Page 50 - 网络防御杂志 - 2017年9月
P. 50

could  get  corrupted  by  some  competitor’s  organization  or  organized  as  a  criminal group  that
               would  offer  something  on  the  black  market.  In  such  a  case,  we  are  talking  about  the
               transnational  crime  and  for  such  a  purpose  –  we  need  the  international  cooperation  of  the
               defense and intelligence communities. It’s a quite expected scenario that the majority of those
               insider’s threats could be paid by some organized crime and terrorist groups in order to cause
               the collapse of some critical infrastructure. Also, it’s a quite common case that those bad guys
               would be motivated financially, politically or ideologically. The specific challenge to this situation
               could  be  the  fact  that  the  developing  economies  would  deal  with  the  less  developed  legal
               regulations, so committing such a sort of crime on their territory would include less risk to those
               malicious actors.

               So, how corruption could be linked with the cyber defense? The point is that the majority of a
               modern world would depend on the cyber technologies. That’s not the case with the legal part of
                                                                            a society only, but rather with the
                                                                            illegal  groups  of  people  as  well.
                                                                            The  experience  would  suggest
                                                                            that it’s quite uneasy to prove the
                                                                            corruption  in  a  practice.  The
                                                                            similar  case  is  with  the  insider’s
                                                                            threats  as  well.  On  the  other
                                                                            hand, you should always have in
                                                                            mind  that  the  threats  would
                                                                            mainly     use      the     cyber
                                                                            technologies to communicate with
                                                                            each  other  and  exchange  the
                                                                            information  about  their  activities.
                                                                            In  other  words,  once  you  catch
                                                                            them  in  a  cyberspace  planning
                                                                            some  operation  –  you  would
                                                                            obtain some findings being useful
                                                                            for    the     financial    crime
                                                                            investigation. Well, it would seem
                                                                            that  we  could  prevent  some  of
               those schemes doing a continuous monitoring of the cyberspace. What would that mean in a
               reality?  In  a  practice,  you  should  deal  with  the  IT  security  professional  or  the  entire  security
               operating center (SOC) that would care about the organization’s cyber defense and discover the
               possible scenarios of public authority misuses. It’s quite clear that in such a case – it would be
               possible  to  obtain  the  findings  about  some  suspicious  activities  occurring  within  your
               cyberspace.  In  other  words,  all  we  need  is  a  good  risk  management  within  our  computers,
               internet and mobile technologies. For instance, it’s feasible that the cybersecurity experts would
               prevent some corruption’s cases even happen and consequently – report those insider’s threats
               activities to the authorities. As we said – the concern is that many developing counties would
               not  deal  with  the  adequate  legal  regulations  and  those  sorts  of  criminals  would  avoid  to  get
               punished as they deserve. This could be quite concerning to the developed societies because
               the threats could come from those less developed parts of the world relying on so simple way of
               information transfer being the cyber carriers. Finally, we would realize that the insider’s threats
               being  correlated  with  the  corruption  are  not  uncatchable  taking  into  account  that  they  are
               leaving the trace in a cyberspace and the good cyber defense could discover and even prevent
               some of these cases ever happen in a practice.

                    50   Cyber Defense eMagazine – September 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.
   45   46   47   48   49   50   51   52   53   54   55