Groups Groups
Powered by TakingITGlobal
TakingITGlobal

Home Home Action Tools Groups Cyber Crime   
select language: 

Project e-Group:
Cyber Crime
Part of project: Cyber Crime
  Login Sign Up

Information Members Messages Documents

Details  Details

Name: Cyber Crime
Description:
Today cyber and organise crime has become the other of the day round the globe and the need to put an end to this criminal act can not be kept aside.

Research shows that people looses millions of dollas daily to cyber criminals and we can not continiue to live with this set of people becouse there are enemies of progress.

All efforts to put this to an end have prove unsucessfull why? becouse even the people fighting the crime are criminals.a typical example of this is a law maker,a member of the Nigeria's National Assembly Hon Moris Ibekwe(Late) who is in the maximum security prisons in Nigeria for an alleged involvment in a fee frud, if a member of a lagislature can be involve in such an ungodly act what do you think the unemploied youth will do? you can see why we shuold emberck on the fight against cyber crime.

We have set out the following majors to fight crime as stated by the INTERNATIONAL
COORDINATION FOR CYBER CRIME AND TERRORISM IN THE 21ST CENTURY

It is our collective responsibility to follow this steps

Page 1

International Coordination for
Cyber Crime and Terrorism in the 21stCentury1

International Coordination forCyber Crime and Terrorism in the 21stCenturyIntroductionThe need for international technical coordinationNetworked information systems are being rapidly adopted by governments and businessesworldwide to improve communications, operational control, and – ultimately – competitiveness.Reliance on these systems, especially where the Internet exists as the primary infrastructure, islikely to increase. It is a complex technical and political task for nations and their commercialenterprises to protect information assets and ensure that critical operations continue even ifattacked. The growth of world markets and an increase in transnational mergers only serve tocompound this complexity.As it stands today, the Internet is vulnerable to attack. The attacks are hard to prevent and respondto, and the perpetrators often go unidentified. The Internet can be abused and misused, to thedetriment of all legitimate users and only to the benefit of those with malicious intent. Withoutsteps to make the Internet a safer and more reliable environment, the operation of our criticalinfrastructures will remain at risk. An international effort is required to improve the general stateof information technology or computer security because with shared risks comes sharedresponsibility for protecting information and the technology for its storage and transmission.Governments are recognizing the need to protect their information and critical infrastructures inresponse to these threats and are responding accordingly. Some governments recognize that it isnot sufficient to address only the local or national aspects of safeguarding information and criticalinfrastructures. Because attacks against the Internet typically do not require the attacker to bephysically present at the site of the attack, the risk of being identified is significantly reduced.Besides the technological challenges this presents, the legal issues involved in pursuing andprosecuting intruders adds a layer of difficulty as they cross multiple geographical and legalboundaries. An effective solution can only come in the form of international collaboration.In the United States, for example, Presidential Decision Directive 63 (a white paper on criticalinfrastructure protection) states, “Addressing these vulnerabilities will necessarily requireflexible, evolutionary approaches that span both the public and private sectors, and protect bothdomestic and international security.… The Federal Government shall encourage internationalcooperation to help manage this increasingly global problem.”In the area of law enforcement, the Internet constitutes a new patrol area in many respects. Unlikejurisdictions based on national and political borders, the digital information infrastructure doesnot have a central location in the physical world. So not only is responding to attacks difficulttechnically but also many of the accepted methods for practicing law enforcement are ineffective.Recent G8 (Group of Eight Advanced Industrial States) and OPEC (Organization of PetroleumExporting Countries) activities are examples of increasing recognition of this international need.The problems that we must address to improve our critical information infrastructures require theinvolvement of diverse parties including governments, policy and lawmakers, law enforcement,
--------------------------------------------------------------------------------
Page 2

