International Women's Day 2023: Preventing Cybercrimes in the 21st Century Digital Space

March 8, 2023

Written by Sonia Lim, edited by Australian Institute of International Affairs

The pandemic has raised many questions in the fields of cybersecurity, cybercrime and law enforcement. The pandemic caused instability in social as well as economic areas and cybercriminals exploited the fear due to these situational factors in different countries. Among the pandemic-inflicted cybercrimes that occurred, phishing, scams and fraud were the most common, followed by ransomware/malware, malicious domains and fake news. It is important for countries to collaborate with different countries around the world and come up with a wholistic and inclusive approach to strengthen their cyberdefence sector to tackle cybercrimes.

The Australian Cyber Security Centre defines phishing as a type of cybercrime in which cybercriminals steal confidential information such as bank credentials, login details and passwords via texting, messaging, emailing or other digital means of communication. Spear phishing, however, is more focused on specific targets and contains authenticity and’ alluring’ component sent to targets. It can be defined as a type of phishing that identifies targets and tricks them into revealing credentials. It could also include social engineering, which involves the manipulation of targets to reveal credentials.

An example of spear phishing that involved social engineering is one where Ian Levy, the technical director of National Cyber Security Centre ( UK ) received emails that ‘pranked’ him into clicking the link in the email which would have led to installation of malware in Ian’s computer. It also involved the art of social engineering in which the hacker, created a fake email account and tried to imitate the email address and contents of one of the directors at NCSC to encourage Ian to reply to the email and reveal credentials. While Ian realized, as an IT security director, that the email account was fake, he did comment that if he had not spent enough time reading and speculating the email he would have easily opened it. It is important ,therefore, for victims to spend some time speculating the emails at work before clicking on them and to immediately report them as spam and block them when detecting them to be phishing emails. It is also recommended to prevent further engagement with the emails.

In a phishing attack, three main stages occur: an sms message, an unknown phone call or what may appear to be a work email. The attack then develops into the collection of information about the recipient which can be from any number of sources: social media platforms, answered phone calls, clicked links ). In the third stage, the hackers specifically target the individual to gather important information and credentials such bank credentials, location, and personal details to hijack he account. As the hacker already has the information about the target, other crimes can also be perpetrated.

As UNODC states, cybercriminals can be from anywhere around the world. And with different jurisdictions across different countries, it is challenging to locate the details about the cybercriminal. Unlike traditional crimes that can be located in one city or country and can provide physical evidence about what happened and where the a particular crime has occurred, cybercrime is considered to be global, borderless and in many ways amorphous. Medibank, a public health insurance company whose data breach affected more than 9.7 million customers in 2022, for instance, is speculated to have been undertaken by hackers in Russia. What we know about cyber crime and freelance, state-based hackers is that such crimes can also be perpetuated from safe havens like North Korea.

While the case of Medibank is high profile, in many instances, cybercrime it is often unreported or too difficult to track, meaning cybercrimes and their crimes remains anonymous and unknown. With the use of inexpensive tools such as the TOR network, cybercriminals manage to stay ‘’under the radar’’ making it very hard for law enforcement to locate and arrest them. And even when the cybercriminals are traced and located, it is very challenging for the courts to determine how to prosecute them: the perpetrator and the victim could be from different cities and countries and many questions arise as to which jurisdiction is relevant and whether internet service providers of one country are obligated to another’s police to give evidence.

All this demonstrates that an effective and integrated wholistic and hybrid approach to address transnational crimes is needed to build a safer and secure environment for everyone. Countries need to be vigilant in protecting their civilians; they need to invest in more research to better understand the nature of cyberspace, collaborate with international law enforcement organizations in different countries as well as implement effective wholistic measures to strengthen their countries’ security and effectively mitigate risks to reduce cybercrimes around the world.