One of the largest international consultations into cybercrime has been launched to help governments, law enforcement and businesses get a head start on cybercriminals.
Called Project 2020, the study by the International Cyber Security Protection Alliance and led by its strategic law enforcement partner Europol will analyse current trends in cybercrime and how they may evolve over the next eight years and beyond.
The Threat
The past two years have seen the industrialisation of cybercrime, where criminals can draw on an entire supporting infrastructure of criminal service providers - from web hosting to generating credit card verification data. With more information about all of us on the web than ever before, we also have seen a sharp increase of targeted cyber attacks, so-called spearphishing.
"During the past 24 months, critical infrastructure in countries around the world has been under daily cyber attack from both organised criminal networks and state-sponsored entities," says John Lyons, the Chief Executive of the International Cyber Security Protection Alliance.
Europol expects these threat scenarios to evolve rapidly: Cloud computing services mean that we don't always know to whom we are entrusting our data. The "internet of things" could see the hacking of medical devices and key infrastructure components.
"With two-thirds of the world yet to join the internet, we can expect to see new criminals, new victims and new kinds of threats," says Dr Victoria Baines, Strategic Advisor on Cybercrime at Europol.
The Project
What makes Project 2020 unique is that it will combine the expertise of leading law enforcement agencies with that of the ICSPA's member companies, organisations and professional communities.
The European Commission recently designated Europol as its information hub on Cybercrime and asked the agency to establish the European Cybercrime Centre (EC3). Also contributing to the study will be the City of London Police and the European Network and Information Security Agency (ENISA).
Among the business members joining Project 2020 are payment services firm Visa Europe, the UK's largest home shopping retailer Shop Direct Group, customer insight and fraud prevention services firm Transactis and logistics company Yodel. They will be joined by seven of the world's leading cyber security companies: McAfee, CGI Canada, Atos, Cassidian, Digiware, Core Security Technologies and Trend Micro, who have thousands of experts analysing security issues 24/ 7, all of whom will feed their expertise into the study.
Also participating in Project 2020 are experts from two global professional communities - the International Information System Security Certification Consortium (ISC)2 and the International Association of Public Prosecutors.
"During the past few years increasingly sophisticated and highly targeted cyber attacks have resulted in significant losses - not only financial but also, potentially even more worryingly, of intellectual property in defence and aerospace, oil and petrochemicals, financial services, manufacturing and pharmaceuticals," says ICSPA chief executive John Lyons. "Cybercrime is notoriously difficult to tackle given the international structure and capabilities of some of the criminal networks we see in operation. It used to be inherently difficult to combine international efforts to fight cybercrime; this Project will for the first time, bring together experts globally, with a remit to identify and fix weaknesses in our systems before they come to market."
Project 2020 is set up as an international effort to provide insight into how cybercrime will develop. The project will deliver information and recommendations that raise awareness amongst governments, businesses and citizens to help them prepare their defences against future threats. The Project will deliver policy briefs and white papers on evolving threat scenarios, and establish a monitoring mechanism to assist organisations that combat cybercrime.
"Cybercrime evolves as quickly as technology, and technology develops so quickly that the unthinkable becomes mainstream before we can imagine. Furthermore, criminals today can still surprise us as they move from region to region around the world. We have the groups around the table who can make sure this will no longer be the case," says Europol's Dr. Baines, who will be the Project Director for Project 2020.
T/Cdr Steve Head of the City of London Police explains his Force's reasons for joining Project 2020: "Cybercrime is becoming pervasive in society, threatening the technological, financial and social fabric of developed and developing countries. Confronting and combating it now and in the future presents one of the most difficult and important challenges of our time and can only succeed by the international community working as one. Project 2020 is laying down a blueprint for how this can be achieved and the City of London Police is committed to pooling its own expertise with fellow members to create the systems and policies that will significantly enhance cyber security around the world."
About Europol
Europol is the European law enforcement agency. Our job is to make Europe safer by assisting the Member States of the European Union in their fight against serious international crime and terrorism.