International Coordination for Cyber Crime and Terrorism in the 21stCentury2

Software vendors, the research community, and practitioners such as FIRST (Forum of IncidentResponse and Security Teams) members who have experience responding to computer securityincidents. Attempting to address the problems in one group without input and feedback from theothers is likely to result in flawed or incomplete solutions. Last year draft U.S. governmentlegislation (the Digital Millenium Act) resulting from the World Intellectual PropertyOrganization (WIPO) treaty resulted in a flurry of panic throughout the Internet securitycommunity. Practitioners, researchers, software vendors, and incident response teams realizedthat aspects of their work that address security flaws to reduce risk to our critical infrastructuresmight become illegal under the proposed legislation. This was clearly not the original intent of thetreaty or the resulting legislation. This is just one example of the urgent need for ongoingcommunication among policymakers, technologists, and others to ensure that future policies andagreements on a national and international scale are practical and effective.Information exchange and interaction among many parties is paramount to producingcomprehensive and practical approaches and solutions to the complex problems faced. Simplybringing parties together is not enough. We need to consider the issues that must be addressed tosupport a global incident response effort and to reduce the likelihood, number, and extent ofcomputer security incidents.Current difficultiesMany network protocols that now form part of the information infrastructure were designedwithout computer security in mind. Without a secure infrastructure, it is difficult to avoid securityproblems and resolve computer security incidents. The combination of rapidly changingtechnology, rapidly expanding use, and new, often unimagined uses of the informationinfrastructure creates a volatile situation in which the nature of threats and vulnerabilities isdifficult to assess and even more difficult to predict.It is inexpensive (the cost of a personal computer and Internet access), quick (less than a minute),and easy (using freely available intruder tools) for anyone to launch attacks against our criticalinformation infrastructures. Conversely, it is expensive (international effort and funding), long-term (research, development, and deployment), and complex (technically and politically) to takethe steps needed to harden the information infrastructure to make it less susceptible to attack, andto enable us to respond more effectively and efficiently when attacks do happen.In general, incident response and computer security teams consist of practitioners andtechnologists who have a wealth of operational experience but lack authority to make policy andsecurity decisions in their organizations. They also may have limited funding and lackprofessional recognition. This has negative consequences; a given team’s organization may notallow enough staff to respond effectively to security incidents. Similarly, a team may not havesufficient authority to influence and ensure improved computer security and comprehensiveresponse. Moreover, at this time, there is no infrastructure to support a coordinated globalincident response effort, although there are a few components in place that can form the basis ofthis infrastructure.A variety of issues must be addressed when considering how to promote an effective globalincident response infrastructure. These include discussions about which organizations willcoordinate and participate in the development effort, how current groups and forums can fit theirmission and objectives into an agenda to create a global infrastructure, and what possiblestructures and mechanisms might be required and effective in the future.
--------------------------------------------------------------------------------
Page 3
International Coordination for Cyber Crime and Terrorism in the 21stCentury3The Melissa Virus attack underscores the lack of such a global response structure for incidentresponse. Because individual teams focused on their individual or national response needs, therewas no operational global response effort. Although the FIRST played an essential role in theearly identification of the problem and was able to notify others (due to early reports sharedamong its member teams), it has no operational mission or funding and so was unable to facilitatefurther response.A recommended approachIn recommending an approach to handling the problems of today, we propose a global role for theincident response and security teams. These teams should use the strength of their technicalcoordination today to link to the international organizations aimed at tracking trends and activityof cyber crime and terrorist groups. Possible ways of achieving this are outlined in this paper.In the computer security incident response community, we have been successful at resolvinginternational incidents where the following elements were in place:• A common terminology between parties involved in the incident to includeidentification of the intruder’s M.O., the technical attack details, and identification ofthe targets• An understanding of the common and conflicting societal issues surrounding theincident• Detailed knowledge of the relative technical skills of all parties involved in resolvingthe incident• Up-front agreements on how incidents of a variety of types will be handledFor all of these recommendations contained in this report, use of a bottom-up approach willprovide the best implementation in the short-term and allow additional experience in workingcyber terrorism and cyber crime issues internationally. In addition, support from decision makersin the international community is required to support these activities.It should be noted that this recommended approach is not necessarily dependent on internationalagreements or treaties between governments. While these agreements can assist in the formalidentification and prosecution of parties perpetrating cyber crimes and terrorism, it is thetechnical cooperation that is necessary to make the identification possible. Today, thatcooperation is not available at the cyber-technical level but only at the national intelligence level.Current Practice for International CoordinationIn this section, I will address the technical coordination of international computer securityincidents and the basis for this coordination. The structure will address first reports of computersecurity incidents where the victim is well defined, then move into the sharing and analysis ofindications and warnings. Other sections will discuss the emerging technical threats and how theyare communicated, followed by one of the biggest technical challenges today – the tracking andtracing of cyber intruders.Computer Security IncidentsToday, computer security incidents are reported to regional or national response teams.Frequently these reports are motivated by a desire to patch any vulnerabilities that were used toenable the attack and not by a desire to determine either the international scope or uncover theintruder. An exception is when the target is a government or other potentially sensitive site wherethe response depends on knowing the origin of the attack. In this case, the tracking of the
