Feeds

European conference sets agenda for cybercrime fight

Talking shop calls for tougher domain registration checks

High performance access to file storage

The Council of Europe has called for a worldwide implementation of its Convention on Cybercrime to fight the growing problem of economic crime on the web.

During the fifth annual CoE conference on cybrecrime in Strasburg this week, participants spoke in favour of greater international cooperation in sharing existing tools, instruments, best practices and initiatives. The conference also heard calls for improved co-operation between law enforcement and industry (ISPs, IT firm and national CETS).

Delegates also backed requests for ICANN to tighten up domain name registration processes to make life more difficult for spammers and other riff-raff. It was suggested that police ought to able to use the WHOIS database to fight cybercrime, while protecting the privacy of individual registrants - arguably a competing goal.

Russia and China both recently tightened up their domain registration process, requiring photo ID before authorities allocate new domains, for example. The measures have been welcomed by security watchers, even though rumours suggests ID-forging services designed to circumvent the new checks have already emerged in the digital underground.

The conference also considered the security and privacy implications of greater use of cloud-based technology, making a number of recommendations.

In order to meet the law enforcement and privacy challenges related to cloud computing existing instruments on international cooperation – such as the Data Protection Convention (CETS 108) and the Budapest Convention – need to be applied more widely and efficiently.

Additional international standards on law enforcement access to data stored in the “clouds” may need to be considered.

Globally trusted privacy and data protection standards and policies addressing those issues need to be put in place and the Council of Europe is encouraged to continue addressing these issues in its standard- setting activities as well as by the Global Project on Cybercrime.

Eurocrats called for an upcoming UN convention on cybercrime in Salvador, Brazil to adopt Europe's approach as a globally-applied action plan for fighting cybercrime, electronic espionage and related threats.

Council of Europe Deputy Secretary General Maud de Boer-Buquicchio told delegates: “The UN Crime Congress in April 2010 will be an opportunity to reinforce our global response to the global threat of cybercrime and cyberterrorism.

"I think we will have the best chance to succeed if we unite around one international instrument which already exists – namely the Council of Europe Cybercrime Convention.”

A total of 29 countries, mostly European but also including the USA, have ratified the Budapest Convention since its adoption in 2001. Portugal and Montenegro announced the ratification of the Convention at the conference this week while Argentina made a request for adopt the treaty.

Nineteen countries have signed but not ratified the Treaty, including the UK and Spain. The convention provides guideline for any country developing comprehensive national legislation against cybercrime as well as framework for international cooperation.

Around 300 cybercrime experts from some 60 countries took part in the CoE cybercrime conference this week. Topics on the agenda included mapping networks and combating online child pornography, as well as training for judges and prosecutors. Human rights and privacy have already been pencilled into the agenda of next year's conference.

A summary of the main conclusions of the conference and background information on the Council of Europe's cybercrime busting efforts can be found here. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.