About City of London Police
The world's leading business and financial centre demands a bespoke police force, which is equipped to protect and support this unique environment, and to meet head-on the policing challenges it represents.
About (ISC)²
(ISC)² is the largest not-for-profit membership body of certified information security professionals worldwide, with over 86,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), Certified Authorization Professional (CAP®), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates. (ISC)²'s certifications are among the first information technology credentials to meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information security topics. More information is available at www.isc2.org
About the International Association of Prosecutors
The International Association of Prosecutors (IAP) is the only worldwide association of prosecutors and counts over 147 organisational members and 1,500 individual members. It was set up in 1995 under the auspices of the United Nations in Vienna and is committed to improving international cooperation between prosecutors in order to combat transnational crime - as well as asserting the rule of law, compliance with human rights and ensuring minimum standards for prosecutors on fairness independence and impartiality. The Global Prosecutors E-Crime Network (GPEN) is one of the IAP's specialist networks aimed at prosecutors dealing with cybercrime. Find out about the IAP and becoming a member on its website: www.iap-association.org.
About Singapore's Ministry of Home Affairs (MHA)
The Ministry of Home Affairs (MHA) in Singapore comprises of 7 Departments and 2 Statutory Boards, focused on the shared goal of ensuring the security and welfare of Singapore and her people. The departments under MHA include, the Singapore Police Force, Internal Security Department, Singapore Civil Defence Force, Immigrations and Checkpoints Authority, Singapore Prison Service, Central Narcotics Bureau, Home Team Academy, Casino Regulation Authority and Singapore Cooperation of Rehabilitative Enterprises.
Hord Tipton, the Executive Director of (ISC)2 says: "We applaud this opportunity to not only facilitate consultation but also improve policy development around the world. We will be encouraging contributions from the breadth of our membership who come from government and private business, and will be able to provide insight from the coalface of current practice in the field. The coalition of the international professional communities represented, business leaders and law enforcement at play here is the kind of fighting power we need to secure a healthy future in the digital age."
"Cybercriminals are by nature difficult to police given the trans-national efforts they undertake to evade detection", comments Anthony O'Mara, Global Head of Business Operations, Trend Micro. "We're very pleased to be an active member of the ICSPA working with Europol, governments, industry and business sharing a common goal of sharing knowledge, skills and resources and meeting our company's vision of a World Safe for Exchanging Digital Information. Project 2020 shows that the ICSPA is not just a talking shop, but will challenge business to recognise the need to share beyond their company borders"
Nicholas Cowdery AM QC, former Director of Public Prosecutions of New South Wales, Australia and Chair of the Global Prosecutors E-crime Network (GPEN) says: ''The continuing evolution of cybercrime requires prosecutors around the world to keep pace with criminal initiatives and law enforcement responses, so as to be able effectively to bring offenders to justice. The GPEN platform enables IAP prosecutors around the world to share information and experience, keep abreast of developments and access legal tools for use in prosecutions."
Elizabeth Howe OBE, General Counsel of the International Association of Prosecutors and a Chief Crown Prosecutor of England and Wales adds: 'The IAP is the only worldwide organisation of prosecutors and the association between GPEN and ICSPA will enable us to develop constructive relationships with the IT industry and other law enforcement agencies in the cyber crime field.'
Notes to Editors:
The ICSPA
The International Cyber Security Protection Alliance (ICSPA) is a business led, not-for-profit organisation. The ICSPA (www.icspa.org) chaired by the Rt Hon David Blunkett MP, a Member of the UK Parliament and previous UK Home Secretary, celebrated its first anniversary just this July. Its mission is to enhance the online safety and security of business communities, by helping to deliver resources and expertise from the private sector to support both domestic and international law enforcement agencies and governments in their task of reducing harm from cybercrime. Project 2020 shows how much progress the Alliance has made during its first 12 months. The ICSPA has been growing its membership, started work on its first international assignment in Ghana with the Commonwealth Secretariat's ICT Foundation, Comnet, and - later this year - will conduct a Cybercrime Study in Canada in conjunction with the Canadian Government and the Royal Canadian Mounted Police.