--------------------------------------------------------------------------------
Page 4
International Coordination for Cyber Crime and Terrorism in the 21stCentury4individual is frequently turned over to the foreign office or other international relations office forthe coordination necessary to track the intruder.Information communicated in computer security incidents is controlled by the direct participationof the regions involved in the incident. For example, if an American university is attacked and itis found that there are log files pointing to a system in Europe, the CERT/CC will contact theappropriate team in Europe and share information that will help it resolve the incident on its end.They will not in general share this information with the entire response community in order tomaintain the confidentiality of the attacked site involved.Similarly, if vulnerability information is discovered in the process of resolving an incident, thisinformation is shared with the vendor responsible for fixing the problem, but the specific victiminformation is not shared unless the attacked site gives permission and wishes to be in directcontact with the vendor of the software containing the vulnerability.Indications and WarningsFrequently information is reported to incident response teams where there is not a specific victimor computer security incident but rather an indication that some activity may be ongoing in someother part of the community. There is currently no standard way of sharing that information,although sometimes this information is posted to a shared list of FIRST members. This is one ofthe main areas that needs drastic improvement in the future in order to effectively process cybercrime and terrorist indicators that may be detected within the incident response community.Emerging Technical ThreatsThe sharing of emerging technical threats is one of the best achievements of late. Today, theFIRST organization sponsors technical forums on a periodic basis to discuss recent developmentin technical threats and vulnerabilities. While this is a valuable meeting for the incident responsecommunity, it is not open to other international experts to relate the technical trends to political orother international trends.Track and Trace for IntrudersOne significant problem with the tracking of malicious activity to its origin is that it requires thecooperation of many independent administrative domains operating internationally. This makesthe creation of a universally acceptable technology solution unlikely (e.g., modification of thecomputer protocols and services to automatically identify the point of origin). Thus a reasonableapproach to track and trace today is the combination of technically experienced personnelworking with these administrative domains to gain their cooperation voluntarily to trace backmalicious activity to the actual threat behind the activity.With the volume of information gathered by the CERT/CC and other international responseteams, it is likely that the network of these incident response teams will provide the best start totracking the activity of intruders and other malicious cyber activity to determine the point oforigin. While this can never be a guaranteed activity, putting together all of the internationalevidence related to a malicious activity will provide the best cyber evidence of this point of originand perhaps help to distinguish between domestic and international threats.In addition to the information gathered by incident response teams, the CERT/CC has a uniquerelationship with many of the Internet Service Providers (ISPs) and network operation centersthat enable the CERT/CC to work with both victims and transport providers to track specificactivity to its immediate point of origin. Then with its reputation of impartiality, the CERT/CC
--------------------------------------------------------------------------------
Page 5
International Coordination for Cyber Crime and Terrorism in the 21stCentury5can frequently work with the administrators of these sites to trace back the activity one stepfurther to attempt to find the true place of origin.Recommended Approach for International CoordinationExpanded FIRST roleThere is an urgent and ongoing need to provide a global infrastructure to provide a fast, effective,and comprehensive response to computer security incidents on a local, national, and internationalscale. At this time, there is no infrastructure to support a coordinated global incident responseeffort.The need for an international forum to respond to computer security incidents was recognized inthe early 1990s and resulted in the formation of FIRST. Today, FIRST consists of more than 80incident response and security teams from 19 countries and provides a closed forum for theseteams to share experiences, exchange information related to incidents, and to promote preventiveactivities. Although other teams exist that are not yet FIRST members and new teams arecontinuously being established, for years to come there will not be enough teams to address thegrowing need for global incident response. Additionally, FIRST as it exists today is a voluntaryorganization with no operational element. As such, it provides an introduction service andmeeting place for teams to establish trusted interactions, but it is not currently able to provide thenecessary coordinated global effort or meet other needs, such as a more open flow of sensitiveinformation and close collaboration to respond to widespread events.Among the challenges to expanding the role of FIRST are lack of appropriate policies andprocedures, lack of formal agreements, and the difficulty of gaining entry into the incidentresponse community.Establishing policies and procedures. The pioneer computer security incident responseteams, formed in the late 1980s, were faced with defining their own appropriateoperational guidelines with little or no experience on which to draw from. It has takenyears for these now-established teams to develop comprehensive