Feeds

European conference sets agenda for cybercrime fight

Talking shop calls for tougher domain registration checks

The Power of One eBook: Top reasons to choose HP BladeSystem

The Council of Europe has called for a worldwide implementation of its Convention on Cybercrime to fight the growing problem of economic crime on the web.

During the fifth annual CoE conference on cybrecrime in Strasburg this week, participants spoke in favour of greater international cooperation in sharing existing tools, instruments, best practices and initiatives. The conference also heard calls for improved co-operation between law enforcement and industry (ISPs, IT firm and national CETS).

Delegates also backed requests for ICANN to tighten up domain name registration processes to make life more difficult for spammers and other riff-raff. It was suggested that police ought to able to use the WHOIS database to fight cybercrime, while protecting the privacy of individual registrants - arguably a competing goal.

Russia and China both recently tightened up their domain registration process, requiring photo ID before authorities allocate new domains, for example. The measures have been welcomed by security watchers, even though rumours suggests ID-forging services designed to circumvent the new checks have already emerged in the digital underground.

The conference also considered the security and privacy implications of greater use of cloud-based technology, making a number of recommendations.

In order to meet the law enforcement and privacy challenges related to cloud computing existing instruments on international cooperation – such as the Data Protection Convention (CETS 108) and the Budapest Convention – need to be applied more widely and efficiently.

Additional international standards on law enforcement access to data stored in the “clouds” may need to be considered.

Globally trusted privacy and data protection standards and policies addressing those issues need to be put in place and the Council of Europe is encouraged to continue addressing these issues in its standard- setting activities as well as by the Global Project on Cybercrime.

Eurocrats called for an upcoming UN convention on cybercrime in Salvador, Brazil to adopt Europe's approach as a globally-applied action plan for fighting cybercrime, electronic espionage and related threats.

Council of Europe Deputy Secretary General Maud de Boer-Buquicchio told delegates: “The UN Crime Congress in April 2010 will be an opportunity to reinforce our global response to the global threat of cybercrime and cyberterrorism.

"I think we will have the best chance to succeed if we unite around one international instrument which already exists – namely the Council of Europe Cybercrime Convention.”

A total of 29 countries, mostly European but also including the USA, have ratified the Budapest Convention since its adoption in 2001. Portugal and Montenegro announced the ratification of the Convention at the conference this week while Argentina made a request for adopt the treaty.

Nineteen countries have signed but not ratified the Treaty, including the UK and Spain. The convention provides guideline for any country developing comprehensive national legislation against cybercrime as well as framework for international cooperation.

Around 300 cybercrime experts from some 60 countries took part in the CoE cybercrime conference this week. Topics on the agenda included mapping networks and combating online child pornography, as well as training for judges and prosecutors. Human rights and privacy have already been pencilled into the agenda of next year's conference.

A summary of the main conclusions of the conference and background information on the Council of Europe's cybercrime busting efforts can be found here. ®

Designing a Defense for Mobile Applications

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.