Russia and cybercrime

Russia and cybercrime

• 1.
  Ministry of ForeignAffairs of the Russian Federation Department on New Challenges and Threats Countering cybercrime 10-th E-Crime Congress London, 13-14 March 2012
• 2.
  New general trendsin the cybercrime market in 2011  Targeted attacks on the financial sector  Increase in online banking fraud incidents  Surge in the number and complexity of DDoS attacks
• 3.
  New general trendsin the cybercrime market in 2011  Spread of hacktivism, attacks with socio-political motives  Use of social engineering techniques to steal personal information and other online fraud Targeted attacks on the facilities of critical infrastructure
• 4.
  Main indicators ofthe cybercrime market in 2011  Creation of organized groups with a centralized management system  Penetration of the cybercrime market by traditional organized crime groups, attempting to not only control the cashing of stolen funds, but the entire theft process  Growth of the internal market. This market covers the so-called Cybercrime to Cybercrime (C2C) services, provided on a paid basis by specialized teams of hackers
• 5.
  Main indicators ofthe cybercrime market in 2011  Strong growth this past year, reflected in the number of crimes and the volume of profits earned by the hackers  Professionalization of cybercrime, expansion of provided services, and interest from traditional organized crime groups, leading to an increase in damages from hacker activities  No clearly defined global geographical centers with a high concentration of cybercriminals, they can carry out their attacks from anywhere in the world
• 6.
  What are thequantitative results in 2011?  Preliminary estimate of the financial performance of the global cybercrime market in 2011: $12.5 billion  Two-thirds of global cybercrime is online fraud and spam
• 7.
  What does theInternational Information Security (IIS) mean? IIS based on the nature of the inseparable «triad» of threats:  Politico-military  Terrorist  Criminal
• 8.
  What legal basisdo we have today? Council of Europe Convention on Cybercrime most important regional legal instrument aimed at combating crime against computer security Council of Europe Convention on Cybercrime one of the first attempts to codify the rules for combating cybercrime, which is an especially dangerous phenomenon owing to its scale and consequences for national and international security
• 9.
  Is Convention enoughto respond effectively to the new dynamic challenges in the computer sphere? NO
• 10.
  - Convention onCybercrime does not provide any systematic response to the new trends of cybercrime - Convention on Cybercrime does not provide any systematic response to the new challenge of cyberterrorism - The notions of cybercrime and cyberterrorism have not been codified yet, and its components, in their entirety, have not been criminalized at the international level - There is no definition of terrorist intentions, without which criminal sanctions would hardly commensurate with the terrorist threat of this criminal act
• 11.
  - Convention onCybercrime does not incorporate provisions excluding fully impunity of a person, who has committed an illegal act - Responses to the threat of cyberterrorism could not be found through the combined application of the Council of Europe conventions on Cybercrime (2001) and on the Prevention of Terrorism (2005)
• 12.
  What Sectors ofCritical Infrastructure Are Potentially Vulnerable to Cyber Attacks? information, communication energy water technologies, ICT public and legal food health financial order and safety civil space and transport administration research chemical and nuclear industry
• 13.
  Russian strategy tofight Cybercrime • Based on the comprehensive and balanced approach • Necessity to codify global cyberspace • Start working out the universal glossary or terminology on the IIS issues for further elaboration of the UN regulatory documents in this area and generally recognized international norms and criteria for fighting cyberthreats
• 14.
  Russian Initiatives • CISAgreement on cooperation to combat information computer crimes was signed in 2001 (July, Minsk) • In 2009 for the first time in international practice it was signed an Agreement among the Governments of the SCO Member States on Cooperation in the Field of Ensuring International Informational Security • In 2010 the Russian Federation and Brazil signed a bilateral agreement on cooperation in the field of international security for information and communication
• 15.
  Russian Initiatives • Initiatedin 2010 within the framework of the UN Commission on Crime Prevention and Criminal Justice Resolution 19/3 «Strengthening public-private partnerships to counter crime in all its forms and manifestations» • Prepared the draft “Rules of conduct” in the sphere of international security disseminated as an official document of the 66-th session of the UN General Assembly • Offered the concept of Convention on ensuring international security submitted at the 2nd International Meeting of High-Ranking Officials Responsible for Security Matters in Yekaterinburg (2011)
• 16.
  Russian Initiatives • Stronglysupports and shares the idea (reflected in the Declaration of the 12-th UN Congress of CPCJ) of drafting the universal Convention on cooperation in combating information/cyber crime under the aegis of the UN
• 17.
  What is thepurpose of the UN Convention on Cybercrime? • Promote and strengthen measures to prevent and combat cybercrime more efficiently and effectively • Promote, facilitate and support international cooperation and technical assistance in the providing of an adequate response to all criminal challenges in the computer sphere
• 18.
  Thank you