Friday, 17 December 2010

Crowd sourcing the fight against cybercrime? | Naked Security

Crowd sourcing the fight against cybercrime?

Facebook logoOver 30,000 people are part of the Sophos community on Facebook. Why not join us on Facebook to find out about the latest internet and Facebook security threats. X

Twitter logoHi fellow Twitter user! Follow our team of security experts on Twitter for the latest news about internet security threats. X

YouTube logoDon't forget you can subscribe to the SophosLabs YouTube channel to find all our latest videos. X

RSS logoHi there! If you're new here, you might want to subscribe to the RSS feed for updates. X

Filed Under: Law & order

Rob WainwrightThe European Union (EU) is examining a plan to use "crowd sourcing" to fight internet crime, allowing members of the public to connect directly with police and report internet security attacks and online scams.

The BBC is reporting that the millions of computer users across the EU could be galvanised into joining the fight against cybercriminals, with all data about internet crime collected and "reported online at a national level, in a harmonised way across the EU."

Those are the words of Rob Wainwright, director of Europol, who briefed a Lords EU sub-committee on plans for a European centre to fight cybercrime.

"For the first time the EU will have a comprehensive overview of reported cybercrime from within its own borders and this could even include, in the future, a component of direct engagement with the public," the BBC reports him as saying.

Certainly, greater co-operation between the various computer crime authorities in the 27 EU member states is no bad thing, and you can imagine the advantages that would bring in hunting down those responsible for sometimes complex and sophisticated crimes.

EU flag
But I have to throw in a note of caution about the idea of members of the public scouring the net for evidence of cybercrime.

Although done with the best of intentions, I would hate to imagine that members of the public inexperienced in the ins-and-outs of computer security would become "Digital Miss Marples", attempting to uncover wrongdoing on the net.

Let's not forget that internet crime is often a more serious business than the graffiti, littering and dog fouling crimes that many neighbourhood watch schemes can deal with on a regular basis. Surfing from website to internet forum, piecing together clues to send to the police may in itself expose your computer to threats - such as malware infection or identity theft - unnecessarily.

Furthermore, with those behind internet crimes being no longer disaffected teenagers but serious hardcore criminals, you best watch out if they find you poking them with a stick.

Yes, I strongly believe that it should be simple for members of the public to report computer crime, but I would urge a note of caution that users also need to be advised to put the security of themselves and their computer as a priority rather than the hunting for clues.

Private industry (such as the computer security industry and financial services) can probably pay an important role in helping the fight against cybercrime, but investigations into using crowd sourcing should not be rushed into before proper consideration of the safety issues are considered.

, , ,

About the author

Graham Cluley is senior technology consultant at Sophos. In both 2009 and 2010, the readers of Computer Weekly voted him security blogger of the year and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which is very cool. You can contact him at gc@sophos.com, or for daily updates follow him on Twitter at @gcluley.

Posted via email from projectbrainsaver