11,633 research outputs found
The Pivotal Role of International Human Rights Law in Defeating Cybercrime: Amid a (UN-Backed) Global Treaty on Cybercrime
On May 26, 2021, the General Assembly of the United Nations adopted a resolution approving the drafting of a new global treaty on cybercrime, which commenced in February 2022. The proposed UN agreement on cybercrime regulation has garnered significant criticism among the international community, namely by state delegates, human rights advocates, and nongovernmental organizations. Fears stem from the belief that such a treaty would be used to legitimize abusive practices and undermine fundamental human rights. National cybercrime laws already unduly restrict human rights. However, at a time where the global community has moved toward a digital world, it becomes even more necessary to legislate on a global scale against the commission of cybercrime.
This Article aims to provide guidance on how to ensure respect for human rights in the drafting of a global treaty on cybercrime in the hopes that it will help guide the process and facilitate a smoother transition. The Article concludes that national security concerns stemming from threats of cybercrime should be viewed not as dichotomies but as complementary, where one cannot be achieved without respect for the other, concluding that the best approach is one that integrates human rights into the text of the treaty, thereby ensuring that human rights are not trumped by national security concerns in the name of cybercrime regulation
Economic Factors of Vulnerability Trade and Exploitation
Cybercrime markets support the development and diffusion of new attack
technologies, vulnerability exploits, and malware. Whereas the revenue streams
of cyber attackers have been studied multiple times in the literature, no
quantitative account currently exists on the economics of attack acquisition
and deployment. Yet, this understanding is critical to characterize the
production of (traded) exploits, the economy that drives it, and its effects on
the overall attack scenario. In this paper we provide an empirical
investigation of the economics of vulnerability exploitation, and the effects
of market factors on likelihood of exploit. Our data is collected
first-handedly from a prominent Russian cybercrime market where the trading of
the most active attack tools reported by the security industry happens. Our
findings reveal that exploits in the underground are priced similarly or above
vulnerabilities in legitimate bug-hunting programs, and that the refresh cycle
of exploits is slower than currently often assumed. On the other hand,
cybercriminals are becoming faster at introducing selected vulnerabilities, and
the market is in clear expansion both in terms of players, traded exploits, and
exploit pricing. We then evaluate the effects of these market variables on
likelihood of attack realization, and find strong evidence of the correlation
between market activity and exploit deployment. We discuss implications on
vulnerability metrics, economics, and exploit measurement.Comment: 17 pages, 11 figures, 14 table
Between Hype and Understatement: Reassessing Cyber Risks as a Security Strategy
Most of the actions that fall under the trilogy of cyber crime, terrorism,and war exploit pre-existing weaknesses in the underlying technology.Because these vulnerabilities that exist in the network are not themselvesillegal, they tend to be overlooked in the debate on cyber security. A UKreport on the cost of cyber crime illustrates this approach. Its authors chose to exclude from their analysis the costs in anticipation of cyber crime, such as insurance costs and the costs of purchasing anti-virus software on the basis that "these are likely to be factored into normal day-to-day expenditures for the Government, businesses, and individuals. This article contends if these costs had been quantified and integrated into the cost of cyber crime, then the analysis would have revealed that what matters is not so much cyber crime, but the fertile terrain of vulnerabilities that unleash a range of possibilities to whomever wishes to exploit them. By downplaying the vulnerabilities, the threats represented by cyber war, cyber terrorism, and cyber crime are conversely inflated. Therefore, reassessing risk as a strategy for security in cyberspace must include acknowledgment of understated vulnerabilities, as well as a better distributed knowledge about the nature and character of the overhyped threats of cyber crime, cyber terrorism, and cyber war
Adversarial behaviours knowledge area
The technological advancements witnessed by our society in recent decades have brought
improvements in our quality of life, but they have also created a number of opportunities for
attackers to cause harm. Before the Internet revolution, most crime and malicious activity
generally required a victim and a perpetrator to come into physical contact, and this limited
the reach that malicious parties had. Technology has removed the need for physical contact
to perform many types of crime, and now attackers can reach victims anywhere in the world, as long as they are connected to the Internet. This has revolutionised the characteristics of crime and warfare, allowing operations that would not have been possible before. In this document, we provide an overview of the malicious operations that are happening on the Internet today. We first provide a taxonomy of malicious activities based on the attackerâs motivations and capabilities, and then move on to the technological and human elements that adversaries require to run a successful operation. We then discuss a number of frameworks that have been proposed to model malicious operations. Since adversarial behaviours are not a purely technical topic, we draw from research in a number of fields (computer science, criminology, war studies). While doing this, we discuss how these frameworks can be used by researchers and practitioners to develop effective mitigations against malicious online operations.Published versio
Towards Conceptualizing EU Cybersecurity Law. ZEI Discussion Paper C253 2019
The European Union has a wide spectrum of legal instruments
addressing various aspects of cybersecurity, ranging from electronic
communication laws, data protection regulations through network and
information security legislation to instruments dealing with
cybercrime and recommendations on coordinated response to large
scale cyber incidents â all this without having a commonly accepted
definition of cybersecurity
Email Babel: Does Language Affect Criminal Activity in Compromised Webmail Accounts?
