. Too many individuals don’t bother because they don’t believe they will
be helped. Perhaps social media techniques could be used to “crowd source”
reports of theft or fraud? But in general, there needs to be a better
relationship between individual and law enforcement to ensure adequate
protection and detection of organised, widespread but individually low-level cyber-crime.
No comments:
Post a Comment