web analytics

How Interpol is adapting to the ever-evolving cybercrime landscape – Source: www.csoonline.com

how-interpol-is-adapting-to-the-ever-evolving-cybercrime-landscape-–-source:-wwwcsoonline.com
Rate this post

Source: www.csoonline.com – Author:

Interpol Director of Cybercrime Neal Jetton discusses how the international police organization is collaborating across borders and sectors to fight cybercrime as technological innovations continue to emerge and the battle for talent wages on.

With 100 years of history, Interpol is the police organization par excellence, bringing together 196 countries in the fight against crime. But in this century, crime has undergone a transformation, with new technologies added to the mix, giving rise to cybercrime, one of Interop’s main battles today.

To find out what challenges Interpol faces, Computerworld Spain spoke to Neal Jetton, head of Interpol’s cybercrime unit, at the Global Cybersecurity Forum held last month in Riyadh, Saudi Arabia. “The world is becoming safer thanks to the various organizations and law enforcement agencies,” he says.

Here is that interview, edited for length and clarity.

How has the cyberthreat paradigm changed given the geopolitical context in which we find ourselves, with open conflicts in Ukraine and the Middle East?

Jetton: Cybercrime itself enables and drives globalization. This makes it more difficult for any one agency or country to successfully combat it. That’s where Interpol comes in, because we’ve been able to bring together 196 member countries and their various law enforcement agencies. So when, for example, in the Middle East they have a need, a test, or a question regarding another geography that they don’t have diplomatic relations with or don’t know who to turn to, they can come to us and we make those connections.

Cyberattacks are becoming more frequent and virulent. How is that impacting Interpol’s operations today?

Yes, one problem is the frequency of cybercrime. If you look at the total cost of cybercrime, it will exceed $10.5 trillion by 2025 [according to Cybersecurity Ventures], and it will reach $15 trillion by 2029. So you have to try to attract enough skilled people to fight these crimes using emerging technologies. You have to put everyone on the same playing field, because cybercriminals have an advantage in tools like artificial intelligence (AI). And in the future, there will be quantum computing.

It is up to us to not be afraid and to look ahead, to how we can use those same technologies to the benefit of law enforcement. This is what we do at Interpol. We focus on three areas to combat transnational crime: First, capacity, through our different training courses on a wide range of topics; we also provide operational support and gather intelligence; [and] we have important private-sector partners who provide us with information when a major incident occurs or when they see something of interest. They provide it to us, and we send it to law enforcement.

You mentioned technologies such as AI. With the rise of generative AI, is the gap between the ‘good guys’ and the ‘bad guys’ widening? It’s always said that cybercriminals are one step ahead.

Cybercriminals are always going to look for vulnerabilities and they’re going to use any kind of emerging technology to exploit them. But I don’t think that just by definition something as powerful as AI is necessarily bad. It has so many very positive applications. And it’s up to us to look ahead and stay ahead of the criminals. Not just to be on the defensive, but to go on the offensive and make law enforcement operations and applications much more successful. So, going back to the question, in general, technology is neither good nor bad. It’s about how it’s used.

And now that we are entering the era of quantum computing, how will it affect cybersecurity?

It’s not my area of ​​expertise, but it is being investigated. Before my current position, I was already a member of Interpol as a representative of the secret service of the Department of Homeland Security [DHS]. And I know that quantum computing was already something that was at the forefront of the agency through some governments in different parts. It is being studied because it will be a problem once it becomes a reality.

Does this mean that, in this context, you believe collaboration, both public and private, is key?

No single agency, country, or company can combat international cybercrime in a silo. It takes a team effort, and this requires collaboration between law enforcement and the private sector. We also need to bring policymakers and strategists to the table to get everyone to the table to solve this problem. There is no one-size-fits-all strategy to combat cybercrime, so it is essential to use collective powers and consider how we view cybercrime and how we can, with our authorities and skills, make it harder for the ‘bad guys’ to act. Partnerships are at the heart of what Interpol does. For example, we have an agreement called Gateway with partners who provide us with information that we can then share with law enforcement agencies.

