Cybersecurity

Global police must partner up to prevent a ransomware crisis - here's how

Partially open laptop, dark background, red, pink, blue, orange screen; cybercrime, cybersecurity, cyberattack.

Law enforcement agencies across the world are working together to raise awareness of cybersecurity and investigate online crime; this collaboration must continue. Image: Unsplash / @wasdrew

Wookyung Jung
Policy Analyst, Tech and Innovation, International Criminal Police Organization (INTERPOL)
Sean Doyle
Lead, Cybercrime Atlas Initiative, World Economic Forum
  • Cybercrime is a growing global threat, with instances of illegal online activity increasing particularly during the COVID-19 pandemic.
  • Law enforcement agencies face challenges in tackling the ever-evolving world of cybercrime, including a lack of resources, border limitations and underreporting of cyberattacks.
  • Law enforcement agencies across the world must work together to raise awareness of cybersecurity among the public and to prevent a ransomware pandemic.

Cybercrime is a global threat that knows no borders. With law enforcement limited to national borders, cybercriminals exploit the digital world’s limitless playing fields with near impunity. The escalation of cybercrime worldwide means a global law enforcement response has never been more crucial.

As an inter-governmental organization with the vision of connecting police for a safer world, INTERPOL has been analyzing a broad range of cyber threats since the inception of its Global Cybercrime Programme in 2015. In the past year, INTERPOL witnessed an exponential growth in the scale and impact of cyber threats as criminals and fraudsters exploited fundamental social needs and anxieties in the cyberspace during the COVID-19 pandemic.

Have you read?

Facing the challenge

In particular, ransomware attacks targeted governments, hospitals and other institutions on the front lines of the fight against the pandemic. By attacking these critical organizations, criminals were able to maximize the damage inflicted as well as their financial gain. Indeed, ransomware provides a highly enticing and lucrative business model for cybercriminals, especially with the development of double or triple extortion and ransomware-as-a-service models.

The COVID-19 pandemic has also opened up new avenues for cybercriminals to carry out various forms of online criminality regardless of the region. New and increased vulnerabilities and attack surfaces have emerged due to a surge in internet use during the pandemic, which outpaced business’ ability to secure remote workforces and online individuals. In addition to ransomware, prominent threats now include online scams, attempts to compromise business email, illegal data-harvesting operations, misinformation and the re-emergence of older types of malware, which were repurposed to take advantage of the global pandemic.

The COVID-19 pandemic has opened up new avenues for cybercriminals to carry out various forms of online criminality regardless of the region.

Wookyung Jung, INTERPOL & Seán Doyle, World Economic Forum

Finding a solution

At its High-Level Forum on Ransomware on 12 July 2021, INTERPOL called on police and their partners around the world to commit to stop this potential ransomware pandemic. In the face of the continued evolution of cyber threats on a global scale, the secure and swift exchange of actionable information will be fundamental to locating evidence, suspects and victims in multiple jurisdictions simultaneously.

Cybercrime investigation involves challenges that are not typical to “real world” investigations, however. For example, it is difficult for law enforcement to know first-hand that an attack has occurred, and even then, reporting rates are low. In the UK, only 1.7% of estimated total offences were referred to authorities in the 12 months to 30 September 2020. This underreporting problem limits law enforcement’s ability to accurately assess threats and effectively respond to them. This can cause cybercrime to fall down the priority list within many law enforcement agencies worldwide, which further exacerbates the situation.

Investigating cybercrime also requires specific skills and technology that are not universally available such as malware profiling, darknet tracing and cryptocurrency analysis. The gaps left in law enforcement cyber capability or regional capacity as a result can enable online criminal networks and activities to slip through the net.

Among the various ways to collaborate, one of the most successful examples has been global public awareness campaigns on cybercrime

Wookyung Jung, INTERPOL & Seán Doyle, World Economic Forum

Moving out of the comfort zone

Recognizing these challenges, the global law enforcement community has been making efforts to be open and inclusive. In 2019, for example, INTERPOL’s General Assembly endorsed Gateway, a legal framework that enables INTERPOL to share information with certain private sector companies.

These partners have a clear view on cyber threats on a global scale coming from different sectors. INTERPOL is therefore able to receive up-to-date cybercrime data from them, as well as tapping their expertise on recent trends and gaining technical assistance. Endorsing such partnerships is a departure for law enforcement, demonstrating its willingness to accept institutional and technological innovation in order to tackle cybercrime.

Among the various ways to collaborate with these partners, one of the most successful examples has been global public awareness campaigns on cybercrime. INTERPOL has been running these campaigns with its partners annually since 2019, reaching more than 7.5 million users across the globe each time. This year, about 90 member countries signed up for the #JustOneClick campaign.

INTERPOL infographic warning against opening suspicious attachments.
INTERPOL's most recent global public awareness campaign on cybercrime warns individuals against opening suspicious attachments. Image: Just One Click, INTERPOL

These campaigns address the challenges global law enforcement faces in preventing a ransomware pandemic in three ways:

1) Prevention is the best cure

Stopping harm before it happens is clearly the optimal outcome in most situations. In the world of cybercrime prevention, however, mitigation or recovery measures are not always available or up-to-date. Prevention campaigns can promote cyber hygiene amongst the public and remind people that just one click can let malware into their system. Raising awareness can also boost reporting of cybercrime because the public gains a better understanding of the issue.

2) Partnerships increase effectiveness

Global awareness campaigns allow law enforcement to work with the diverse actors in the global cybersecurity ecosystem under the common goal of making cyberspace safer. This strategic alignment leads to effective collaboration and active participation in sharing prevention tips with the public. We have found that some law enforcement organizations even voluntarily translate our prevention campaign strategies for their local communities.

3) Cross-collaboration builds public trust

Throughout these campaigns, cross-sector collaborations are visible to the public. This boosts these relationships and helps build trust. Public recognition of mutual efforts was identified as a key element of a successful partnership by the World Economic Forum’s Partnership Against Cybercrime Insight Report. The synergies that the World Economic Forum and INTERPOL are creating together further induce trust between the public and private sectors in a neutral environment.

Discover

How is the Forum tackling global cybersecurity challenges?

Taking the next step

Cybercrime poses a formidable challenge to security worldwide and inhibits the potential of digital economies. Greater participation by the international community in building the global response to cybercrime will help overcome these issues.

A proactive prevention culture must be instilled in every organization, regardless of location or size. Further investment in raising awareness of cybercrime risks, mitigation strategies and enhancing cyber hygiene will also maximize downstream preventive benefits.

For law enforcement, digitalization has brought an opportunity to be inclusive and open, collaborating beyond national borders and sectors. And while awareness-raising and prevention efforts have made great progress in this area, challenges remain, including underreporting and gaps in cyber capability and capacity. A multi-stakeholder approach would also help to address these issues.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Stay up to date:

Cybersecurity

Share:
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

5 ways to achieve effective cyber resilience

Filipe Beato and Jamie Saunders

November 21, 2024

We asked 6 tech strategy leaders how they're promoting security and reliability. Here's what they said

About us

Engage with us

  • Sign in
  • Partner with us
  • Become a member
  • Sign up for our press releases
  • Subscribe to our newsletters
  • Contact us

Quick links

Language editions

Privacy Policy & Terms of Service

Sitemap

© 2024 World Economic Forum