Fighting cyber criminals is extremely costly and time consuming. New technologies, new software and new hacking programs are continuously being developed, so keeping up with the ongoing innovations of the hacker underground requires significant resources. Not only is research funding in the area of network security insufficient to allow for the knowledge-base to grow as much as it needs to, but there is also an insufficient number of individuals with the skills to develop new security tools and solutions. Few colleges and universities provide in-depth training in computer security and those that provide the curriculum are forced to compete with the private sector for the services of qualified graduates.
Perhaps the most serious challenge faced by investigators is the difficulty of tracing the origin of attacks. It is easy to maintain anonymity on the Internet and computer invaders are experts at camouflaging and falsifying their identity. And, as attacks are often perpetrated using several computers located in a number of different jurisdictions, tracking and pursuing offenders is a daunting task. Because cyber crime often crosses geographic borders, governments are faced with the additional challenge of investigating attacks and pursuing perpetrators in jurisdictions where laws may not punish the attack with the same severity.
Indeed, laws on cyber crime can vary widely from one jurisdiction to another. Even in countries where the legal system recognizes cyber crime as an offence, penalties imposed can be uneven and may not serve as an effective deterrent. As a result, some countries may well become “safe-havens” for offenses and export them around the world via the Internet.
VI. Fighting cyber crime - International Cooperation
Cyber crime respects no national boundaries. Infected programs originating in one country can target and paralyze systems all over the world. Not surprisingly, initiatives for combating cyber crime rely largely on international treaties and conventions.
All concerned should acknowledges the importance of international cooperation in the prevention, investigation and prosecution of cyber crime and it recognizes the need for harmonization of laws so that no country can become a safe haven for cyber criminals. However, in a world where cyber viruses can be propagated worldwide in a matter of hours, the months and years required to draft, debate, adopt and implement international principles and action plans represent a significant impediment to effective action. Cyberspace crime calls for a response mechanism which is just as swift and efficient at reaching its target as perpetrators are at reaching their own.
An additional concern is that countries, in their push to design solutions to the cyber crime issue, may well implement decisions and laws that could encroach on individuals’ rights to anonymity and privacy on the Internet. More importantly, they may also criminalize the exchange of information, along with the research, testing and reverse engineering activities that are vital to the continued development of tools that detect security weaknesses and that inoculate against viruses and other cyber-attack programs.