We set out to understand the effects of differing language on the ability of
cybercriminals to navigate webmail accounts and locate sensitive information in
them. To this end, we configured thirty Gmail honeypot accounts with English,
Romanian, and Greek language settings. We populated the accounts with email
messages in those languages by subscribing them to selected online newsletters.
We hid email messages about fake bank accounts in fifteen of the accounts to
mimic real-world webmail users that sometimes store sensitive information in
their accounts. We then leaked credentials to the honey accounts via paste
sites on the Surface Web and the Dark Web, and collected data for fifteen days.
Our statistical analyses on the data show that cybercriminals are more likely
to discover sensitive information (bank account information) in the Greek
accounts than the remaining accounts, contrary to the expectation that Greek
ought to constitute a barrier to the understanding of non-Greek visitors to the
Greek accounts. We also extracted the important words among the emails that
cybercriminals accessed (as an approximation of the keywords that they searched
for within the honey accounts), and found that financial terms featured among
the top words. In summary, we show that language plays a significant role in
the ability of cybercriminals to access sensitive information hidden in
compromised webmail accounts
On the use of serious games technology to facilitate large-scale training in cybercrime response
As technology becomes pervasive in everyday life, there are very few crimes that donât have some âcyberâ element to them. The vast majority of crime now has some digital footprint; whether itâs from a CCTV camera, mobile phone or IoT device, there exists a vast range of technological devices with the ability to store digital evidence that could be of use during a criminal investigation. There is a clear requirement to ensure that digital forensic investigators have received up-to-date training on appropriate methods for the seizure, acquisition and analysis of digital devices. However, given the increasing number of crimes now involving a range of technological devices it is increasingly important for those police officers who respond to incidents of crime to have received appropriate training.The aim of our research is to transform the delivery of first responder training in tackling cybercrime.A project trialling the use of computer games technology to train officers in cybercrime response is described. A game simulating typical cybercrime scenes has been developed and its use in training first responders has been evaluated within Police Scotland. Overall, this approach to the large-scale provision of training (potentially to a whole force) is shown to offer potential
Underground web: the cybercrime challenge
The two papers in this Special Report examine the central role that cybercrime plays in modern society and how technological developments create new opportunities for criminals to exploit.
Overview
Calum Jeffrayâs paper, Caught in the net: the law enforcement response to international cybercrime, surveys the strategic cybercrime landscape and illustrates that, despite calls for law enforcement to âdo moreâ to prevent and investigate cybercrime, the agencies involved are often hampered in acting due to jurisdictional issues or the complexity of the investigations.
Tobias Feakinâs paper, Cryptomarketsâillicit goods in the darknet, examines the emergence of the âdarknetâ, where trading in illicit goods and services in online black markets has become increasingly commonplace and exacerbates the problems that law enforcement already facesâtracing and prosecuting illegal activities online.
This Special Report includes a foreword by Australian Federal Police Commissioner Andrew Colvin
National plan to combat cybercrime
Australia is a highly connected country - technology and the internet are crucial to Australia\u27s way of life.
However, while the potential of the internet and digital economy is clearly a massive opportunity for Australia, it is also quickly emerging as a key enabler for criminal activity.
In Australia, the term \u27cybercrime\u27 is used to describe both:
crimes directed at computers or other information communications technologies (ICTs) (such as hacking and denial of service attacks) and
crimes where computers or ICTs are an integral part of an offence (such as online fraud, identity theft and the distribution of child exploitation material).
Responsibility for combating the different forms of cybercrime in Australia is shared between Australian Government agencies state and territory agencies. All jurisdictions have criminal laws directed at the various forms of cybercrime.
The Australian Attorney-General\u27s Department has led the development of a National Plan to Combat Cybercrime, in consultation with Australian Government agencies, state and territory agencies
- âŠ