The importance of public-private engagement on a global scale in combatting cybercrime was discussed during a virtual Microsoft security briefing.
Opening the discussion, Amy Hogan-Burney, general manager, digital crimes unit at Microsoft, highlighted how the cyber-threat landscape has evolved since the start of the COVID-19 pandemic. While the tactics used by cyber-criminals have not altered significantly as they were already operating in the digital space, the shift to remote working has made it easier to target organizations.
Additionally, cyber-criminals have been able to leverage the evolving nature of the COVID-19 crisis to ensure common techniques such as phishing are more effective. “There’s definitely a common theme that, if there is a geo-political issue, then cyber-criminals will use that in order to target individuals and specifically people working from home,” said Hogan-Burney.
Craig Jones, director of cybercrime at Interpol, observed that attacks such as phishing, which entice users to click on malicious links, have been more likely to succeed when COVID-related lures are utilized. “There’s the human factor in all this,” he explained. “That’s us – the communities who click on those links and want that information and to understand what’s going on.”
Both speakers revealed they are now seeing cyber-criminals looking to take advantage of the very topical issue of vaccine rollouts. Hogan-Burney said: “The first thing we’re going to see is the social engineering aspect that’s always prevalent in cybercrime in order to gain access to systems.” Jones added that criminals are starting to use counterfeit vaccines and certificates to trick people, noting that those living in poorer areas will be especially vulnerable to such techniques. “Those that do not have access to the vaccine will want to get hold of it through whatever means,” he stated.
In this increasingly dangerous landscape, the need for law enforcement agencies to work across borders and with multiple private entities has grown substantially. Honan-Burney said that “criminals frankly don’t care where we’re located, they don’t care about geographic borders and they don’t care about where their victims are or where their infrastructure is except for is it effective.” She continued: “So, to a certain extent, we have to do the same thing, and say it doesn’t matter that I’m sitting in the US, the actor is in Nigeria and the victims are around the world; we have to work together.”
Jones agreed, highlighting that the investigation of cybercrime often requires law enforcement agencies to gain access to data from numerous different organizations. “You might have one company that only sees one small part of it and we have to start aggregating that,” he explained.
Private companies working with law enforcement in this way is still a relationship that requires fine-tuning, and Honan-Burney noted that each have different goals which can create “friction” at times. For example, a primary goal of Microsoft is to ensure users have safe access to technology, and this sometimes means the company proactively takes down infrastructure used by criminals. “That methodology also means we are taking things that law enforcement would use to collect evidence,” she admitted.
Nevertheless, she believes co-ordination now between companies like Microsoft and law enforcement is improving, as there is growing recognition of the importance of bringing cyber-criminals to justice to enhance digital security over the long-term. “That criminal goes on to perpetrate crime, so I am more than happy that we do appropriate criminal referrals so that we can help,” commented Hogan-Burney.