policies and proceduresfor their internal operations. Today, newly forming teams are not much better off than theearly pioneers were, as little documented guidance is available.Moreover, this same community as a whole is still sorely lacking in the area of policiesand procedures to support operations among teams. The progress being made in this areais limited and slow. It is mostly limited to a few isolated groups of incident responseteams who work together regularly and have a business need to reach agreement.Progress typically comes to a halt when teams become overwhelmed by the number ofissues that need to be addressed before they can reach agreement–such as no commonagreement on terminology, definitions, and priorities.Forming cooperative relationships among teams. Currently, many teams agree tocooperate based on trust alone; they have no supporting contractual agreements toprovide the foundation for their interactions. In fact, it is even more complex than that, asin some cases trust has been developed between individuals from given teams. So whentrusted individuals leave those teams, the trust relationship may go with them. This canpotentially result in the isolation of teams that were once part of a cooperative incidentresponse community. Additionally, the information communicated between two teamsduring an incident is not well defined. The extent of the information might depend on
--------------------------------------------------------------------------------
Page 6
International Coordination for Cyber Crime and Terrorism in the 21stCentury6who is involved, their experience with the other team involved, and the specific staffmembers who are interacting.Gaining entry to the incident response community today can be a difficult and lengthyprocess. The community is ready to embrace new members, but it is wary of interactingwith new teams unless an existing member of the trusted community can vouch for them.As a result, some new teams are in a “Catch-22” situation – wanting to contribute butneeding to gain acceptance and mentoring from an existing member of the communitybefore they can begin to gain broader acceptance. As most teams have no charter orfunding to act as mentors to new members of the community, finding a mentor andintroducer is not an easy task.Moreover, because there is no formal mentoring process for new members of thecommunity, the guidance given to new teams can vary widely depending on theexperiences and time available from their mentoring team. As a result, the incidentresponse community expands at a much slower rate than is needed, and the teams operatewith a widely varying set of operations and standards. The community needs to ensureand adopt a sponsorship process that doesn’t depend on the good will of individual teamsand ensures that each team meets an agreed-upon minimum level of operationalstandards.Today’s approach is not reliable, does not scale, and it must be made more effective. It iscritical to have a global response infrastructure to replace a less reliable system based ontrust between individuals with a reliable and effective system based on globalunderstanding/agreement.Providing security information to constituents. Local response efforts dedicated toindividual communities (based on geographical location, organizational entity, serviceprovided, or other criteria) are imperative to ensure that we all have incident responseservices that are appropriate for our needs. Each community has its own specific needs toaddress including: technology base, language, time zone, and legal jurisdiction(organizational, local, national, and international). However, the need for local responseefforts does not eliminate the need for communication on a broader scale. Intruders areinternational in their movements and activities and so we must pool our responseactivities to ensure that we can respond appropriately.For example, only a small percentage of the current incident response communityresearches and generates original source material for security advisories and alerts thatadvise the community on preventing and recovering from ongoing intruder threats.Presently, the members of the incident response community as a whole are adept attailoring this source material to best suit the needs of their constituents and redistributingthe modified material through local distribution channels. The community is continuingto improve the quality of and the speed at which information in these alerts is provided.Communication channels must continue to broaden to reach additional stakeholders. Aglobal incident response infrastructure would continue to provide support for andenhance these rapid alert mechanisms.The limitations of FIRST were evident during the Melissa Virus. FIRST asked its membershipabout the impact of the virus on their constituency to produce a global view of the activity.Because of the voluntary nature of FIRST and FIRST’s lack of funding, it took almost four daysfrom the initial activity report to solicit and receive status reports and generate the global activity
--------------------------------------------------------------------------------
Page 7
International Coordination for Cyber Crime and Terrorism in the 21stCentury7summary. Even so, the resulting summary provided a global perspective of the geographicalimpact and spread of activity.A global incident response infrastructure would be the most effective way to facilitate responseand to ensure that information is exchanged securely. This approach helps to ensure that responseis effective, reliable, and timely.Information exchange and interaction among entities is paramount to producing comprehensiveand practical approaches and solutions to the complex problems faced. Again, bringing partiestogether is not enough. We need to consider the issues that must be addressed to support a globalincident response effort and to reduce the likelihood, number, and extent of computer securityincidents.Although FIRST has been effective at supporting incident response activities that crossorganizational and national boundaries, it currently lacks the structure, formality, funding, andoperational mission to support either a coordinated global effort or other needs such as a moreopen flow of sensitive information and close collaboration during widespread computer securityevents. The FIRST organization could potentially fulfill an expanded role. To improve andmaintain information technology, network security, and ensure the survivability of theinformation infrastructure, it is essential that we strengthen its ability to do the following:• Cooperate globally to monitor the state of computer security• Identify trends in intruder activities and system and network vulnerabilities• Provide information that enables the public and private sectors worldwide to gauge theircomputer security risks• Help these sectors determine their priorities for addressing these risksBelow we outline three possible models for implementing a global infrastructure for incidentresponse:1. A Global Coordination Center2. International Time Zone Coordination Centers3. National Coordination Centers
