- COVID-19 is proving to be a boon for cybercriminals and fraudsters all over the world.
- The only way to beat them is through strong collaboration between the public and private sectors.
- Here's what a proposed global architecture to facilitate this kind of cooperation could look like.
Cybercrime is a major threat to global prosperity. Even now, in the midst of the worst public health crisis in a century, the cybercriminals just keep at it.
Global COVID-19 campaigns include lures themed on regional health authority impersonations, fake vaccination information, purchase or delivery of personal protective equipment (PPE), employee targets spoofed from HR, medical and pharmaceutical supplies, and even false job promises.
This should not come as a surprise. Cybercriminals have proven highly adept at exploiting a crisis or global event, and a digital ecosystem where the risk of getting caught remains very low and the potential returns are very high. Moreover, the profits from these malicious activities allow for continuous improvement in capabilities that often surpass the intensive cybersecurity investments made by government or corporate victims.
Have you read?
Acting against cybercrime
As argued in a previous Agenda article, we must confront cybercrime at its source to systemically reduce its global impact. An effective response to cybercrime requires exploring many possible courses of action and taking the interests of both the public and private sectors into account. Further, an optimal plan of action should leverage the expertise of both public and private sectors.
Designing and implementing such responses requires creativity in the conceptualisation and implementation of collaborative actions. We need to quickly disrupt cybercriminal infrastructures and services in ways that raise the cost to criminal actors, in a coordinated effort. And, where possible we need to attribute and prosecute cybercrime to raise the risk to criminal actors and offer justice to victims. This ultimately slows the adversary in their tracks; agility is often a luxury they enjoy.
Unlike other criminal areas, the private sector often has superior access to technical information and the capacity to identify, track and analyse cybercriminal infrastructures and services. This capability gives the private sector the ability not only to uncover criminal activities, but also to undertake targeted, disruptive actions by dismantling the criminals' infrastructure. However, these capabilities have limits and only governments have the legal authority to prosecute cybercriminals and impose penalties. Thus neither the private nor the public sectors have sufficient capabilities reduce the global impact of cybercrime on their own.
Partnership against cybercrime
Given the limitations on each sector, the only way to achieve the goal of reducing global cybercrime is through public-private cooperation. To this end, The World Economic Forum's Partnership Against Cybercrime initiative launched in April 2020 with the mission to explore ways to amplify public-private collaboration, improve the effectiveness of cybercrime investigations, and enhance the potential of disruptive actions against cybercriminal infrastructures. The initiative includes around 50 representatives from cyber-related service and platform providers, multinational financial organizations, government agencies, international organizations and leading non-for-profit alliances.
Building constructive cooperation
The initiative’s working group has highlighted four factors that enable sustainable, repeatable and effective cooperation. Firstly, while the end goal of cooperation serves a greater good, any collaboration must take into account the respective interests and missions of the participants. This consideration does not mean that the return on investment has to be immediate or direct, but ultimately all participants must derive value from the cooperation. For those who share the vision and values, this return could be achieved through simple steps like public recognition and bidirectional feedback. This allows for further enhancement of the sharing model as time progresses.
The second factor is trust. Trust is the scaffolding that enables collaborative groups to function. As a result, trust-building behaviours are an important dimension in the discussion. Ensuring transparency, promoting equity and fairness, making voluntary sharing the default option, and favouring joint decision-making are some of the ways to build trust over the long-term. Concerns and challenges, such as consumers’ privacy or geopolitical constraints, need to be acknowledged as well.
The third factor is strategic alignment. All operations have concrete objectives; however, the participants also need to agree on the strategic goals. All participants must understand each other’s respective needs, goals and values and continuously identify mutual ground.
The fourth factor is structure. Effective, long-term cooperation requires transparent, repeatable business rules, processes and governance. While much of the current cooperation is based on personal relationships, we need to make cooperation more systematic and durable.
What is the World Economic Forum doing on cybersecurity
The World Economic Forum's Centre for Cybersecurity is leading the global response to address systemic cybersecurity challenges and improve digital trust. We are an independent and impartial global platform committed to fostering international dialogues and collaboration on cybersecurity in the public and private sectors. We bridge the gap between cybersecurity experts and decision makers at the highest levels to reinforce the importance of cybersecurity as a key strategic priority.
Our community has three key priorities:
Strengthening Global Cooperation - to increase global cooperation between public and private stakeholders to foster a collective response to cybercrime and address key security challenges posed by barriers to cooperation.
Understanding Future Networks and Technology - to identify cybersecurity challenges and opportunities posed by new technologies, and accelerate forward-looking solutions.
Building Cyber Resilience - to develop and amplify scalable solutions to accelerate the adoption of best practices and increase cyber resilience.
Initiatives include building a partnership to address the global cyber enforcement gap through improving the efficiency and effectiveness of public-private collaboration in cybercrime investigations; equipping business decision makers and cybersecurity leaders with the tools necessary to govern cyber risks, protect business assets and investments from the impact of cyber-attacks; and enhancing cyber resilience across key industry sectors such as electricity, aviation and oil & gas. We also promote mission aligned initiatives championed by our partner organizations.
The Forum is also a signatory of the Paris Call for Trust and Security in Cyberspace which aims to ensure digital peace and security which encourages signatories to protect individuals and infrastructure, to protect intellectual property, to cooperate in defense, and refrain from doing harm.
For more information, please contact us.
Many public, private and non-profit organizations cooperate to fight cybercrime today - and yet current collaborative efforts are not sufficient. What else is required? The initiative has identified the need for a global architecture that will increase the scope, scale, speed and sustainability of public-private cooperation. Such a structure would need to support both small groups focused on concrete operations and long-term alignment, trust-building, and agenda-setting within the broader community. In addition, this global architecture should build as much as possible on the many existing cyber-related structures and initiatives, rather than adding new bodies to the already complex global cyber landscape.
One possible collaboration structure being considered by the Forum’s initiative would be to establish a loosely-coupled global alliance connected through permanent nodes and temporary threat cells. This global alliance would provide the overarching narrative and commitment, and allow for long-term dialogue to achieve strategic alignment. Permanent nodes would maintain the necessary infrastructure (technical, legal and business) over time and would provide a place for temporary threat-focused cells to work on specific operations and take action. Finally, this model also allows for a more robust and balanced model, which is essential for high availability and continued support.
The internet is built to enable collaboration – in fact, that concept drove its creation. Unfortunately, malicious actors have learned this lesson all too well and it is part of what makes them so dangerous and effective. On the defenders' side, we’ve known for a long time that we need to collaborate to combat cybercrime, but we haven’t figured out how to do so effectively. With the conceptual framework emerging from the Forum’s initiative, we now have the first step needed to make collaboration a reality.