Interpol recently celebrated its 100th anniversary, and as it steps into its second century of operation it remains highly relevant as a policing organization of our technical age.
Interpol's global cybercrime program is one of four law enforcement pillars of the organization, alongside terrorism, organized crime, and financial crime and corruption.
Just in the last couple of months, Interpol has led publicized cybercrime-fighting efforts through its Synergia operation, which led to widespread takedowns and numerous arrests in the Middle East and Africa, and its Operation Storm Makers II campaign, which targeted criminals operating in dozens of Asian countries who ran cyberfraud operations that engaged in human trafficking to perpetuate their scams.
In spite of the kinds of public actions, many in the cybersecurity community may not fully understand how Interpol has the authority and trust to get all of this work done.
At the RSA Conference USA 2024 last month, Craig Jones, Interpol's director of cybercrime offered a deep-dive look into how the organization works and also how it cooperates with private firms to carry out its mission.
Here are some of the most relevant facts for cyber defenders to know about how Interpol runs its global cybercrime program.
Interpol operations are centered around four global programs.
One of the common misconceptions about Interpol is that it directly leads investigations and that its agents are the ones that make arrests of cyber kingpins.
The reality is that Interpol is more like a program management agency.
In many ways, Interpol is the largest threat intelligence operation in the world.
While Interpol may issue advisories about criminals, it is up to local law enforcement agencies to make the arrests when they find these lawbreakers.
Interpol is a politically neutral organization that is run through a constitutional system that operates through the full support and representative governance of its 196 member countries.
Think of member countries as a pyramid, Jones said, where at the top there are 30 to 40 countries with advanced cybercrime fighting capabilities.
In those instances, Interpol acts as a neutral go-between to help coordinate between those different countries that may not play nicely together and to help them safely collaborate on what they each know about cybercriminal activities in order to help aid global investigations.
Coordinating investigative and operational cyber research can be a tough task when Interpol deals with its members on a country-by-country basis, explains Jones, who says that this kind of 1:1 communication doesn't scale well.
In order to help facilitate investigations and operations, Interpol organizes a lot of its work through four regional operations desks in Africa, Asia & the South Pacific, Europe, and the Americas.
Each of the regions is an important spoke of the work, though a lot of the leadership for Interpol's cybercrime program is based in Singapore, which is where the ASEAN regional desk is located and where Jones himself is headquartered.
Singapore is the home of the Interpol Innovation Centre, which runs four labs for facilitating research around responsible AI, emerging threats, digital forensics, and global developments around tech, strategy, and policy.
In addition to coordinating data collection and action across law enforcement and other government agencies, another big part of Interpol's cybercrime program is collaboration with private partners.
Whether it is financial organizations or giant global tech firms, private partners feed Interpol with valuable data that feeds its threat intelligence capabilities.
This Cyber News was published on www.darkreading.com. Publication date: Mon, 27 May 2024 06:00:39 +0000