Africa Canada Cyber Security and Emerging Threats Diplomatic Relations Eastern Europe and Russia Europe Intelligence & National Security International Law & Policy International Relations Japan Nigeria North Korea Paul Pryce Security Security, Trade and the Economy Technology The United States of America Western Europe

How the Web Was Won

Many have lamented the lawlessness of the ‘Wild, Wild Web’ and the difficulties inherent in policing something which so readily transcends borders as the Internet. Silk Road, an online black market for the sale of illicit narcotics, continues to elude the best efforts of American and European law enforcement authorities. Intel Security Group, an Internet security firm previously known as McAfee, estimates that the annual cost to the global economy posed by cybercrime falls somewhere between $375 billion and $575 billion. As both rogue states, like North Korea, and terrorist organizations explore the potential to attack the Internet infrastructure of the world’s developed economies, it is apparent that a concerted effort from the international community is needed in order to stave off the threat of online threats like cybercrime, cyber-terrorism, and cyber-warfare.

Interpol (the International Criminal Police Organization) seems to be adapting to address such transnational threats. The Interpol Global Complex for Innovation (IGCI) was officially established in Singapore in April 2015, principally intended to serve as a research and development facility on behalf of policing organizations in 190 countries. Days before its official launch, IGCI coordinated a global operation to take down the Simda botnet, which was believed to have infected more than 770,000 computers worldwide. Since 2009, this self-propagating malware had been designed by organized criminal elements in order to obtain private information from Internet users or to create a network of computers to perpetrate distributed denial of service (DDoS) attacks. A coordinated response to Simda took on increased urgency as, in the first two months of 2015, 90,000 new infections were detected in the United States alone.Interpol

In the response to Simda, IGCI essentially served as a hub for both state and non-state actors concerned by the rapid growth of this botnet. Whereas any national policing authority acting alone would have had little impact on stymieing the spread of Simda, the IGCI brought together the Dutch National High Tech Crime Unit (NHTCU) in the Netherlands, the Federal Bureau of Investigation’s Cyber Division in the United States, the Police Grand-Ducale Section Nouvelles Technologies in Luxembourg, the Russian Ministry of the Interior’s Cybercrime Department “K”, and Japan’s Cyber Defence Institute, as well as Microsoft’s Digital Crimes Unit, Kaspersky Lab, and Trend Micro. With such a pooling of resources, it was possible to seize ten command and control servers in the Netherlands, as well as shut down supplementary servers in the US, Luxembourg, Poland, and the Russian Federation, dismantling the botnet before those responsible for the malware could react. In some respects, the IGCI reaction to the sudden spread of Sidma resembled the formation of a crisis response team by the World Health Organization (WHO) in response to the initial outbreak of Ebola in several West African countries in late 2013 and early 2014.

Beyond the demonstrated efficacy of IGCI as a coordinator, this new Interpol organ also boasts a forensics laboratory to support digital crime investigations. In some countries, budgetary constraints have allowed the innovation of cybercriminals to outpace that of law enforcement bodies. Previously that would have presented a significant risk to digital security, as those countries would be at risk of attracting cybercriminals under the belief that they would be able to operate online with impunity. IGCI’s resources could provide a much-needed boost for countries like Nigeria that have historically struggled with cybercrime and the terrorist networks the proceeds of cybercrime can help finance.Interpol Training

According to the Royal Canadian Mounted Police (RCMP), 4,000 incidents of cybercrime were reported in Canada in 2012 and the number of incidents has shown a significant upward trend. Canada may soon need to avail itself of the opportunity to collaborate with other Interpol members and private sector partners to address the growing threat cybercrime poses to Canada’s digital-dependent economy. Engagement with the IGCI in Singapore is a good starting point.

Paul Pryce
Paul Pryce is a Research Analyst at the NATO Association of Canada, supporting the work of the Canadian Armed Forces Program. Holding degrees from the University of Calgary and Tallinn University, he has previously worked in conflict resolution as a diplomatic aide with the OSCE Parliamentary Assembly and as an infantryman in the Canadian Armed Forces. His research interests are diverse and include maritime security, the African Peace and Security Architecture, and NATO-Russia relations.