For more information visit www.icspa.org
Called Project 2020, the study by the International Cyber Security Protection Alliance and led by its strategic law enforcement partner Europol will analyse current trends in cybercrime and how they may evolve over the next eight years and beyond.
The Threat
The past two years have seen the industrialisation of cybercrime, where criminals can draw on an entire supporting infrastructure of criminal service providers - from web hosting to generating credit card verification data. With more information about all of us on the web than ever before, we also have seen a sharp increase of targeted cyber attacks, so-called spearphishing.
"During the past 24 months, critical infrastructure in countries around the world has been under daily cyber attack from both organised criminal networks and state-sponsored entities," says John Lyons, the Chief Executive of the International Cyber Security Protection Alliance.
Europol expects these threat scenarios to evolve rapidly: Cloud computing services mean that we don't always know to whom we are entrusting our data. The "internet of things" could see the hacking of medical devices and key infrastructure components.
"With two-thirds of the world yet to join the internet, we can expect to see new criminals, new victims and new kinds of threats," says Dr Victoria Baines, Strategic Advisor on Cybercrime at Europol.
The Project
What makes Project 2020 unique is that it will combine the expertise of leading law enforcement agencies with that of the ICSPA's member companies, organisations and professional communities.
The European Commission recently designated Europol as its information hub on Cybercrime and asked the agency to establish the European Cybercrime Centre (EC3). Also contributing to the study will be the City of London Police and the European Network and Information Security Agency (ENISA).
Among the business members joining Project 2020 are payment services firm Visa Europe, the UK's largest home shopping retailer Shop Direct Group, customer insight and fraud prevention services firm Transactis and logistics company Yodel. They will be joined by seven of the world's leading cyber security companies: McAfee, CGI Canada, Atos, Cassidian, Digiware, Core Security Technologies and Trend Micro, who have thousands of experts analysing security issues 24/ 7, all of whom will feed their expertise into the study.
Also participating in Project 2020 are experts from two global professional communities - the International Information System Security Certification Consortium (ISC)2 and the International Association of Public Prosecutors.
"During the past few years increasingly sophisticated and highly targeted cyber attacks have resulted in significant losses - not only financial but also, potentially even more worryingly, of intellectual property in defence and aerospace, oil and petrochemicals, financial services, manufacturing and pharmaceuticals," says ICSPA chief executive John Lyons. "Cybercrime is notoriously difficult to tackle given the international structure and capabilities of some of the criminal networks we see in operation. It used to be inherently difficult to combine international efforts to fight cybercrime; this Project will for the first time, bring together experts globally, with a remit to identify and fix weaknesses in our systems before they come to market."
Project 2020 is set up as an international effort to provide insight into how cybercrime will develop. The project will deliver information and recommendations that raise awareness amongst governments, businesses and citizens to help them prepare their defences against future threats. The Project will deliver policy briefs and white papers on evolving threat scenarios, and establish a monitoring mechanism to assist organisations that combat cybercrime.
"Cybercrime evolves as quickly as technology, and technology develops so quickly that the unthinkable becomes mainstream before we can imagine. Furthermore, criminals today can still surprise us as they move from region to region around the world. We have the groups around the table who can make sure this will no longer be the case," says Europol's Dr. Baines, who will be the Project Director for Project 2020.
T/Cdr Steve Head of the City of London Police explains his Force's reasons for joining Project 2020: "Cybercrime is becoming pervasive in society, threatening the technological, financial and social fabric of developed and developing countries. Confronting and combating it now and in the future presents one of the most difficult and important challenges of our time and can only succeed by the international community working as one. Project 2020 is laying down a blueprint for how this can be achieved and the City of London Police is committed to pooling its own expertise with fellow members to create the systems and policies that will significantly enhance cyber security around the world."
About Europol
Europol is the European law enforcement agency. Our job is to make Europe safer by assisting the Member States of the European Union in their fight against serious international crime and terrorism.
About City of London Police
The world's leading business and financial centre demands a bespoke police force, which is equipped to protect and support this unique environment, and to meet head-on the policing challenges it represents.
