Europe confronted by digital crime

In this paper, Laurence Ifrah of the Robert Schuman Foundation addresses the increasingly significant issue of digital crime, with regards to the recent attacks perpetrated against the Estonian government network. Even though absolute security does not exist, it is crucial to raise the level of protection, particularly in companies, the author states.

The author examines the context of the digital attack on Tallin on 27 April 2007. This attack occurred following the dismantling of a Soviet-era statue by Estonian authorities. The government’s internet network – as well as the networks of the main banks and insurance companies – were immediately attacked, making websites and networks unavailable.

Information systems experts from NATO, the EU, the United States and Israel have been working with Tallinn experts to solve the problem and counter the attacks. However, the culprits will probably never be identified as the ‘botnet’ system – a collection of software robots which run autonomously – allows hackers to stay totally anonymous, the author claims. 

Secondly, the paper gives an overview of the numerous existing digital attacks such as ‘DOSs’ (denial-of-service attacks) – which involve saturating the victim’s server with numerous external communications requests sent simultaneously and therefore making the victim’s computer unavailable – ‘rootkits’, ‘spams’ and ‘storms’. Such systems are so powerful that they may destabilise a country’s economy or interrupt the most sensitive systems such as nuclear central, stock exchanges, financial institutions and insurance companies. 

The author observes how the numerous digital tools can be used for criminal means. ‘Phishing’, for example, consists of creating the exact copy of a bank or financial institution’s website to steal the user’s bank details. Another threat is industrial espionage, comprising stealing strategic information from companies. This information is usually sold on ‘e-bay’ and does not stay online for more than 2 hours. However, the proliferation of these attacks is due to the vulnerability of most systems and software, which must be regularly updated to avoid breaches, the paper highlights. 

In addition, the author makes a number of recommendations that companies should take into account:

• Users should be warned about ‘compulsive clicking’ and commit to taking part in data protection;
• laptops, PDA, Smartphones, and peripherals such as USB keys and external disks should be systematically checked; 
• a charter on utilisation of information systems should be integrated to the company’s internal rules and signed by each employee, and; 
• access to Peer-to-Peer websites, instant messengers and webmails should be banned. 

Nowadays, digital crime can be compared to arms, drugs and human trafficking, and it is therefore necessary to address this issue and repress its development, the author concludes.