On the other hand, I was saying that we have 196 countries in the agency. We are aware that we cannot combat this situation separately, or all at once, because there are many differences. So we have decided to opt for a regional approach. I am in Singapore, which is where the unit I lead is located. Here we have two operational groups, one for Africa and one for Asia and the South Pacific. Then, we have officers on duty in those regions; and, several times a year, we carry out operations in which we provide intelligence information and we carry out a kind of ‘wave’ in which we pursue a specific type of crime. That is how we are having success. Because of the collective. We want to extend this approach to the Middle East and North Africa, and to South America and, over time, to reach the whole world.

You say team building is the key to dealing with this scenario, but at the same time, there are many countries that sponsor state cybercrime. Could this be a contradiction?

This is actually our superpower. And I know what I’m going to say may frustrate some people, but the fact that Interpol has been around for 100 years is because, by constitution, and our Article 3 says so, we don’t touch on issues that fall under politics, military, race, or religion. We are very successful because we stay out of the geopolitical fray. We know it exists; we are not naive. But when we sit down at a table, we do so to discuss operations, strategy.

I am an American, and to my right I have a representative from another country, and to my left, one from another. There are people who might think, how can you collaborate? Because we don’t bring politics into it. Our goal is to fight cybercrime, to pursue cybercriminals and to help victims. So, nation-state actors are not part of our mandate, we try to stay well away and, I repeat, knowing that they exist.

Another problem is that when a cybercriminal gang is dismantled, it quickly begins to operate under another name or brand.

With ransomware, for example, it’s a very complex issue. There are many actors who join together to form one group, which in turn split off to create a different one. Then there are those who sell ransomware as a service. Yes, they are often able to rebrand and strike again very quickly. But chasing them down is a good strategy. Putting the ‘bad guys’ behind bars is one of the main deterrents to ending cybercrime. At the same time, we must carry out operations that go after their infrastructures.

When it comes to talent, these cybercrime groups have plenty of talent. Do many people go to work for these gangs?

They have more money. The question is, how can we discourage this talent from working for cybercrime to [instead] do things that are beneficial to society? We have a program called Intercop that is dedicated to exactly this with young people. We try to channel their skills for good. We are very aware of this problem. We know that 99.9% of crimes are committed for some kind of economic benefit. It is not going to be possible to eliminate this factor, so we also work on prevention.

Finally, after this analysis, could you say that we live in a ‘cyber-secure’ world?

Again, I think it has to do with how technology is used. There are many positive uses, but we have to be responsible. And we have to be aware and responsible with ourselves about the risks that exist, especially on social media and for young people. It is very easy to trick someone and make them a victim. But I would say that this world is becoming safer thanks to the different organizations and law enforcement agencies, such as Interpol. There is still a long way to go, and we will get there thanks to our cooperation and our associations around the world. It is a difficult question, making it safe will require a great collective effort.

SUBSCRIBE TO OUR NEWSLETTER

From our editors straight to your inbox

Get started by entering your email address below.

Original Post url: https://www.csoonline.com/article/3587228/how-interpol-is-adapting-to-the-ever-evolving-cybercrime-landscape.html

Category & Tags: Cyberattacks, Cybercrime, Government, Government IT, Security – Cyberattacks, Cybercrime, Government, Government IT, Security

Views: 1

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Codrut Andrei
Secure Software Development Lifecycle Fundamentals by Codrut Andrei
Secure Software Development Lifecycle Fundamentals...
BUTTERWORTH-HEINEMANN
Security Operations Center Guidebook – A Practical Guide for a Successful SOC
Security Operations Center Guidebook –...
CISO Forum
CISO’s – First 100 Days Roadmap – Your success as a security leader is determined largely by your first 100 days in the role.
CISO’s – First 100 Days...
RedHat
State of Kubernetes Security Report 2022 by RedHat
State of Kubernetes Security Report...
National Cyber Security
Cyber Security Toolkit for Boards – Helping board members to get to grips with cyber security by NCSC
Cyber Security Toolkit for Boards...
Harvard Business Review
Boards Are Having the Wrong Conversations About Cybersecurity – Board interactions with the CISO are lacking – by Lucia Millica and Keri Pearlson – Harvard Business Review
Boards Are Having the Wrong...
Vendict
The 2024 CISO Burnout Report by Vendict
The 2024 CISO Burnout Report...
Mohammad Alkhudari
Cybersecurity Strong Strategy step by step Guide collected by Mohammad Alkhudari 2024
Cybersecurity Strong Strategy step by...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...