About (ISC)²
(ISC)² is the largest not-for-profit membership body of certified information security professionals worldwide, with over 86,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), Certified Authorization Professional (CAP®), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates. (ISC)²'s certifications are among the first information technology credentials to meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information security topics. More information is available at www.isc2.org
About the International Association of Prosecutors
The International Association of Prosecutors (IAP) is the only worldwide association of prosecutors and counts over 147 organisational members and 1,500 individual members. It was set up in 1995 under the auspices of the United Nations in Vienna and is committed to improving international cooperation between prosecutors in order to combat transnational crime - as well as asserting the rule of law, compliance with human rights and ensuring minimum standards for prosecutors on fairness independence and impartiality. The Global Prosecutors E-Crime Network (GPEN) is one of the IAP's specialist networks aimed at prosecutors dealing with cybercrime. Find out about the IAP and becoming a member on its website: www.iap-association.org.
About Singapore's Ministry of Home Affairs (MHA)
The Ministry of Home Affairs (MHA) in Singapore comprises of 7 Departments and 2 Statutory Boards, focused on the shared goal of ensuring the security and welfare of Singapore and her people. The departments under MHA include, the Singapore Police Force, Internal Security Department, Singapore Civil Defence Force, Immigrations and Checkpoints Authority, Singapore Prison Service, Central Narcotics Bureau, Home Team Academy, Casino Regulation Authority and Singapore Cooperation of Rehabilitative Enterprises.
Hord Tipton, the Executive Director of (ISC)2 says: "We applaud this opportunity to not only facilitate consultation but also improve policy development around the world. We will be encouraging contributions from the breadth of our membership who come from government and private business, and will be able to provide insight from the coalface of current practice in the field. The coalition of the international professional communities represented, business leaders and law enforcement at play here is the kind of fighting power we need to secure a healthy future in the digital age."
"Cybercriminals are by nature difficult to police given the trans-national efforts they undertake to evade detection", comments Anthony O'Mara, Global Head of Business Operations, Trend Micro. "We're very pleased to be an active member of the ICSPA working with Europol, governments, industry and business sharing a common goal of sharing knowledge, skills and resources and meeting our company's vision of a World Safe for Exchanging Digital Information. Project 2020 shows that the ICSPA is not just a talking shop, but will challenge business to recognise the need to share beyond their company borders"
Nicholas Cowdery AM QC, former Director of Public Prosecutions of New South Wales, Australia and Chair of the Global Prosecutors E-crime Network (GPEN) says: ''The continuing evolution of cybercrime requires prosecutors around the world to keep pace with criminal initiatives and law enforcement responses, so as to be able effectively to bring offenders to justice. The GPEN platform enables IAP prosecutors around the world to share information and experience, keep abreast of developments and access legal tools for use in prosecutions."
Elizabeth Howe OBE, General Counsel of the International Association of Prosecutors and a Chief Crown Prosecutor of England and Wales adds: 'The IAP is the only worldwide organisation of prosecutors and the association between GPEN and ICSPA will enable us to develop constructive relationships with the IT industry and other law enforcement agencies in the cyber crime field.'
Notes to Editors:
The ICSPA
The International Cyber Security Protection Alliance (ICSPA) is a business led, not-for-profit organisation. The ICSPA (www.icspa.org) chaired by the Rt Hon David Blunkett MP, a Member of the UK Parliament and previous UK Home Secretary, celebrated its first anniversary just this July. Its mission is to enhance the online safety and security of business communities, by helping to deliver resources and expertise from the private sector to support both domestic and international law enforcement agencies and governments in their task of reducing harm from cybercrime. Project 2020 shows how much progress the Alliance has made during its first 12 months. The ICSPA has been growing its membership, started work on its first international assignment in Ghana with the Commonwealth Secretariat's ICT Foundation, Comnet, and - later this year - will conduct a Cybercrime Study in Canada in conjunction with the Canadian Government and the Royal Canadian Mounted Police.
For more information visit www.icspa.org
