Policies for Addressing Global Cybercrime

Globalization of Crime

The FBI (2011) case “Botnet Operation Disabled” shows what can happen when international criminal threat actors spread malware via servers “to steal funds, hijack identities, and commit other crimes” by way of a nefarious computer virus. There are numerous examples of this kind of cyber crime all over the world. For instance, hacktavist groups have proliferated in the 21st century and they use malware to infect government agency sites and industrial sectors (Kovacs, 2022). Additionally, the Asian-based cyber threat actor known as Webworm has been using modified malware to attack industries and agencies all over Asia (Lakshmanan, 2022a). And Charming Kitten (a prolific advanced persistent threat) originating from Iran has attacked using malware Gmail, Yahoo! and Outlook accounts all over the world (Lakshmanan, 2022b). Clearly the globalization of cyber crime is a problem, as all of these cases combined point out. This paper will analyze administrative practices in the international cybercrime cases and make recommendations for improvement.

Botnet Operation Disabled

The FBI (2011) case “Botnet Operation Disabled” reports how the FBI targeted a foreign botnet that was infecting 100,000 computers in the United States. The botnet, known as Coreflood, was used to steal personal and financial information by recording unsuspecting users' every keystroke. The FBI worked with Internet service providers and security companies to take control of the servers that were hosting the botnet, and then used those servers to send a “kill” command to the infected computers. As a result of this operation, the Coreflood botnet was taken down and the infected computers were freed from its control. This case is significant because it illustrates the government’s ability to disrupt and dismantle large-scale criminal operations that are conducted online.

Other Similar Cases

As Kovacs (2022) shows, a pro-Palestine hacktivist group named GhostSec; and a group named ‘Gonjeshke Darande’ and others hacked state infrastructure using programmable logic controllers, causing disruptions in various states. The hackers used open ports and other publicly available tools to gain access to networks. Lakshmanan (2022a, 2022b) also shows that Webworm has been using customized malware to attack government networks in Russia, Mongolia and other Asian countries to take control of these networks and steal funds/information; and that likewise Charming Kitten used malware to hack email accounts, scrape sensitive data and eavesdrop on conversations. The cases all have the same things in common: a cyber threat using vulnerabilities in networks and the ignorance of end users to prey upon systems and steal data or funds or take networks hostage.

Issues for Teams Working These Cases

One of the main issues for teams working to stop or prevent international cyber threats/crimes is that of attribution. That is, being able to identify who is behind a given attack. This can be difficult for a number of reasons. First, those carrying out attacks often use proxies or botnets to conceal their identity. Second, even if the identity of the attacker is known, it may be difficult to prove that they were acting on behalf of a government or other organization (Kovacs, 2022). This can make it hard to take legal action against them. Finally, there may be political sensitivities around taking action against another state's citizens, even if they are breaking the law. These difficulties make attribution a key challenge for those working to stop or prevent international cyber crime.

Administrative Strategies, Practices and Policies

In the FBI case, the aim was to disrupt and disable the botnet, which had been used to steal personal and financial information by recording unsuspecting users' every keystroke. The first step was identifying the individuals responsible for creating and operating the botnet. Once these individuals were identified, law enforcement agencies worked with Internet service providers (ISPs) to take control of the servers that were being used to run the botnet. This meant that the botnet could no longer function, and the data that had been stolen was no longer accessible. In addition, law enforcement agencies also took steps to notify individuals who may have been affected by the botnet, and provided them with information on how to protect their personal data in future. As a result of these administrative strategies, the FBI was able to effectively disrupt and disable the botnet, protecting individuals' personal and financial information.

Similar strategies were used in the other cases. However, in the one involving Charming Kitten, which preyed on end users who did not know better than to click on suspicious links and did not secure accounts, the main practice and policy that needed to be employed was for organizations to educate end users on these risks (Lakshmanan, 2022b). But with the Webworm case it was really about being alert that malicious software was being used—for in many cases energy, IT, and aerospace industries were targeted and did not even know it. So there were definitely gaps in monitoring and testing security systems in these cases (Lakshmanan, 2022a).

Recommendations

The rise of global cybercrime has created new challenges for law enforcement and criminal justice administrators. One significant problem is the use of botnets and malware to carry out criminal activities. Botnets are networks of compromised computers that can be controlled by attackers to carry out a range of malicious activities, including distributed denial of service attacks, spamming, and phishing. Malware, meanwhile, is software specifically designed to carry out malicious activities such as stealing data or espionage. It can be difficult to track down the individuals responsible for using botnets and malware to carry out cybercrime, as they often operate from different countries and use anonymous proxy servers. However, there are a number of administrative practices that could be implemented to better address this problem.

One way to tackle global cybercrime is to increase international cooperation between law enforcement agencies. This would allow for better sharing of information and resources, which would make it easier to track down and prosecute those responsible for using botnets and malware. Another option is to work on improving the technological capabilities of law enforcement agencies, so that they are better equipped to deal with global cybercrime. Finally, it is also important to raise awareness among the general public about the dangers of botnets and malware (FBI, 2011). By taking these steps, criminal justice administrators can help to make the fight against global cybercrime more effective.

How to Make It Work

One of the biggest challenges in addressing global cybercrime is the fact that it knows no borders. This makes it difficult to pursue perpetrators and prosecute them under traditional laws. However, I believe that by working together we can develop creative solutions that will allow us to more effectively go after those who engage in cybercrime. In addition, I think it is important to raise awareness about the issue of cybercrime and to educate people on how they can protect themselves from becoming victims. By working together, I believe we can make a real difference in the fight against global cybercrime. I would facilitate and work together with a team to incorporate the administrative practice recommendations by networking, training, educating, communicating, and evaluating the threats and the various ways to neutralize them.

Potential Positive Results of Outcomes

There are a number of potential positive results that could come from changes in administrative practices to address global cybercrime. One is that it could lead to greater cooperation between different nations in terms of sharing information and investigators working together to track down perpetrators. This would be a major step forward in the fight against cybercrime, as currently there are often jurisdictional issues that hamper investigations. Another potential positive result is that it could help to deter would-be criminals, as they would know that there are better chances of being caught and punished if they engage in cybercrime. This could lead to a reduction in the overall levels of cybercrime, which would have a significant positive impact on society. It could also lead to more resources being devoted to prevention and detection of cybercrime, as well as increasing the punishment for those convicted of such crimes. This would send a strong message that society takes cybercrime seriously and is willing to invest in combating it.