News item | 21-11-2017
Author: Neil Walsh, Head of the United Nations global programme on cybercrime
Capacity Building to counter cybercrime and enhance cybersecurity takes a multitude of forms; from policy analysis to preventive diplomacy, legislation to enforcement. This article provides an overview of UNODC’s work, capabilities and partnership approach.
Diplomatic context
Within the United Nations, and particularly within the Office on Drugs and Crime (UNODC), the counter-cybercrime capacity building approach responds to requests from Member States and is intentionally politically neutral.
In 2013, UNODC published the draft Comprehensive Study on Cybercrime. The study, conducted under the auspices of UNODC’s Intergovernmental Expert Group (IEG), presented an analysis of cybercrime (as it was in 2011/12) and paved the way for future diplomatic cooperation to counter the threat at the policy level [1].
In April 2017, the IEG met again in Vienna to discuss the Study and ways forward for cooperation. The UNODC recognizes that there is a divergence of opinion on many key issues regarding cybercrime from definition, to legislation and methods of international cooperation. However, we also recognize that, from these different positions, we can identify areas of agreement and consensus. At the 2017 IEG meeting, there was a broad, apolitical consensus regarding the need for increased capacity building globally to enable law enforcement, prosecutors and judges to counter the threat of cybercrime.
Capacity Building
Capacity building to counter transnational organized crime and terror often begins with a focus on legislation. With cybercrime, however, there is sometimes a need for a more nuanced approach. There are still, amazingly, some governments who do not feel that cybercrime either exists or is a threat to them. Those of you reading this article recognize the folly of that approach – and this is where UNODC can have a direct impact.
When representatives of UNODC meet with Heads of State, brief parliamentarians, give evidence to oversight committees and discuss the threat through media outreach, it has an immediate and longstanding impact. In this endeavor, it is imperative to start and lead discussions that help Administrations to form a cross-government response to cybercrime – the core premise of UNODC’s Global Programme on Cybercrime. Tools such as the World Bank assessment toolkit, and a little technical capacity building for criminal justice actors, help to pave the way for a new policy – and legal – response to cybercrime.
The following is a list of examples of capacity building that the UNODC has delivered in 2016/17, through the regional Southeast Asia Cybercrime Coordinator in Bangkok:
25 – 27 April 2017, Colombo, Sri Lanka – Cybercrime investigations and digital forensics joint training
Funding: World Bank
Executed in partnership with the World Bank as part of the StAR (Stolen Asset Recovery) programme, to officers from various institutions charged with cybercrime investigations and digital forensics.
01 – 05 May 2017, Gold Coast and Canberra, Australia – Youth Technology and Vulnerable Communities Conference
Funding: Norway
UNODC delivered an awareness session, attended by Southeast Asian Law Enforcement Agencies (LEAs) on the role of cryptocurrency within live-streaming online infant and child sexual abuse. A full training session will be delivered in 2018.
25 – 26 May 2017, Vientianne Lao PDR – 17th ASEAN SOMTC Meeting (Senior Officials Meeting on Transnational Organized Crime
Funding: USA
UNODC contributed strongly to the ASEAN policy discussion regarding the SOMTC Cybercrime Working Group and future collaboration.
18 – 20 July, Bangkok, Thailand – Cryptocurrencies Investigations Training for Thai Officials
Funding: UK, Australia and Japan
The training was attended by 25 investigators and analysts from cybercrime, counter-terrorism, FIUs and anti-money laundering departments of the following Thai institutions: Bank of Thailand, Anti Money Laundering Office, Royal Thai Police, Royal Thai Cadet Academy, Department for Special Investigations, National Security Council, Electronic Transactions Development Agency and the Office for Narcotics Control Board. Attendees now have the capability to identify and follow blockchain transactions and exploit evidential opportunities internationally.
06 – 12 August, Kathmandu, Nepal, – Joint ITU, INTERPOL and UNODC Engagement
Funding: ITU (Nepal)
Joint engagement to provide Nepal with a draft cybercrime law and to deliver trainings based on intermediary cybercrime investigations and digital forensics training.
Throughout the biennium: ongoing mentoring for cybercrime law enforcement, prosecutors and judges
Funding: Canada and USA
This includes malware proliferation and live streaming of child sexual abuse. In addition, many training sessions on victim identification, the #WePROTECT Model National Response and psychological profiling have been carried out with ICMEC (the International Centre for Missing and Exploited Children), HSI (ICE) and INTERPOL.
Conclusion
Cybercrime and cybersecurity, as we have seen, are often politically charged topics: from democratic elections and energy security to online radicalization of terrorists. UNODC’s work, and that of partners like the GFCE, makes a tangible difference in cyberspace: Member States work closer together to counter the most advanced and persistent treats originating from cybercriminals and grow trust through international investigations.
By working even closer together, the UN system stands ready to counter the highest risk threats faced by society today. Together we are stronger. Together we can ensure a free, open internet and reduced cybercrime, which is critical for delivering the Sustainable Development Goals.
This article first appeared in the fourth issuse of the Global Cyber Expertise Magazine – November 2017