--------------------------------------------------------------------------------
Page 8
International Coordination for Cyber Crime and Terrorism in the 21stCentury8A Global Coordination CenterA natural model to consider is the establishment of a single center to coordinate global responseto computer security incidents. At least a two-level hierarchy would be established, with theglobal coordination center at the top level and the rest of the infrastructure at one or more lowerlevels.While conceptually this sounds like a clean and simple approach, it is fraught with practical andpolitical issues. We will only address here what we consider main “show-stopper” issues.Experience has shown that it is insufficient to designate a component of the incident responseinfrastructure and expect it to succeed. To be successful, a component must gain constituency,recognition, and trust. It is unlikely that any one organization (of any form) could be establishedthat could gain the global recognition and trust of every nation in the world. As a result, a singleorganization providing a truly global coordination service is not a viable option.International Time Zone Coordination CentersAnother frequently discussed model is the establishment of a number of internationalcoordination centers located in different time zones around the world to coordinate response tocomputer security incidents around the globe. If these centers were run by a single organization,the result would be the same as the global coordination center described above. So this modelneeds to be viewed from a different perspective. The centers would act as peers and coordinatetheir efforts, but each would be separately operated and run. This also would result in at least atwo-level hierarchy being established, with the international coordination centers at the top leveland the rest of the infrastructure at one or more lower levels.The community has some practical experience in establishing, funding, and operating suchcenters both in the USA (the CERT/CC coordination role) and in Europe (the EuroCERTcoordination role). The discussion of the issues below are based on lessons learned from thoseexperiences. The role is one of coordination in response to incidents and events and not one ofoperationally handling incident and events.It is important to note that national teams have resisted the suggestion that a coordination team fora continent might take over the operational mission for a region. They believe that the operationsshould stay within the team, close to the constituency, where the funding is and where thelanguage, culture, and laws are understood. However, in some instances national funding bodieshave given funding to EuroCERT instead of to the national team, falsely believing theinternational coordination entity would be a substitute for any national incident handling effort.The impetus for a European coordination center resulted from the recognition that limitedcoordination among European teams was taking place and also from a general feeling that acoordination center located in Europe (rather than the USA) was needed for practical reasons(such as time zone, culture, and knowledge of the operating environments of the Europeanteams). After a number of meetings by teams in the region, a project was initiated to establish aEuropean CERT Coordination Service.Experience has shown that although it is possible to provide an operational incident responseservice on a national or international basis, provision of a multinational or global operationalservice has so far been unsuccessful. The reasons for this include the following:
--------------------------------------------------------------------------------
Page 9
International Coordination for Cyber Crime and Terrorism in the 21stCentury9• Funding. Nations fail to recognize the need to fund both a national service and aninternational one. The funding source of an incident response team has great influence onhow that team will be perceived and trusted both nationally and internationally.• Authority and balance of power. Nations want to be responsible for their own needs and donot necessarily want a coordination center for the continent becoming privy to their data.Additionally, hostility between nations in the same geographical region will inhibit orprohibit cooperation. The role of a continental coordination center brings responsibility,prestige, and recognition. As a result, many countries may want to take on the role, making ithard to reach agreement. As previously discussed, trust and respect must be earned; theycannot be designated or delegated. There must be consensus and buy-in on the location andhost of the continental coordination center. It is not something that could be moved fromcountry to country on a rotating basis.For the reasons described above, even if sufficient international coordination centers did existto provide global coverage, they would not hand off responsibility for activities within theirown constituency to another such coordination center. Effective collaborations betweeninternational coordination centers could not be enforced, and recommended guidelines couldbe set for inter-international coordination center collaboration. But as with any incidentresponse team, if the centers themselves do not have mutual trust and respect, interactionswill suffer.