The International Cyber Security Protection Alliance (ICSPA) has launched Project 2020, described as one of the largest international consultations into cybercrime. Led by policing body Europol, the study will seek to analyse trends in cybercrime, spot emerging trends for cyber attacks and share this among project partners and interested security agencies.
Threat
The organisers say that the past two years have seen the industrialisation of cybercrime, where criminals can draw on an entire supporting infrastructure of criminal service providers – from web hosting to generating credit card verification data. With more information about all of us on the web than ever before, we also have seen a sharp increase of targeted cyber attacks, so-called spearphishing.
John Lyons, the Chief Executive of the International Cyber Security Protection Alliance, says: “During the past 24 months, critical infrastructure in countries around the world has been under daily cyber attack from both organised criminal networks and state-sponsored entities.”
Europol expects these threat scenarios to evolve rapidly: Cloud computing services mean that we don’t always know to whom we are entrusting our data. The “internet of things” could see the hacking of medical devices and key infrastructure components.
“With two-thirds of the world yet to join the internet, we can expect to see new criminals, new victims and new kinds of threats,” says Dr Victoria Baines, Strategic Advisor on Cybercrime at Europol.
Project
Project 2020 will combine law enforcement agencies with that of the ICSPA’s member companies, organisations and professions. The European Commission recently designated Europol as its information hub on Cybercrime and asked the agency to establish the European Cybercrime Centre (EC3). Also contributing to the study will be the City of London Police and the European Network and Information Security Agency (ENISA).
Among the business members joining Project 2020 are payment services firm Visa Europe, the UK’s largest home shopping retailer Shop Direct Group, customer insight and fraud prevention services firm Transactis and logistics company Yodel. They will be joined by: McAfee, CGI Canada, Atos, Cassidian, Digiware, Core Security and Trend Micro.
Also participating – the International Information System Security Certification Consortium (ISC)2 and the International Association of Public Prosecutors.
“During the past few years increasingly sophisticated and highly targeted cyber attacks have resulted in significant losses – not only financial but also, potentially even more worryingly, of intellectual property in defence and aerospace, oil and petrochemicals, financial services, manufacturing and pharmaceuticals,” says ICSPA chief executive John Lyons. “Cybercrime is notoriously difficult to tackle given the international structure and capabilities of some of the criminal networks we see in operation. It used to be inherently difficult to combine international efforts to fight cybercrime; this Project will for the first time, bring together experts globally, with a remit to identify and fix weaknesses in our systems before they come to market.”
Project 2020 will deliver policy briefs and white papers on evolving threat scenarios, and establish a monitoring mechanism to assist organisations that combat cybercrime.
“Cybercrime evolves as quickly as technology, and technology develops so quickly that the unthinkable becomes mainstream before we can imagine. Furthermore, criminals today can still surprise us as they move from region to region around the world. We have the groups around the table who can make sure this will no longer be the case,” says Europol’s Dr. Baines, who will be the Project Director for Project 2020.
Commander Steve Head of the City of London Police says: “Cybercrime is becoming pervasive in society, threatening the technological, financial and social fabric of developed and developing countries. Confronting and combating it now and in the future presents one of the most difficult and important challenges of our time and can only succeed by the international community working as one. Project 2020 is laying down a blueprint for how this can be achieved and the City of London Police is committed to pooling its own expertise with fellow members to create the systems and policies that will significantly enhance cyber security around the world.”
Hord Tipton, the Executive Director of (ISC)2 says: “We applaud this opportunity to not only facilitate consultation but also improve policy development around the world. We will be encouraging contributions from the breadth of our membership who come from government and private business, and will be able to provide insight from the coalface of current practice in the field. The coalition of the international professional communities represented, business leaders and law enforcement at play here is the kind of fighting power we need to secure a healthy future in the digital age.”
“Cybercriminals are by nature difficult to police given the trans-national efforts they undertake to evade detection”, comments Anthony O’Mara, Global Head of Business Operations, Trend Micro. “We’re very pleased to be an active member of the ICSPA working with Europol, governments, industry and business sharing a common goal of sharing knowledge, skills and resources and meeting our company’s vision of a World Safe for Exchanging Digital Information. Project 2020 shows that the ICSPA is not just a talking shop, but will challenge business to recognise the need to share beyond their company borders.”
Nicholas Cowdery AM QC, former Director of Public Prosecutions of New South Wales, Australia and Chair of the Global Prosecutors E-crime Network (GPEN) says: ‘’The continuing evolution of cybercrime requires prosecutors around the world to keep pace with criminal initiatives and law enforcement responses, so as to be able effectively to bring offenders to justice. The GPEN platform enables IAP prosecutors around the world to share information and experience, keep abreast of developments and access legal tools for use in prosecutions.”
Elizabeth Howe OBE, General Counsel of the International Association of Prosecutors and a Chief Crown Prosecutor of England and Wales adds: ‘The IAP is the only worldwide organisation of prosecutors and the association between GPEN and ICSPA will enable us to develop constructive relationships with the IT industry and other law enforcement agencies in the cyber crime field.’
Notes : ICSPA
The International Cyber Security Protection Alliance (ICSPA) is a business led, not-for-profit organisation. The ICSPA (www.icspa.org) chaired by the Rt Hon David Blunkett MP, a Member of the UK Parliament and previous UK Home Secretary, marked its first anniversary in July. For more information visit www.icspa.org
