• Cybercrime is a growing global threat, with instances of illegal online activity increasing particularly during the COVID-19 pandemic.
  • Law enforcement agencies face challenges in tackling the ever-evolving world of cybercrime, including a lack of resources, border limitations and underreporting of cyberattacks.
  • Law enforcement agencies across the world must work together to raise awareness of cybersecurity among the public and to prevent a ransomware pandemic.

Cybercrime is a global threat that knows no borders. With law enforcement limited to national borders, cybercriminals exploit the digital world’s limitless playing fields with near impunity. The escalation of cybercrime worldwide means a global law enforcement response has never been more crucial.

As an inter-governmental organization with the vision of connecting police for a safer world, INTERPOL has been analyzing a broad range of cyber threats since the inception of its Global Cybercrime Programme in 2015. In the past year, INTERPOL witnessed an exponential growth in the scale and impact of cyber threats as criminals and fraudsters exploited fundamental social needs and anxieties in the cyberspace during the COVID-19 pandemic.

Facing the challenge

In particular, ransomware attacks targeted governments, hospitals and other institutions on the front lines of the fight against the pandemic. By attacking these critical organizations, criminals were able to maximize the damage inflicted as well as their financial gain. Indeed, ransomware provides a highly enticing and lucrative business model for cybercriminals, especially with the development of double or triple extortion and ransomware-as-a-service models.

The COVID-19 pandemic has also opened up new avenues for cybercriminals to carry out various forms of online criminality regardless of the region. New and increased vulnerabilities and attack surfaces have emerged due to a surge in internet use during the pandemic, which outpaced business’ ability to secure remote workforces and online individuals. In addition to ransomware, prominent threats now include online scams, attempts to compromise business email, illegal data-harvesting operations, misinformation and the re-emergence of older types of malware, which were repurposed to take advantage of the global pandemic.

The COVID-19 pandemic has opened up new avenues for cybercriminals to carry out various forms of online criminality regardless of the region.

—Wookyung Jung, INTERPOL & Seán Doyle, World Economic Forum

Finding a solution

At its High-Level Forum on Ransomware on 12 July 2021, INTERPOL called on police and their partners around the world to commit to stop this potential ransomware pandemic. In the face of the continued evolution of cyber threats on a global scale, the secure and swift exchange of actionable information will be fundamental to locating evidence, suspects and victims in multiple jurisdictions simultaneously.

Cybercrime investigation involves challenges that are not typical to “real world” investigations, however. For example, it is difficult for law enforcement to know first-hand that an attack has occurred, and even then, reporting rates are low. In the UK, only 1.7% of estimated total offences were referred to authorities in the 12 months to 30 September 2020. This underreporting problem limits law enforcement’s ability to accurately assess threats and effectively respond to them. This can cause cybercrime to fall down the priority list within many law enforcement agencies worldwide, which further exacerbates the situation.

Investigating cybercrime also requires specific skills and technology that are not universally available such as malware profiling, darknet tracing and cryptocurrency analysis. The gaps left in law enforcement cyber capability or regional capacity as a result can enable online criminal networks and activities to slip through the net.

Among the various ways to collaborate, one of the most successful examples has been global public awareness campaigns on cybercrime

—Wookyung Jung, INTERPOL & Seán Doyle, World Economic Forum

Moving out of the comfort zone

Recognizing these challenges, the global law enforcement community has been making efforts to be open and inclusive. In 2019, for example, INTERPOL’s General Assembly endorsed Gateway, a legal framework that enables INTERPOL to share information with certain private sector companies.

These partners have a clear view on cyber threats on a global scale coming from different sectors. INTERPOL is therefore able to receive up-to-date cybercrime data from them, as well as tapping their expertise on recent trends and gaining technical assistance. Endorsing such partnerships is a departure for law enforcement, demonstrating its willingness to accept institutional and technological innovation in order to tackle cybercrime.