• Issues of scale . Organizations have yet to address the practicalities of scale when trying todig through a huge volume of data resulting from a global influx of information. Whenproviding coverage for more than one country, cultural and language issues come into play(this can be an issue even within a single country). In the incident response field, it is vital toensure that all parties involved understand what is being communicated. It is unreasonable toexpect that each international coordination center would hand off coordination responsibilityfor activities relating to its constituency to another international coordination center. As aresult, to be effective, each international coordination center would need to provide a basiclevel of services on a 24/7 basis. There are a number of practical issues that must beaddressed when dealing with multiple time zones (such as shifts and coverage). It is hard totransition work from one time zone to another as the day passes around the world. Suchtransition will invariably result in loss of both continuity and productivity due to any “ramp-up” during the hand-off.Although many coordination centers exist, truly multinational ones struggle to address thepractical issues of providing operational service to a global community. We do not consider thisto be a viable approach to address global incident response needs. However, if some nations canreach agreement and establish one or more international coordination centers, then these canparticipate as components in a global incident response infrastructure.National Coordination CentersThe number of national teams is continuing to increase, and many other existing and newlyforming teams have constituencies that fall within national boundaries. National boundariesprovide a demarcation for policies, procedures, and jurisdiction for information exchange; thus,they provide an excellent opportunity for coordinating on a national level.
--------------------------------------------------------------------------------
Page 10
International Coordination for Cyber Crime and Terrorism in the 21stCentury10This approach is based on having every nation establish a national coordination center. Thismodel is not as clean an approach as the first two and has its own limitations (described below),but it has more potential to achieve global coverage. Although these components need onlyprovide a coordination effort, the centers might also undertake an operational incident-handlingrole, depending on the size of the nations involved.One limitation of this approach is that there are teams (other than international coordinationcenters) that provide services to constituencies that cross national boundaries (incident responseteams for multinational corporations). For this and other reasons, it makes sense to consideradditional coordination boundaries to support such cases; coordinating centers might exist forteams with similar needs, such as those within the banking or telecomm communities. This wouldresult in at least a three-level hierarchy. This hierarchy could be made flexible enough to enableteams, as appropriate, to be served directly by a coordination center without the need for nationalcoordination. Issues to be addressed within this model include the following:• Funding sources. Funding will come from different sources and will be dependent on thefunction provided by the team, the constituency served, and the team’s position in thehierarchy. Participating teams will need to seek their own funding sources to support them asan infrastructure component.There is potential for funding from role two to provide support for infrastructure componentsto conduct sensitive/closed discussions. From an operational perspective, it would be possibleto seek funding for groups of infrastructure components to collaborate and to provide fundingfor national/multinational organizations to develop tools and services to support theinfrastructure (but not to run it).• Authority and balance of power. Determining how to appropriately position a given team inthe hierarchy can be addressed by a combination of approaches. In some cases, this will occurbottom-up because there will be components that do not wish to provide the funding toperform a coordination role. Some teams that gain the trust and respect of others maynaturally find themselves being recognized in a coordination role. In other cases, the level inthe hierarchy will result from existing organizational structures. However, recognition ofnational teams themselves will result not only from national designation, but also frominternational recognition. Until base standards are recognized in this area, the situation willremain complex and problematic. Many existing “national” teams are not truly nationalbecause their constituencies do not officially extend to a nation but, instead, to nationalacademic and research networks.A neutral arbitration service will be necessary for the discussion and resolution of disputesbetween incident response teams at all levels. We suggest that this service be provided by theprofessional society component of role two.• Issues of scale . For large-scale events that affect a significant number of sites across theworld, this approach can become complex without a single team taking on the coordinationeffort for the event. Agreeing to allocate the coordination role “on the fly” would not beproductive or efficient. It might be appropriate to identify and recognize a number of teamsthat are willing and able to take on such a role in advance.• Organizational requirements . With such a large number of nations around the globe, ahigher tier of coordinating teams will need to exist for this approach to work effectively. This
--------------------------------------------------------------------------------
Page 11
International Coordination for Cyber Crime and Terrorism in the 21stCentury11higher tier is likely to evolve from a limited number of international coordination centersbecoming established for small groups of cooperating nations and other coordination centersrepresenting specific interest groups and industries. In reality, we will have a web of incidentresponse teams that have the flexibility of coordination on a number of levels.Although this approach is not ideal, it may be the only possible approach that can be implementedon a global scale. There needs to be a way of reaching agreement on some of the issues describedabove before this could be implemented. A major hurdle that the infrastructure will need toovercome is the minimum level of standards that all participating can agree to from the outset.Non-technical forum for discussion of societal trends and differencesAnother important recommendation is to create non-technical forums for discussion of trends andintelligence information that is important to the incident response, cyber crime, and cyber-terrorism communities. This forum would be designed to link political and social trends totechnical activity in order to obtain a global picture of cyber activity.ConclusionsOur critical information infrastructures and the government and business operations that dependon them are at risk. We share the responsibility to improve Internet security and coordinateeffective international global response to computer security incidents and events. To besuccessful, we must ensure participation and cooperation among governments, law enforcement,commercial organizations, the research community, and practitioners who have experience inresponding to computer security incidents."

