Awareness and Cooperation: Key Factors in the Fight against Cybercrime

According to the EU’s strategy paper: “cybercrime commonly refers to a broad range of different criminal activities where computers and information systems are involved either as a primary tool or as a primary target. Cybercrime comprises traditional offences (e.g. fraud, forgery and identity theft), content-related offences (e.g. on-line distribution of child pornography or incitement to racial hatred) and offences unique to computers and information systems (e.g. denial of service, malware and attacks against information systems).”

Cybersecurity, according to the EU: “commonly refers to the safeguards and actions that can be used to protect the cyber domain, both in the civilian and military fields, from those threats that are associated with or that may harm its interdependent networks and information infrastructure. Cybersecurity strives to preserve the availability and integrity of the networks and infrastructure and the confidentiality of the information contained therein”.

For an in-depth analysis, the European Network and Information Security Agency (ENISA) – the EU agency set up as an information and knowledge exchange on information security – has listed online the main
national cybersecurity strategies
and also the Europol European Cybercrime Centre (EC3). The latter, a unit established to be the focal point in the EU’s fight against cybercrime, highlights the cybercrime
global trends and the main crime areas
. Cybercrime covers a broad range of attacks and companies and their treasury departments need to be aware that cyberthreats are now widespread in all aspects of everyday life.

‘Awareness First’ in Facing Cybercrime

Cybercriminals are using ever more sophisticated methods for intruding into information systems, stealing critical data or holding companies to ransom. Everyone should be aware of cyberthreats and of the related security countermeasures. Businesses and organisations need to be able to evaluate the impacts of the cyberthreats in each environment and put adequate protection into practice.

We do not all have to be IT security specialists or senior security managers to support our company on cyber issues. Some measures (the most technical ones) can imply choices in the IT environment that only IT staff can make, but other highly effective measures relate to the way we use – or misuse – technologies. Cyber risks are also in the tools we adopt for business and personal purposes. By being aware of these cyberdangers and acting accordingly, we can fully support the “defence in depth” that our company needs to build against cybercrime.

Awareness and prevention are fully in line with a risk culture that in our company needs to be increasingly oriented to fighting cybercrime at all levels. Awareness is every bit as important as security techniques and detection tools. In order to face cybercrime we must not only rely on highly sophisticated security techniques, but we also need to give value to the organisation and social mechanisms that can strengthen the effectiveness of our technical defenses.

A Different Perspective: Cybercrime Risk for Critical Infrastructures

‘Critical infrastructures’ are organisations with major importance for the public good, whose failure or damage would lead to substantial supply bottlenecks, considerable disturbance of public security or other dramatic consequences. They operate in key sectors of the economy, such as finance, healthcare, energy and transport – each of which relies heavily on information and communications technology.

That is where the IT networks are becoming increasingly interconnected and need to be reliable at all times. These additional risks imply extra countermeasures to safeguard not only the companies but also the whole community. Cybercrime in this domain becomes a systemic risk. In finance, for example, some service providers play a critical role due to the IT services they offer to the financial market and to the payments system. These companies are required to identify and define the processes that are critical for the community, to develop adequate management of operational, IT and security risks, and to keep specific business continuity and disaster recovery plans regularly and effectively updated. These business continuity procedures were once in place to face operational incidents and disasters; they are now also required to be put in place and adequately exercised against cybersecurity risks.

Even central banks, market regulators and other relevant authorities are involved. They supervise this new security issue with guidelines specifically addressed to critical service providers and have the right to assess the governance, risk management and resilience of infrastructures and networks. In our everyday life, we all make use of the services provided by some critical infrastructures. Their network interdependence is an asset, and we should understand that their cybersecurity is a complex, yet necessary challenge.

An Open Issue: Partnerships to Fight Cybercrime

In cyberspace, defence is always struggling to keep abreast of attack. Hackers may strike from anywhere on the internet. They can attack instantaneously by exploiting one single or temporary vulnerability, to hack into highly sophisticated and well-protected domains, and they can only be traced and detected with difficulty.

This asymmetric nature implies the need to develop a different defence posture to speed up reactions, and to assure a continuous update on the status of the technology and of the security measures adopted. The answer is a well-coordinated approach, facilitating private-public partnerships and an information-sharing network among players in the same field with similar weaknesses of IT products, vulnerabilities and forms of attack.

One example of this different defence posture is the initiative launched by the Italian police to promote synergic cooperation with critical national infrastructures, aimed at preventing and investigating cybercrime. This initiative is inspired by the principle of participative security. Following a series of agreements to fight cybercrime, Italy’s police now perform proactive security activities through Centro Nazionale Anticrime Informatico per la Protezione delle Infrastrutture Critiche (CNAIPIC), aka Italy’s National Computer Crime Centre for Critical Infrastructure Protection. This unit is run by the postal and communication police and works in close and direct contact with the principal companies operating in the energy, transport, communication and finance sectors including SIA, oil and gas group ENI, Poste Italiane, broadcaster RAI and Vodafone Italia.

Also in the financial marketplace are working groups, initially established for operational crisis management coordination in response to disasters. These working groups have since also developed into specialised financial forums, in which participants can discuss the evolution of cybersecurity threats in a global framework of business continuity, risk prevention and control measures. These two examples show how the challenge of the coming years will be the ability to address failures proactively, to adopt effective resilience techniques and to resolve problems through cooperation.


Related reading