11,633 research outputs found

    The Pivotal Role of International Human Rights Law in Defeating Cybercrime: Amid a (UN-Backed) Global Treaty on Cybercrime

    Get PDF
    On May 26, 2021, the General Assembly of the United Nations adopted a resolution approving the drafting of a new global treaty on cybercrime, which commenced in February 2022. The proposed UN agreement on cybercrime regulation has garnered significant criticism among the international community, namely by state delegates, human rights advocates, and nongovernmental organizations. Fears stem from the belief that such a treaty would be used to legitimize abusive practices and undermine fundamental human rights. National cybercrime laws already unduly restrict human rights. However, at a time where the global community has moved toward a digital world, it becomes even more necessary to legislate on a global scale against the commission of cybercrime. This Article aims to provide guidance on how to ensure respect for human rights in the drafting of a global treaty on cybercrime in the hopes that it will help guide the process and facilitate a smoother transition. The Article concludes that national security concerns stemming from threats of cybercrime should be viewed not as dichotomies but as complementary, where one cannot be achieved without respect for the other, concluding that the best approach is one that integrates human rights into the text of the treaty, thereby ensuring that human rights are not trumped by national security concerns in the name of cybercrime regulation

    Economic Factors of Vulnerability Trade and Exploitation

    Full text link
    Cybercrime markets support the development and diffusion of new attack technologies, vulnerability exploits, and malware. Whereas the revenue streams of cyber attackers have been studied multiple times in the literature, no quantitative account currently exists on the economics of attack acquisition and deployment. Yet, this understanding is critical to characterize the production of (traded) exploits, the economy that drives it, and its effects on the overall attack scenario. In this paper we provide an empirical investigation of the economics of vulnerability exploitation, and the effects of market factors on likelihood of exploit. Our data is collected first-handedly from a prominent Russian cybercrime market where the trading of the most active attack tools reported by the security industry happens. Our findings reveal that exploits in the underground are priced similarly or above vulnerabilities in legitimate bug-hunting programs, and that the refresh cycle of exploits is slower than currently often assumed. On the other hand, cybercriminals are becoming faster at introducing selected vulnerabilities, and the market is in clear expansion both in terms of players, traded exploits, and exploit pricing. We then evaluate the effects of these market variables on likelihood of attack realization, and find strong evidence of the correlation between market activity and exploit deployment. We discuss implications on vulnerability metrics, economics, and exploit measurement.Comment: 17 pages, 11 figures, 14 table

    Between Hype and Understatement: Reassessing Cyber Risks as a Security Strategy

    Get PDF
    Most of the actions that fall under the trilogy of cyber crime, terrorism,and war exploit pre-existing weaknesses in the underlying technology.Because these vulnerabilities that exist in the network are not themselvesillegal, they tend to be overlooked in the debate on cyber security. A UKreport on the cost of cyber crime illustrates this approach. Its authors chose to exclude from their analysis the costs in anticipation of cyber crime, such as insurance costs and the costs of purchasing anti-virus software on the basis that "these are likely to be factored into normal day-to-day expenditures for the Government, businesses, and individuals. This article contends if these costs had been quantified and integrated into the cost of cyber crime, then the analysis would have revealed that what matters is not so much cyber crime, but the fertile terrain of vulnerabilities that unleash a range of possibilities to whomever wishes to exploit them. By downplaying the vulnerabilities, the threats represented by cyber war, cyber terrorism, and cyber crime are conversely inflated. Therefore, reassessing risk as a strategy for security in cyberspace must include acknowledgment of understated vulnerabilities, as well as a better distributed knowledge about the nature and character of the overhyped threats of cyber crime, cyber terrorism, and cyber war

    Adversarial behaviours knowledge area

    Full text link
    The technological advancements witnessed by our society in recent decades have brought improvements in our quality of life, but they have also created a number of opportunities for attackers to cause harm. Before the Internet revolution, most crime and malicious activity generally required a victim and a perpetrator to come into physical contact, and this limited the reach that malicious parties had. Technology has removed the need for physical contact to perform many types of crime, and now attackers can reach victims anywhere in the world, as long as they are connected to the Internet. This has revolutionised the characteristics of crime and warfare, allowing operations that would not have been possible before. In this document, we provide an overview of the malicious operations that are happening on the Internet today. We first provide a taxonomy of malicious activities based on the attacker’s motivations and capabilities, and then move on to the technological and human elements that adversaries require to run a successful operation. We then discuss a number of frameworks that have been proposed to model malicious operations. Since adversarial behaviours are not a purely technical topic, we draw from research in a number of fields (computer science, criminology, war studies). While doing this, we discuss how these frameworks can be used by researchers and practitioners to develop effective mitigations against malicious online operations.Published versio

