Although the Internet may be considered the greatest achievement of the past 50 years, the technology behind it has created a sanctuary for various types of computer criminals. The unfortunate and ugly truth is that the Web is providing a brand new “world” where international cyber criminals can thrive, and the world’s numerous criminal justice systems just aren’t ready to address these crimes in their entirety.
Cyber criminals don’t necessarily need to leave the comfort of their homes to commit their crimes. Today, for example, bank robberies can be committed in Southeast Asia via a computer that’s being controlled by an individual in Russia. Identity theft is achieved through a complex network of individuals residing in North America, Europe, and Africa, all effectively working together on the Internet to profit from shared information. And organized crime has ties to spam campaigns, identity theft, denial-of-service attacks, and organized hacking rings.
The fact is that Internet crimes are almost always international crimes. When you read about a bank system being hacked in order to steal 100,000 accounts, more than likely this crime was committed by perpetrators overseas, and there will almost definitely be a connection to organized crime. This part of the story is rarely conveyed to the everyday reader, but it is critical to understand this fact if we are going to fix the problem.
In the world of cyber crime, law enforcement officials in most countries have recognized that they must move much faster than the average investigator due to the fact that computer evidence can “disappear” rather quickly. These same cyber investigators realize they must be willing and ready to cooperate with law enforcement officials in other countries if they actually plan to capture the Internet criminals.
Laws, treaties, and conventions, such as the Convention on Cybercrime, have attempted to address the international cooperation issue. Although the Convention on Cybercrime is an outstanding step in the right direction, is not a “law” that applies to all countries. Regardless of whether the country is a member of this Convention, the punishments levied are based on the local laws of the land.
But the problem with investigating international cyber crimes and capturing criminals on the Internet is not necessarily due to lack of cooperation among international law enforcement bodies. The issue has much more to do with the fact that the legal systems throughout the world vary greatly and take a very long time to change. These two facts make it extremely difficult for law enforcement to cooperate, investigate, capture, and ultimately prosecute the cyber criminals today.
If we accept the fact that the greatest hurdle in arresting international cyber criminals is that various legal systems just aren’t prepared to address the speed at which these crimes occur or the various nuances that are unique to computer crimes, then the question is: What can we do to fix the problem?
It’s obvious that the Internet requires some type of governance. But it is just as obvious that trying to establish this governance through the numerous legal systems might not be practical. The other possibility for governing the Internet, and, more specifically, the criminal activity that occurs on the Internet, would be to change the structure of the Internet. Although I don’t support ideas like the “national firewalls” put in place by some countries, this type of solution does afford some level of control over Internet traffic flowing through said country.
However, knowing all the possibilities with disguising or “spoofing” one’s information on the Web, I’m not sure that there is a way to truly “protect our borders” when it comes to the Internet. The solution might be to establish two Internets -- the current Internet and a new, more secure Internet where users would be required to register prior to gaining access. Once again, though, we’re confronted with the issue of what would be the governing body that would manage the user registrations? Would it be an organization similar to the IANA (Internet Assigned Numbers Authority) or InterNIC that would manage user registrations on the “new” Internet, or do we need to establish an entirely new entity to manage a more secure Internet?
The fight against international cyber crime is going to take a concerted effort from large and small corporations, law enforcement in all countries, as well as the governments and legislative bodies of those same countries. Most importantly, the average end user will have to join the fight to bring about change on the Internet, or create a “new” Internet using the lessons we’ve learned.
— Patrick J. Dempsey, Chief Information Security Officer for Janney Montgomery Scott and former FBI agent
I agree that some kind of a global governance body needs to put in place a set of laws for the digital land of the Internet.However, as you mentioned, it is a challenging endeavor that will require honest cooperation from other nations.
It is hard to imagine a new Internet being created with the existing Internet continuing to rampantly grow every day.I think people have become comfortable for the most part with this digital realm void of any major laws addressing cyber crime.Then again, this new Internet could provide a sort of backwards compatibility to interact with the current Internet.
It is without a doubt, cyber crime is an important issue that needs to be addressed as it can have serious ramifications for anyone using the Internet.
I agree that a new Internet seems like an overwhelming task, and one that would make drawing the audience (really, what the Internet IS, now) that much harder. No anonymity? No thanks.
The punishment of cyber crime committed abroad also necessitates legal cooperation among countries, which brings up another set of issues. Internet diplomacy?
