By JAN SLIVA, Associated Press Writer
BRUSSELS, Belgium - Two groups working separately to boost Europe's defenses against online crime will present proposals this week, almost a year after most of the nation of Estonia's links to the Internet were disrupted for days or weeks.
At a two-day conference starting Tuesday in Strasbourg, France, the Council of Europe will to review implementation of the international Convention on Cybercrime and discuss ways to improve international cooperation.
Cyber defense also will be on the agenda when heads of state from NATO's 26 member nations gather in Bucharest Wednesday for three days. The leaders are expected to debate new guidelines for coordinating cyber defense.
The Convention on Cybercrime, a binding treaty ratified by most members of the 47-nation Council of Europe, provide guidelines to protect computer users against hackers and Internet fraud.
The controversial agreement also covers electronic evidence used in prosecution of such offenses as child sexual exploitation, organized crime and terrorism. At this week's conference, the council will discuss guidelines to bolster the convention to improve cooperation between investigators and Internet providers, according to the council's Web site.
Participants and speakers at the conference — including police officials and representatives of technology companies such as Microsoft Corp., eBay Inc., McAfee Inc. and Symantec Inc. — also will address training.
NATO's three-day summit, which is to focus on enlarging the treaty organization and on its operations in Kosovo and Afghanistan, will include a special briefing on cyber defense, according to the treaty organization's Web site.
Some cybercrime experts are casting current Internet security challenges in terms of terrorism, while others remain focused on data loss, identity theft and fraud.
Marco Gercke, lecturer in computer law at University of Cologne in Germany, said cybercrime poses new law enforcement challenges because data can now be exchanged very fast over vast international reaches.
"Compared to regular terror attacks, it is much easier for the offenders to hide their identity. There are at least 10 unique challenges that make it very difficult to fight computer-related crime," said Gercke, one of the conference participants. "The success rate of cybercrime is very high."
Privacy advocates, the American Civil Liberties Union and others are concerned that the Cybercrime Convention presses businesses and individuals to aid law enforcement in new ways and subjects them to surveillance that violates the U.S. Constitution.
President Bush signed the treaty in 2003 and the U.S. Senate ratified it in 2006. The convention has been ratified by 21 other nations.
The type of assault Estonian Internet service providers suffered — which included denial-of-service attacks, where criminals flood a server with so many requests for connections that it is overwhelmed — is particularly difficult to block because servers can't easily distinguish between legitimate and bogus requests for access, experts have said.
Estonian officials initially blamed the attacks on the Russian government but later acknowledged they had no proof of government involvement, though they said most of the computers launching the attacks were in Russia.
Estonia has set up a center to tackle computer-related crime and wants a global treaty on combatting cyber attacks because laws in many countries are inadequate or conflict, which can make prosecution of cyber criminals difficult.
The tiny Baltic state, which has one of the world's highest rates of Internet use, has said the attacks damaged its economy because it depends heavily on the Internet.
Russian officials deny any involvement in the cyber onslaught which erupted during violent protests by ethnic Russians against moving a Soviet-era monument out of the Estonian capital of Tallinn.
Web sites run by media outlets, government institutions and banks denied access to users outside Estonia. Among other impacts, Estonians traveling abroad couldn't get at their bank accounts.The attack also included e-mail spam.
___
On the Net:
http://www.coe.int/cybercrime
http://www.nato.int/docu/update/2008/04-april/e0402b.html
0 comments:
Post a Comment