Exclusive Interview with
RAYMOND CHOO
Research Analyst, Australian Institute of Criminology
There seems to be a shift in trend in cybercrime as organised cybercriminal activities are on the rise. What is causing this shift?
In our increasingly interconnected world, threats to national security can come from unexpected sources and directions a 360-degree challenge. It is important to remember that cyberspace has no geographic boundaries and organised crime groups operate online under the free market principles. Criminals, terrorists and other actors with malicious intents have recognised the value of leveraging ICT to facilitate or enhance the commission of crimes and dynamic in identifying new opportunities and ways to overcome counter-measures.
The shift in trend emphasises the importance of large-scale profit-driven incentives. Also in some Eastern European countries where the lack of economic and employment opportunities have forced many highly educated individuals with advanced computer and programming skills to be exploited by organised crime groups and work in the cyber underground. For example, criminals organising illegal events are either members of or known to be associated with organised crime groups. These 'organisers' then reach out to individuals with the required information gathering skills, hacking and programming skills, etc to do the job. There is also a certain level of cooperation between tradition organised crime groups and organised cybercriminal groups especially when the latter needs to sell their illicit ware in the physical world.
What are the common types of attack in organised cybercrime and how do they occur?
Common types of criminal activities that organised crime groups are known to be involved in include
a) Computer or network intrusions such as hacking and unauthorised access to obtain sensitive information, and exploiting vulnerabilities in web servers to host malicious malware
b) Phishing and its variants (e.g. vishing and whaling)
c) Spam
d) Malware creation and dissemination especially information stealing and bot-malware
e) Financial fraud such as ID fraud
How do we minimise the cybercrime threat for individuals as well as for organisations?
The ability of organised crime groups, particularly cybercriminal groups, to leverage advances in ICT to operate in cyberspace, alters the nature of the criminals encountered by law enforcement and continues to be a major challenge for law enforcement. In traditional criminal cases, for example, international cooperation typically occurs at the end of the law enforcement and judicial process where charges have been formally laid and the accused persons are ready for extradition; but in cybercrime, international cooperation is usually required at the beginning of the investigation process.
To counter these threats, new strategies of response such as the need to amend and to strengthen the law to address new challenges that new technologies pose with the rapid advancement and convergence of ICT in the years to come will become more pronounced. The development of cooperative arrangements between Australian and overseas public and private sector organisations to establish and enhance cross-border law enforcement and judicial cooperation in a timely fashion is, arguably, crucial in combating cybercrime.
Please check back regularly for the latest speaker interviews