You legitimately scare me. Your lack of understanding of how the internet "works" is astounding. Anonymity and freedom go hand and hand. If you can't see this, Messrs. Jefferson, Franklin, and Paine are rolling in their graves. Or, maybe you just don't want true freedom. If that's the case, all hope is lost. Do me a favor. Read the Declaration of Independence. Read the Constitution. Hopefully it will give you perspective, that is, a perspective other than one in which saving the world from the boogie-man terrorists is your raison d'etre.
The author states "It’s obvious that the Internet requires some type of governance."
Statements that begin with "It's obvious" usually mean that the speaker cannot justify the premise, and is attempting to slip that fact past the unsuspecting reader. That's certainly the case here.
The history of telecommunications makes it quite clear that a "governed Internet", with the capabilities of the current Internet, could NEVER HAVE COME TO EXIST! It is only because the current TCP/IP internet is, technically speaking, "stupid", is fundamentally ungoverned and ungovernable, that innovation has been able to outpace the would-be gatekeepers. (Examine the history of the various state telecomm monopolies in Europe in the 1950's through 1980's as a classic example. They were uniformly horrible, overpriced, and easily monitored and perverted.)
Will crimes be committed in an ungoverned Internet? OF COURSE THEY WILL! Will crimes be committed in a country where freedom of speech is guaranteed? OF COURSE THEY WILL!
The author could easily write, with the identical justification, that "It's obvious that free speech requires some sort of governance."
Niven's Law states that F * S = K. I.e. Freedom times Security is a constant. More freedom; less security. More security; less freedom.
We may choose to reduce the freedoms available in a "governed" internet, in the hope of increasing security. We may even succeed. (Although personally I doubt it -- a governed internet may just replace thieves with masters. Which ones are more dangerous?)
But the author is essentially asserting, like a stage magician who misdirects your attention, that the tension between freedom and security does not exist, that the need for governance is "obvious".
Real difficult. There are both technical and political difficulties. As Eve says, no anonymity, no thanks. But there are levels of anonymity - in real world you have no anonymity. In reality it is rather easy to find who (not a person but the end point in computer language) and where given the technology, what you can do with that is another story which, I think, Patric is referring. Signing up for a service always binds to some kind of (international) agreement and makes it so much easier to monitor, control and manage by rules, regulations and laws without too much politics. Based on experience in some countries I would trust the law enforcement persons %99.999 (good enough for computer people?) but what about politicians, especially with religious issues. Greed I understand, it is easy, but cultural (ethnic, environment, believes, etc) difference should not and can not be part of any kind Internet laws and regulations – period. How many persons you know who are not biased by those? I believe that Patric is one – I have some experience with FBI but are all like him? I know a lot of people in law (global) enforcement who, even they of course have their own mind, are impartial but how to keep it that way? Sorry about a long rant but trust me, this is not a new issue. I had to deal with international fraud even in 70's and it wasn't any easier at that time, networks are nothing new, just much more available today.
There is a very simple fact you are missing with your post: you can not beat technology with more technology. Were we to create a new internet, how would we do it? We'd still have to use TCP/IP, Ethernet, and all of the other basic technologies unless you want to set us back 50 years by scrapping it all. That technology needs to be implemented in software and hardware, and it is impossible to write perfect code. Human beings are imperfect along with everything we produce. However even the very best code can, and will eventually be broken. That's why 10% of the expense in software is creating it, then 90% in maintaining it. Those bugs lead to exploits, those exploits lead to cybercrimes.
So, if you can a) come up with a way to completely re-design and re-implement a world wide communications infrastructure, B) create a standardized model internationally to make it work, C) do this all for a lower cost than the 5% of the world's population who actually care about this are actually losing to cybercrime, then you may be on to something. But that brings us back to the fact that you can't defeat technology with more technology - as your research and development efforts can and will be completely confounded by a single bored geek with a soldering iron on one of your newly designed routers who then spreads the knowledge via sneakernet.
You must understand, the fact is that you can not control the internet. It is the first thing that human beings, as a species, have created that acts as such. It can't be given borders because it is designed to be amorphous. It is designed to work around holes you create. Any other internetwork you create will have these same features or practicality will render it useless. Look at China's great firewall. It has more holes than swiss cheese, and more are opening every day. Maybe, just maybe, a great equalizer has come. And the 5% of the population in every nation across the world who control 95% of the worlds money finally have something to fear because they can't control it. Australia already realized it when they admitted that technology has long ago passed the law by, and there is no way for the law to keep up. Now the rest of the world needs to see it.
If you apply the same logic to cars that this article applies to the internet, you'll see how really scary this idea is. Since cars make it easier for criminals to escape being caught, what if we scrapped all current cars, and replaced them all with cars that had a kill switch in them that police could activate? I don't think anyone would accept that for a minute, to say nothing of the presumption of guilt that is implied.