Let's join our hands together and fight cyber crime


Send a message: ngryfcybercrime@groups.takingitglobal.org
Subscribe: ngryfcybercrime-subscribe@groups.takingitglobal.org
Unsubscribe: ngryfcybercrime-unsubscribe@groups.takingitglobal.org


Messages   Messages

Subject Sender Date
This group does not yet have any messages.


Documents   Documents

Document adv01.gif [8 kb]

1 Documents view all


Tagging  Tags


You must be logged in to add tags.

Subscription Settings  Subscription Settings

This group is used by a project, Cyber Crime, to communicate with project members. You must join the project to be part of the group. Click here if you wish to continue!


Members  Members

Administrator NIGERIA GRASSROOT YOUTH FORUM(NGRYF) (Nigeria)
- abolaji timothy (Nigeria)
- Adeniji Olamilekan (Nigeria)
- sharwani (Nepal)
- Madison Isabella (United States)
- amazingmodels (India)
- Jessica Riddell (United States)
- Dalene Valorie (United States)
- brad michael (United States)
- Asuka Kondoh (United States)
- Ayodeji Victor, Bolorunduro (Qatar)
Administrator = administrator
Moderator = moderator
34 Members view all





TIG Groups is a communications tool provided free of charge by TakingITGlobal. TakingITGlobal is not responsible for the content of group discussions.
[ Terms of Service | Privacy Policy | Report a problem ]