In Congress, leaders of the House Intelligence Committee introduced a bill (H.R. 3361), that would require the spy agency to go through phone carriers directly when conducting metadata inquiries. (Currently, the NSA obtains records in secret at the discretion of the Foreign Intelligence Surveillance Court.) The bill also calls for the government to discontinue its bulk collection of metadata including telephone, Internet, and e-mail messages.
Partnerships. Another trend is the importance of collaboration between the public and private sectors to defend against cybercrime. Trend Micro representatives emphasized that information-sharing partnerships between law enforcement and cybersecurity companies are crucial as threat actors become increasingly sophisticated in their techniques and more malicious in their attacks.
“The success is in taking the [bad guys] down, not in taking the infrastructure down, because that’s the long-term impact on cybercrime,” said Rik Ferguson, vice president of security research at Trend Micro. He pointed out that while many investigations that shut down cybercrime disable the servers and machines controlled by the bad actors, actually arresting the responsible parties is much more effective in deterring criminal acts. “A lot of the attraction of becoming a cybercriminal is that it’s perceived as being a pretty safe place to do business, and it’s the job of security companies to work with law enforcement to make sure it’s not comfortable there, to make that seat hot,” he explained.
In an example of such public-private partnerships, Trend Micro teamed up with international police organization Interpol last year to develop a cybersecurity center in Singapore, the Interpol Global Complex for Innovation (IGCI). The IGCI, which will officially open in 2015, will focus on complex research to aid cyber companies and police organizations in solving cybercrime. Specifically, the IGCI will concentrate its efforts in the following areas: digital security, including a forensic laboratory to support digital crime investigations; capacity building and training, which involves preparing police organizations for fighting cybercrime; and operational and investigative support, which focuses on identifying emerging threats as well as providing incident response and support.
In addition to the IGCI, Trend Micro has threat researchers embedded with Interpol so that they can work literally side by side to spot threats and take down the bad actors.
Ferguson says that there are challenges when it comes to information coordination between research groups and law enforcement, including transborder issues such as different legislation in different countries, as well as the varying definition of what a cybercrime actually is. “What’s a crime in the United Kingdom might not be a crime in Spain, and that problem is exacerbated when you start to take into account that the United States, Latin America, Russia, China, and some of these places are real homelands of a lot of cybercrime,” he notes.