International body needed to fight cybercrime

MANILA, Philippines -- The proliferation of cybercime highlights the need for a global participation to address the problem.

According to Derek Manky, Global Security Strategist of network security firm Fortinet, a global participation is the "best approach" in putting a dent to cybercrime which continues to expand in scope and impact.

"We need an international body that can mediate disputes and dispatch resources to share information about cybercrime trends," Manky said.

He added that a central reporting and information-sharing channel between the private and public sectors are also needed.

"Through collaborative global efforts and organizational commitment to deploying aggressive multi-layered security policies, the cybercrime epidemic can eventually be contained," Manky said.

The executive said such kind of information sharing that exists today is the Forum of Incident Response and Security Teams (FIRST) that began in 1990.

Manky said that in law enforcement, varying jurisdictions and laws complicate the prosecution of cybercriminals,  and FIRST  helps to address this problem through collaboration.

"Unfortunately, many attacks are handled outside this forum and ad-hoc crime fighting groups seem to pop up like a game of whack-a-mole. It is apparent that the best way to take a chunk out of cybercrime is attacking its Achilles heel, going after the cash flow itself," he said.

"The best targets would be affiliate programs − the cash cows that pay out commission and rewards to hired affiliates, infantry who carry out malicious attacks. If the well dries up, so will the rest of the food chain."

Given the ubiquitous adoption of cloud computing, social networking, BYOD (bring your own device), and mobile communications, Manky said cyber criminals  have unprecedented reach across and into more organizations, databases, desktops and mobile devices than ever before.

Infrastructure advances and the enormous number of avenues for attacks are giving cybercriminals a smorgasbord of attack vectors to choose from.

Manky said to capitalize on these opportunities, cybercrime syndicates use recruiters to attract new "talent" via fully realized Web portals, many of which protect them with disclaimers such as, "We do not allow spam or other illicit methods for machine infection." This is a method of passing off legal responsibility to the hired "infantry" while providing the necessary malware needed to execute a full-fledged infection campaign.

"So, where does this leave us? Practically speaking, the most effective way to secure a business from crimeware is from the inside out. Organizations need to take matters into their own hands to proactively prevent the spread of cybercrime among its employees, partners and customers," he said.

What this amounts to is a highly layered security strategy consisting of vital elements that include intrusion prevention, botnet and application control, Web filtering, antispam, and antivirus.

Companies must engage in regular accounting of digital assets and assessment of potential security flaws. Organizations must aggressively educate users about security best practices while implementing enforceable mechanisms for security policy violations.

"They must also implement an incident response plan – 'what happens if?' It is imperative for companies to work together with security experts in this highly dynamic threat landscape," Manky said.