Mimic: The ransomware exploiting Windows search
Discover an emerging ransomware family that’s using a legitimate Windows search tool to locate victims’ files before encrypting them.
Read MoreAt Black Hat MEA 2022 we were excited to host an important conversation: a panel discussion about cyber diplomacy, with Neil J. Walsh (Head of Mission - UNODC Regional Representative to Eastern Africa), Brenno Andrada Silva (Police Commander, Head of Cybercrime Unit, Civil Police at Espírito Santo State), and chaired by Betania Allo (Cybersecurity Innovation & Partnerships, NEOM).
Governments around the world are working to integrate security into their technology and communications infrastructure. But it’s a huge task – and international cooperation is essential to strengthen resilience for countries around the world.
Allo started the conversation by asking:
“In terms of cyber diplomacy, what does it mean and how did it emerge in the UN and also in Brazil?”
The short answer is that cyber diplomacy means different things to different people – depending on sector, country, and experience.
“The UN has two ways of looking at the cyber debate,” Walsh said. “One of those ways (you might have heard of the General Assembly or the Security Council) is bringing diplomats representing all of your countries together to talk about state-based activities. So we’re looking at malicious activity in cyberspace done by states on each other; and then we have the cyber crime piece which is looking at the criminality side of it.”
Then Walsh shared a personal opinion, which he noted his organisation might not agree with – “I think splitting these topics into two is really difficult.” In addition, even trying to attribute a cyber attack or criminal attack is becoming increasingly difficult all the time; so dividing cyber and criminality into distinct spaces isn’t always productive.
Silva agreed: “I believe that a great challenge for cyber diplomacy, in not only the Brazilian context but worldwide, is attribution.”
And with no widely accepted explanation of what cyber diplomacy is, its lack of definition is part of the problem. It’s impossible for different nations to work together if they don’t know what they’re working on.
The process of agreeing on a definition of cyber diplomacy is, in itself, a real communication challenge.
When Allo asked Silva about the greatest threats Brazil faces, communication came up again. “I was kind of complaining with my colleagues here, backstage…many don’t speak English, so a huge challenge is communicating with the international community about cyber crime.” He pointed out that although Brazil has lots of talented people working on cyber crime within the country, it’s difficult to participate in global conversations and benefit from international insights – because of the language barrier.
And this isn’t unique to Brazil. When international discourse is framed mostly in one language, then the countries that are most at ease with that language have an immediate advantage.
According to Walsh, cyber crime in the UN was still being described as an ‘emerging crime’ in 2016. “It’s not emerging,” he said, “it’s been there since the 80s.”
“So we need to change the whole discourse around this, and that’s really what we did; focusing on bringing member states, countries around the world together to be able to counter cyber crime together.”
“There is a false equivalence that cyber crime hits Western states more than the Middle East, more than Africa, more than Asia — it is simply not true.”
But we don’t have equivalence of investigative capability, digital forensic capability, or law – and we need to develop that equivalence in order to address a global threat.
It’s something the UN is working on. Walsh heads an initiative to create a new UN convention against cyber crime, which involves coming up with a definition of cyber crime that every country in the world can agree on. And he urged all member states to empower their policy makers to get more involved and participate actively in this initiative.
“I’ve always thought of the UN as the greatest forum to make these conversations happen,” Allo said.
Walsh explained how the initiative has moved from a vote (with a majority of member states voting in favour of having a discussion about building a new convention), to states actually getting together to come up with a plan. “How do you have a discussion on drafting a brand new legally binding framework on cyber crime? And that’s where we are now.”
Silva noted that it’s difficult to achieve direct, open cooperation at state level when bureaucracy gets in the way. But ultimately, he said, “networking and training are the key objectives you have to achieve in order to fight cyber crime.”
Walsh agreed:
“Everything that we do, each and every one of us, is about relationships. It’s about building the relationships where we help to understand the challenges we’re all facing. And that’s why events like this really, really matter; it’s really important in our post-COVID work to get back to building the human relationships again.”
“It’s…who do you ring, who do you email, when it’s three O’clock in the morning and you’ve got an emergency threat?”
Join the newsletter to receive the latest updates in your inbox.
Discover an emerging ransomware family that’s using a legitimate Windows search tool to locate victims’ files before encrypting them.
Read MoreWhat are non-human identities (NHIs) and why are they driving a paradigm shift in identity security?
Read MoreNew research shows that a growing number of organisations view cybersecurity as a strategic priority.
Read More