    Towards Conceptualizing EU Cybersecurity Law. ZEI Discussion Paper C253 2019

    Get PDF
    The European Union has a wide spectrum of legal instruments addressing various aspects of cybersecurity, ranging from electronic communication laws, data protection regulations through network and information security legislation to instruments dealing with cybercrime and recommendations on coordinated response to large scale cyber incidents – all this without having a commonly accepted definition of cybersecurity

    Email Babel: Does Language Affect Criminal Activity in Compromised Webmail Accounts?

    Full text link
    We set out to understand the effects of differing language on the ability of cybercriminals to navigate webmail accounts and locate sensitive information in them. To this end, we configured thirty Gmail honeypot accounts with English, Romanian, and Greek language settings. We populated the accounts with email messages in those languages by subscribing them to selected online newsletters. We hid email messages about fake bank accounts in fifteen of the accounts to mimic real-world webmail users that sometimes store sensitive information in their accounts. We then leaked credentials to the honey accounts via paste sites on the Surface Web and the Dark Web, and collected data for fifteen days. Our statistical analyses on the data show that cybercriminals are more likely to discover sensitive information (bank account information) in the Greek accounts than the remaining accounts, contrary to the expectation that Greek ought to constitute a barrier to the understanding of non-Greek visitors to the Greek accounts. We also extracted the important words among the emails that cybercriminals accessed (as an approximation of the keywords that they searched for within the honey accounts), and found that financial terms featured among the top words. In summary, we show that language plays a significant role in the ability of cybercriminals to access sensitive information hidden in compromised webmail accounts

    On the use of serious games technology to facilitate large-scale training in cybercrime response

    Get PDF
    As technology becomes pervasive in everyday life, there are very few crimes that don’t have some ‘cyber’ element to them. The vast majority of crime now has some digital footprint; whether it’s from a CCTV camera, mobile phone or IoT device, there exists a vast range of technological devices with the ability to store digital evidence that could be of use during a criminal investigation. There is a clear requirement to ensure that digital forensic investigators have received up-to-date training on appropriate methods for the seizure, acquisition and analysis of digital devices. However, given the increasing number of crimes now involving a range of technological devices it is increasingly important for those police officers who respond to incidents of crime to have received appropriate training.The aim of our research is to transform the delivery of first responder training in tackling cybercrime.A project trialling the use of computer games technology to train officers in cybercrime response is described. A game simulating typical cybercrime scenes has been developed and its use in training first responders has been evaluated within Police Scotland. Overall, this approach to the large-scale provision of training (potentially to a whole force) is shown to offer potential

    Underground web: the cybercrime challenge

    Get PDF
    The two papers in this Special Report examine the central role that cybercrime plays in modern society and how technological developments create new opportunities for criminals to exploit. Overview Calum Jeffray’s paper, Caught in the net: the law enforcement response to international cybercrime, surveys the strategic cybercrime landscape and illustrates that, despite calls for law enforcement to ‘do more’ to prevent and investigate cybercrime, the agencies involved are often hampered in acting due to jurisdictional issues or the complexity of the investigations. Tobias Feakin’s paper, Cryptomarkets—illicit goods in the darknet, examines the emergence of the ‘darknet’, where trading in illicit goods and services in online black markets has become increasingly commonplace and exacerbates the problems that law enforcement already faces—tracing and prosecuting illegal activities online. This Special Report includes a foreword by Australian Federal Police Commissioner Andrew Colvin

    National plan to combat cybercrime

    Get PDF
    Australia is a highly connected country - technology and the internet are crucial to Australia\u27s way of life. However, while the potential of the internet and digital economy is clearly a massive opportunity for Australia, it is also quickly emerging as a key enabler for criminal activity. In Australia, the term \u27cybercrime\u27 is used to describe both: crimes directed at computers or other information communications technologies (ICTs) (such as hacking and denial of service attacks) and crimes where computers or ICTs are an integral part of an offence (such as online fraud, identity theft and the distribution of child exploitation material). Responsibility for combating the different forms of cybercrime in Australia is shared between Australian Government agencies state and territory agencies. All jurisdictions have criminal laws directed at the various forms of cybercrime. The Australian Attorney-General\u27s Department has led the development of a National Plan to Combat Cybercrime, in consultation with Australian Government agencies, state and territory agencies
    • 

    corecore