If this poster truly wants a worldwide network with required logins and no anonymity, they've already been built. They're called Telenet and BITNET. Unsurprisingly, they both have few users.
I think a global internet governance needs to be publically scrutinised and accountable. Police, lawyers, politicians and security experts can't be trusted. Transparency and public exposure is the method to bring most types of crime and corruption to task.
Next is a global internet control structure with switches, routers and nodes which addresses and identifies all users, devices and streams of data. The control comes from the network interacting with itself and from the central authority, not from the edge.
Controlling cyber criminals starts with people reporting to a responsive body, tracing and investigating the criminals, responding by stopping their illegal online activities, then presenting the evidence to the correct legal authorities for prosecution and compensation.
When we drive our cars, it is only after we have been issued a drivers license. This requires numerous proofs of identity, issued only through a system of trust.
Companies supplying equipment for the network structure or nodes are licensed and continuously scrutinised. Users are licensed. All devices and nodes are addressed and identified. All devices are initially dumb and bootstrapped with firmware from the network. All hardware and code is tested and approved before devices can be used on the network. The network won't respond to illegal equipment or users.
I have waited 20 years for the internet to require ... more.
There has been on going research on the concept of new internet design stretching back over a decade. A year ago or more, Stanford University launched a wite paper on the topic "Clean Slate Design for the Internet" and currently maintain a web site on their research. Much discussion on the idea followed on both Slashdot and Digg at the time. I was sufficiently motibated to do some in depth research on the topic and prepared a essay about this, available at http://www.tropicalcoder.com/BrokenInternet.htm
It provides a strong foundation of background material and research and raises some serious questions. Since that time, for unknown reasons reason Stanford University has removed the white paper that outlined their research program from their site .
Internet Evolution RSS Updates Want to stay up to date on the topics covered in this article? Use the links below to subscribe to our topical RSS feeds:
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
A picture is worth a thousand words, or so the old saying goes. So understanding how to use images in e-newsletters effectively is quite important. Here are a few tips to ensure that your images in email newsletters work to your advantage.
Arms merchant or army? That's a fundamental question for vendors in the cloud computing space. Do they just sell their tooling to any and all comers, who then become the actual purveyors of hosted infrastructure, developer platforms, and software? Or do they offer their own cloud-based services, perhaps even keeping much of their technology in-house for competitive advantage?
With the value of toxic assets on the rise, large U.S. and European banks face many challenges on the road to recovery. Sharing key information may help these firms effectively track the way forward.
Most of us go through life knowing that we’re expected to learn from our mistakes and improve. Those who are more conscientious about learning and personal improvement usually reap greater rewards.
Marketers are known for exaggerated claims and stretching the truth just a wee bit. But most marketers I know truly believe in what they sell. Their aggressiveness is based on a confidence that what they are promoting truly benefits the customer.
While Google introduces its new Chrome OS (which I'm hearing will be widely available in one year? Did I mishear that?), IBM announced 10 new products today to help companies using IBM System z mainframe technology.
Smarter Collaboration: How to Thrive in a Challenging Business Environment Market conditions are changing faster than ever, and organizations need to improve their agility and adaptability in order to provide better service and improve processes. The ability to work with customers, business partners, and employees as effectively as possible - while at the same time holding down costs - is a key to success. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
Industry initiatives and government stimulus funds are giving enterprise software vendors a great opportunity to help build out and manage smart grid technologies.
The problem with telepresence is that it's not universally accepted, because video calling isn't. While we can all do video calling, we also apparently worry too much about how we look. If we want HD telepresence in our future, we have to dress down, mess up our hair, and dive into our online life.
The US loses about $20 billion a year on pirated software, movies, and music. But public policy can help stem the tide of digital theft. For example, France has recently passed a 'three strikes and you’re out' law, whereby if after two warning letters an individual continues to download pirated software then his Internet access will be cut off. US policy makers should consider adopting similar policies.
Financial management planning does not need to include Voodoo economics, but it does help to tap into the knowledge base of your team through some sort of real-time system. We explore your options.
When Reiter gets incensed over incompetent Verizon FiOS order-taking and support, he broadcasts it via Twitter. Did it do any good? How should your company offer Twitter support? Watch this for all the answers.
The successor to the BlackBerry Bold 9000 – the Bold 9700 – will be available soon in the US. Is it worth upgrading? Reiter's got one, and offers advice.
Digg
Del.icio.us
Reddit
Email This
TWEET THIS
