Andrey Popov - Fotolia

Collaboration is key to combating cyber crime

Interpol has called for speedy and effective information-sharing between law enforcement agencies, governments, businesses and cyber security companies to counter growing cyber threats

The global nature of cyber crime means no single country or organisation can rely solely on its own capabilities to address the problem of transnational and organised crimes, according to Interpol.

Speaking at the opening of Interpol World 2017 in Singapore, Interpol president Meng Hongwei said government officials, law enforcement officers, scholars, private sector operators and cyber service providers all have a role to play in mitigating cyber threats that “may be out of our imagination in terms of scale, speed and influence”.

Pointing to the partnership approach that underpins the work of Interpol’s Global Complex for Innovation (IGCI) in Singapore, Meng said efforts are already underway to consolidate global efforts to fight cyber crime.

In April 2017, the IGCI brought together investigators from several Southeast Asian nations to share information on specific cyber crime situations in an operation that led to the discovery of nearly 9,000 command and control (C2) servers in the region.

Experts from seven private sector companies also took part in pre-operational meetings, which led to the publication of 23 cyber activity reports that highlighted various cyber threats and recommended actions to be taken by national authorities. But more can be done.

Meng called for more sharing of cyber threat information across the industry. “Speedy and efficient communication is no doubt necessary to catch up with criminals. On top of traditional information exchange between law enforcement agencies, cross-spectrum information-sharing is indispensable to counter global threats,” he said in a speech delivered in Mandarin.

For instance, he said banks, financial institutions and security service providers can update law enforcement officers with the latest security system they are using, while law enforcement officers can share the latest crime trends and modus operandi.

Read more about cyber security in Asean

  • Threat intelligence feeds provide valuable information to help identify incidents quickly, but only if they are part of an intelligence-driven security programme.
  • WannaCry’s spread in Asia-Pacific accounted for just 10% of detections worldwide, indicating the ransomware’s limited reach in the region.
  • Only 20% of chief information security officers in Singapore and Australia say their organisations can prevent data breaches, according to a ServiceNow survey.
  • Managed services supplier CenturyLink will invest in infrastructure and headcount to support the growing demand for managed security services in APAC.
  • Palo Alto Networks’ Singapore headquarters will house sales and support staff, as well as security analysts from Unit 42, the company’s threat intelligence team.

In a separate presentation, Christian Karam, global head of cyber threat intelligence at Swiss banking giant UBS, noted that information-sharing will help organisations make sense of ongoing threats by cross-referencing those threats with their peers. This will enable organisations to move on to later stages of the incident response lifecycle.

This has to be done quickly, however, since criminal intelligence analysis is vital and is built on the speedy and effective information-sharing, said Meng. “Only if we do it well can we take a pre-emptive [response] against criminals,” he said.

Meng also called for the need to raise awareness of cyber security among the public and vulnerable sectors, and for organisations to work with strategic partners to roll out education programmes.

“We should advocate a multi-agency approach in conducting training to achieve our purpose,” he said. “Our staff and officers must be equipped with multifaceted knowledge and expertise in order for us to counter the complexity and ever-evolving crime trends.”

Read more on Hackers and cybercrime prevention

Data Center
Data Management