Cybercrime. How Do You Prosecute What Is Not There?

By Alphonzo A. Albright

The cyber attack launched against Sony Pictures Entertainment at the end of 2014 produced several adverse effects on various stakeholders. In particular, hackers incapacitated the IT infrastructure of the company and disrupted its operations.

Furthermore, they were able to access the confidential information of employees, executives, and actors who cooperated with Sony. At present, this company attempts to settle legal disputes with people who believe that this organization failed to safeguard their private data.

The government of North Korea was blamed for this incident. The attack was considered to be the retaliation for the release of the movie The Interview that featured the assassination of Kim Jong-un, the head of this state. American authorities imposed sanctions against some enterprises and agencies, located in this country.

This case illustrates some of the challenges associated with cybercrime. In particular, it is often difficult to bring perpetrators to justice. Moreover, Sony may never be compensated for its losses. This incident also highlights the necessity to strengthen cyber security of large companies. These organizations must ensure that their weaknesses do not create difficulties for other stakeholders such as employees or business partners.

Today, computers have become more integrated into the technologies that are critical for the everyday life of individuals and the functioning of various organizations. For instance, they have been included in many home appliances and automation systems. Additionally, they are required for the proper work of critical infrastructure such as power stations (Source: Report on cybersecurity and critical infrastructure in the Americas | Organization of American States, 2015 - PDF).

This tendency can pose significant risks to many stakeholders. In particular, hackers can take control of computers that regulate the work of various devices or equipment. They can render these devices dysfunctional. For example, they can damage temperature or humidity sensors. Under some circumstances, this action can lead to a technological disaster. Furthermore, the extensive integration of computers into home appliances creates many opportunities for spying on people and organizations.

These trends impose new requirements on law enforcement units that have to change some of their practices. They must elaborate the methods of investigating cybercrimes and preventing them. For example, one can mention a cyber attack that incapacitated the infrastructure of a building. In this case, investigators should think of various ways in which this offense could have been committed. Moreover, they should ensure that this attack would not occur once again. Thus, these professionals should become knowledgeable about different ways in which computers can be integrated into various types of infrastructure. They also have to discover potential flaws in the design of such systems. Overall, the work of law enforcement units can contribute to the improvement of many technologies.

Furthermore, these agencies have to work more closely with various organizations to collect the necessary evidence. For instance, they have to cooperate with companies producing new technologies that strongly rely on computers. In this way, they can find important clues that can point to a suspect.  In some cases, these enterprises may be reluctant to share information with outsiders. Hackers usually exploit the weaknesses in the design of technologies (Source: Security blanket or security theatre? In Analyzing computer security | Pfleeger & Pfleeger, 2012 - PDF). In their turn, companies may be reluctant to admit the existence of such flaws. Thus, law enforcement agencies should achieve two goals. They need to discover the relevant information, which is required for finding a suspect and incriminating this person. However, at the same time, they should not violate the rights of the organizations that manufacture or sell technologies. These changes are essential for the proper investigation of possible offenses and reduction of risks entailed by the extensive integration of computers.  

About Alphonzo A. Albright

A former New York City executive government official, Alphonzo A. Albright, today as Vice President of Global Justice Services for the Canadian-based firm Abilis Solutions, meets colleagues across the world to engage in conversations that highlight thought leadership focused on driving government performance.

More About Alphonzo