The EU ECENTRE Project: Education as a Defensive Weapon in the War Against Cybercrime

The EU ECENTRE Project: Education as a Defensive Weapon in the War Against Cybercrime

Denis Edgar-Nevill (Centre for Cybercrime Forensics, Canterbury Christ Church University, Canterbury, United Kingdom)
Copyright: © 2013 |Pages: 12
DOI: 10.4018/ijcwt.2013100102
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

Since the EU Cybercrime Convention in 2000 (EU 2001), there has been a clear recognition of the accelerating threats to society posed by those who would exploit computers for crime and the logical progression to cyber-terrorism and cyberwarfare. Since that time the capacity to deal with cybercrime (crimes involving the use of computers) has improved but the problem has grown alarmingly. The European Commission recognises the increasing threat of cybercrime and has committed significant research and development funding in seeking to protect the community from cybercrime and cyberwar. This paper discusses a new European Commission funded project ECENTRE – England's Cybercrime Centre of Excellence Network for Training, Research and Education. On 20th December 2012 the European Commission signed the €0.935million (£760,000) contract for the project. The contract is awarded under the Programme Prevention of and Fight against Internet Crime Targeted Call – ISEC 2011 Action Grants– Project Number HOME/2011/ISEC/AG/INT/4000002226. The author is the Project Manager and Principal Investigator for the project. ECENTRE forms part of a wider European network of centres of excellence to share expertise, promote best practice and provide training opportunities for law enforcement across the EU. The challenges in establishing effecting cooperation and sharing are discussed. The considerable problem of keeping pace with the fast-developing, complex, problem posed by threats to national infrastructure, organisations and individuals is examined; highlighting the role of education as a fundamental weapon in the fight. The more we know about a threat (real or potential) – the better protected against it we become.
Article Preview

1. Cybercrime, Cyberwar And Cyber Terrorism

Cybercrime and Cyberwar are inextricably linked. Given Cyberwar is usually covert in nature, it’s not really clear who is being attacked by whom, or if the aggressor is a national government, organisation, private group or individual.

For example, major attacks were launched on US military installations by a British lone hacker, Gary McKinnon, shortly after the 9/11 attacks in New York. Amongst a number of attacks on NASA and military targets he deleted military armaments logs at the US Earle Naval Station; bringing down the network of over 300 computers used to resupply the US Navy Atlantic Fleet (Law Lords Department 2008). Because the Internet makes hiding your identity possible, we cannot be sure who is on the other end of the line. Even if an attacker declares who they are we cannot be sure. This also allowed governments to conduct operations against enemies and espionage hiding behind a cloak of anonymity. In some cases we can infer the culprits by the level of sophistication of the attack. The release of the Stuxnet Worm, for example, has been considered to be the product of a nation state simply because of the complexity of ideas the software makes use of (WikiDot 2013). When considering the attacks by groups calling themselves the “Iranian Cyber Army”, “Pakistan Cyber Army”, “Indian Cyber Army”, “Indian Cyber Warriors”, “China’s Cyber Army” we cannot be sure if any or all are state sponsored or how many individuals are involved.

All attacks can be considered as manifestations of cybercrime with different levels of severity (Figure 1).

Figure 1.

Levels of cybercrime

The recorded rates of computer crime and in particular, Internet-based Cybercrime, is growing at a staggering rate in the European Union and across the rest of the World (SDI 2012; Paganini 2012). The ability of governments, intelligence agencies and police forces to cope with this tidal wave is very limited. In the last few years we have seen a lot of money being committed to establishing national, CERT teams (Cyber Emergency Response Teams; EU 2011; AMEinfo 2012; TTOI 2012; CERT Australia 2013), Cyber Commands (US 2013; Gilad 2012; Segal 2011; Leyden 2011) or Cyber Militias (Arsene 2012; Segal 2012). The scale of financing, running into many billions of dollars, sounds impressive but must be countered with the scale of the problems being faced. Where such expenditure is strictly for defensive measures it’s difficult to test value-for-money unless attacks occur.

The readiness of governments to spend in this area has led to the development of proactive warfare weapons where something directly tangible is produced. Certainly the revelations about the nature and extent of information surveillance by intelligence agencies, revealed by whistle-blowers such as Edward Snowden, continue to draw criticism from prominent figures (BBC 2013). The readiness of the General Public to allow such intrusions has an important effect. The 9/11 attacks caused the population to accept a greater level of intrusion as a price of achieving greater security. However, the extent to which this has been progressed by some governments in the last decade has shocked many and the recent revelations have required explanations and justifications. The recent televised appearance for the first time of the heads of MI5, MI6 and GCHQ Cheltenham before the UK Government Intelligence and Security Committee (BBCa, 2013) was unprecedented in giving an insight into the motives and actions of security agencies to justify their £2billion annual budgets.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 7: 4 Issues (2017)
Volume 6: 4 Issues (2016)
Volume 5: 4 Issues (2015)
Volume 4: 4 Issues (2014)
Volume 3: 4 Issues (2013)
Volume 2: 4 Issues (2012)
Volume 1: 4 Issues (2011)
View Complete Journal Contents Listing