In response to the latest cyber security challenges, news articles and cyber experts ceaselessly warn individuals and companies to install the latest patches to software, to use only strong passwords, and to be careful about clicking suspicious e-mail attachments. Instead of just defending against potential attacks, a more effective strategy to deter cybercrimes is to refocus on the attacker’s vulnerability and target the attacker as an individual person. Malware is written and deployed by people, and individuals can be tracked and apprehended by international law enforcement for violating laws. Hackers can also be hacked. These are all ways Taiwan’s law enforcement can work with US law enforcement agencies against hacking, and an extradition agreement would further enhance cooperation. In addressing the vulnerabilities of the threat, hackers will think twice about performing an attack, or even continuing in this illegal line of business, if they recognize personal consequences of hacking others.
If international partners have an extradition agreement and agree to cooperate on cyber security, then a hacker could be extradited from one side to the other side. Countries rarely extradite their own citizens to face prosecution in other countries, but it is more likely that countries would extradite citizens of the country requesting extradition or those holding citizenship in another third country. The International Police (Interpol) can nab the cyber criminal when an opportunity arises such as that individual travels to a cooperative country for vacation or even on a layover.
An illustrative example is when US federal law enforcement agents captured a young hacker, Sasha Panin, by waiting patiently for him to leave Russia for a trip to the Dominican Republic. Though in his 20’s, Panin developed a hacker tool called SpyEye that infected 1.4 million computers and collected bank account credentials, credit card numbers and passwords. To catch Panin, FBI agent crossed the globe, hacked into computers and posed as cyber criminals themselves. The authorities finally caught him when he traveled to the Dominican Republic to visit a friend there, and local police acted on an Interpol warrant from the United States.
Individuals such as Panin could be deterred if they think twice about participating in criminal or even state sponsored illegal cyber activity, if it means that they could be captured by Interpol overseas. It could change their calculations and lead them to decide against hacking others. If cyber criminals continue illegal hacking but stay in their country their whole lives to avoid capture, then their world becomes very small. It raises the cost of hacking when criminals consider foregoing international travel for the rest of their lives.
In Taiwan, there are over 7,000 cyber crime cases that are referred to the District Prosecutor’s office each year. Within these cases, 40 percent involve a situation where computers are disabled by malware, 30% involve cyber fraud, and 7 percent harm against reputation and credit.
To deal with information and communication security issues, Taiwan created its National Information and Communication Security Taskforce (NICST) in January 2001. NICST is a national-level task force that develops communication security policy and coordinates affairs regarding information between ministries. In 2003, Taiwan passed several amendments to Taiwan’s criminal code in a new chapter to the code: “Offenses Against Computer Security.” Today, Taiwan’s cybercrime investigations unit (CIU) works with other government agencies, the private sector, academic institutions, and other foreign counterparts such as the Group of Eight (G8) 24/7 Computer Crime Network.
However, for transnational computer crime Taiwan does not currently have an extradition treaty in force with the United States. Nonetheless, the United States and Taiwan are parties to the Agreement on Mutual Legal Assistance in Criminal Matters between the American Institute in Taiwan and the Taipei Economic and Cultural Representative Office in the United States. Through this mechanism, in 2014 Taiwan assisted US law enforcement authorities by freezing a bank account containing nearly $16 million dollars in illicit funds tied to a trade-based money laundering scheme involving Mexican drug cartels and the importation of garments and textiles into the United States. Though not an example of cyber security cooperation, it shows the extent of law enforcement cooperation between Taiwan and the United States that could be extended into apprehending cyber criminals.
Great financial cost and government resources are limitations against the labor intensive work of tracking hackers individually, and cooperating with other countries to bring hackers to justice. To think creatively, one possible incentive for governments to devote substantial resources to tracking and capturing a hacker could be to impound that person’s illicit funds or bitcoins. For some successful hackers, these funds could be in the millions to tens of millions of dollars. These could be distributed to repay the victims, and then governments could continue to hold the leftover funds. The US Department of Justice already runs an asset forfeiture program that brings in around $2 billion dollars a year in assets that were used to facilitate federal crimes, and the possibility of seizing financial assets of hackers would raise this number.
Actively apprehending cyber criminals while they are abroad will deter people from hacking in the first place. It will present new costs to making the choice to illegally hack others. Although companies, government offices, and individual victims are vulnerable to spearphishing, so are hackers. These are the many personnel-related vulnerabilities of cyber threats that law enforcement can exploit to fight against illegal hacking by uncovering information about hackers and even gaining access to hacker computer networks.
The main point: Cyber criminals threatening Taiwan are vulnerable when countries work together to apprehend the attackers when they are abroad, such as through an extradition agreement and active participation within Interpol; and when law enforcement uses similar hacking tactics against hackers to find information about them and gain control of their computer networks.