Among the various ways to collaborate with these partners, one of the most successful examples has been global public awareness campaigns on cybercrime. INTERPOL has been running these campaigns with its partners annually since 2019, reaching more than 7.5 million users across the globe each time. This year, about 90 member countries signed up for the #JustOneClick campaign.

INTERPOL infographic warning against opening suspicious attachments.
INTERPOL's most recent global public awareness campaign on cybercrime warns individuals against opening suspicious attachments.
Image: Just One Click, INTERPOL

These campaigns address the challenges global law enforcement faces in preventing a ransomware pandemic in three ways:

1) Prevention is the best cure

Stopping harm before it happens is clearly the optimal outcome in most situations. In the world of cybercrime prevention, however, mitigation or recovery measures are not always available or up-to-date. Prevention campaigns can promote cyber hygiene amongst the public and remind people that just one click can let malware into their system. Raising awareness can also boost reporting of cybercrime because the public gains a better understanding of the issue.

2) Partnerships increase effectiveness

Global awareness campaigns allow law enforcement to work with the diverse actors in the global cybersecurity ecosystem under the common goal of making cyberspace safer. This strategic alignment leads to effective collaboration and active participation in sharing prevention tips with the public. We have found that some law enforcement organizations even voluntarily translate our prevention campaign strategies for their local communities.

3) Cross-collaboration builds public trust

Throughout these campaigns, cross-sector collaborations are visible to the public. This boosts these relationships and helps build trust. Public recognition of mutual efforts was identified as a key element of a successful partnership by the World Economic Forum’s Partnership Against Cybercrime Insight Report. The synergies that the World Economic Forum and INTERPOL are creating together further induce trust between the public and private sectors in a neutral environment.

What is the World Economic Forum doing on cybersecurity

The World Economic Forum's Centre for Cybersecurity is leading the global response to address systemic cybersecurity challenges and improve digital trust. We are an independent and impartial global platform committed to fostering international dialogues and collaboration on cybersecurity in the public and private sectors. We bridge the gap between cybersecurity experts and decision makers at the highest levels to reinforce the importance of cybersecurity as a key strategic priority.

Our community has three key priorities:

Strengthening Global Cooperation - to increase global cooperation between public and private stakeholders to foster a collective response to cybercrime and address key security challenges posed by barriers to cooperation.

Understanding Future Networks and Technology - to identify cybersecurity challenges and opportunities posed by new technologies, and accelerate forward-looking solutions.

Building Cyber Resilience - to develop and amplify scalable solutions to accelerate the adoption of best practices and increase cyber resilience.

Initiatives include building a partnership to address the global cyber enforcement gap through improving the efficiency and effectiveness of public-private collaboration in cybercrime investigations; equipping business decision makers and cybersecurity leaders with the tools necessary to govern cyber risks, protect business assets and investments from the impact of cyber-attacks; and enhancing cyber resilience across key industry sectors such as electricity, aviation and oil & gas. We also promote mission aligned initiatives championed by our partner organizations.

The Forum is also a signatory of the Paris Call for Trust and Security in Cyberspace which aims to ensure digital peace and security which encourages signatories to protect individuals and infrastructure, to protect intellectual property, to cooperate in defense, and refrain from doing harm.

For more information, please contact us.

Taking the next step

Cybercrime poses a formidable challenge to security worldwide and inhibits the potential of digital economies. Greater participation by the international community in building the global response to cybercrime will help overcome these issues.

A proactive prevention culture must be instilled in every organization, regardless of location or size. Further investment in raising awareness of cybercrime risks, mitigation strategies and enhancing cyber hygiene will also maximize downstream preventive benefits.

For law enforcement, digitalization has brought an opportunity to be inclusive and open, collaborating beyond national borders and sectors. And while awareness-raising and prevention efforts have made great progress in this area, challenges remain, including underreporting and gaps in cyber capability and capacity. A multi-stakeholder approach would also help to address these issues.