LASTEST PUBLISHED POSTS

Cyberint
Retail Threat Landscape Report Q1-Q3 – November 2024 Summary by Cyberint a Check Point Company
Retail Threat Landscape Report Q1-Q3...
NCSC
Protecting Critical Supply Chains – A Guide to Securing your Supply Chain Ecosystem
Protecting Critical Supply Chains –...
Culture AI
Time to Adapt – The State of Human Risk Management in 2024 by Culture AI.
Time to Adapt – The...
National Cyber Security Centre
Engaging with Boards to improve the management of cyber security risk.
Engaging with Boards to improve...
Microsoft Security
2024 State of Multicloud Security Report by Microsoft Security
2024 State of Multicloud Security...
bugcrowd
Inside the Mind of a CISO 2024 The Evolving Roles of Security Leaders 2024 by bugcrowd
Inside the Mind of a...
Mohammad Alkhudari
Cybersecurity Strong Strategy step by step Guide collected by Mohammad Alkhudari 2024
Cybersecurity Strong Strategy step by...
Lacework
CISO’s Playbookto Cloud Security by Lacework
CISO’s Playbookto Cloud Security by...
MITRE - Carson Zimmerman
Ten Strategies of a World-Class Cybersecurity Operations Center by MITRE
Ten Strategies of a World-Class...
SILVERFRONT - AIG
Identity Has Become the Prime Target of Threat Actors by Silverfort AIG.
Identity Has Become the Prime...
CYZEA.IO
Enterprise Information Security
Enterprise Information Security
IGNITE Technologies
ENCRYPTED REVERSE
ENCRYPTED REVERSE

More Latest Published Posts

WORLD BANK GROUP
Global Cybersecurity Capacity Program
Global Cybersecurity Capacity Program
Gary Hinson
Getting started withsecurity metrics
Getting started withsecurity metrics
EDPS
Generative AI and the EUDPR.
Generative AI and the EUDPR.
Bright
2024 Guide to Application Security Testing Tools
2024 Guide to Application Security Testing Tools
HADESS
Hacker Culture
Hacker Culture
Quuensland Govermment
RISK ASSESSMENT PROCESS HANDBOOK
RISK ASSESSMENT PROCESS HANDBOOK
Ministry of MOS Security
HIPAA SIMPLIFIED
HIPAA SIMPLIFIED
Hacker Combat
How Are Passwords Cracked?
How Are Passwords Cracked?
CIS - Center for Internet Security
How to Plan a Cybersecurity Roadmap in Four Steps
How to Plan a Cybersecurity Roadmap in Four Steps
ACSC Australia
Information Security Manual
Information Security Manual
Kaspersky
Incident Response Playbook: Dark Web Breaches
Incident Response Playbook: Dark Web Breaches
ninjaOne
Endpoint Hardening Checklist
Endpoint Hardening Checklist
HADESS
Important Active Directory Attribute
Important Active Directory Attribute
ISA GLOBAL CYBERSECURITY ALLIANCE
IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards
IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards
Rajneesh Gupta
IAM Security CHECKLIST
IAM Security CHECKLIST
sqrrl
Hunt Evil
Hunt Evil
Searchinform
How to protect personal data and comply with regulations
How to protect personal data and comply with regulations
Giuseppe Manco
Threat Intelligence Platforms
Threat Intelligence Platforms
CSA Cloud Security Alliance
Hardware Security Module(HSM) as a Service
Hardware Security Module(HSM) as a Service
IGNITE Technologies
CREDENTIAL DUMPING FAKE SERVICES
CREDENTIAL DUMPING FAKE SERVICES
IGNITE Technologies
A Detailed Guide on Covenant
A Detailed Guide on Covenant
NIST
Computer Security Incident Handling Guide
Computer Security Incident Handling Guide
IGNITE Technologies
DIGITAL FORENSIC FTK IMAGER
DIGITAL FORENSIC FTK IMAGER
Accedere
Cloud Security Assessment
Cloud Security Assessment
YL VENTURES
CISO Reporting Landscape 2024
CISO Reporting Landscape 2024
CISO Edition
Reporting Cyber Risk to Boards
Reporting Cyber Risk to Boards
CIOB
CIOB Artificial Intelligence (AI) Playbook 2024
CIOB Artificial Intelligence (AI) Playbook 2024
INCIBE & SPAIN GOVERNMENT
Nuevas normativas de 2024 de ciberseguridad para vehículos
Nuevas normativas de 2024 de ciberseguridad para vehículos