Cybercrime is one of the largest illegal industries in the world. Symantec is committed to stopping cybercrime and raising greater public awareness of the steps every person, family, organization, and business can take to stay safe online. Through outreach, education, research, and online tools, we are partnering with our customers, employees, government agencies, communities, and families to protect individuals and their information to ensure confidence in the online experience.
Every second, 12 adults become a victim of cybercrime – that’s more than one million cybercrime victims each day globally, costing the global economy approximately $113 billion per year.
Symantec has long been a leader in the effort to create new approaches to support the fight against cybercrime and to support victims of cybercrime. For that reason, we launched a number of initiatives this year, focused on collaboration with law enforcement and non-profit safety groups in the fight against cybercrime by providing law enforcement with training, technical expertise, and improved global cooperation. These initiatives include:
- Cybercrime Victim Assistance Program: In April 2014, we launched Victims of Internet Crimes Empowered (VOICE) website. The site provides cybercrime information, such as videos and guides on preventing and recovering from Internet-related crimes, and directly links victims to the Internet Crime Complaint Center (IC3) to file complaints of malicious internet activity. The launch of VictimVoice.org is the result of a two-year partnership between Symantec and the National White Collar Crime Center (NW3C).
- Cybercrime Prosecutor Training: We sponsor the UCLA School of Law to produce an annual cybercrime mock trial for law students to help train the “next generation” of cybercrime prosecutors. Last year we had more than thirteen teams compete.
- Cyber Career Connection: We are part of a cybersecurity training partnership to solve the cyber career gap and move underserved young adults out of low-end jobs and into highly paid and meaningful careers. Read more about this on the Cyber Career Connection page.
- Government Cybersecurity Partnership: Symantec works closely with governments and government entities around the world to help to raise awareness, mitigate threats, and share cyberthreat information to better protect citizens, and their information and critical infrastructure. Two recent examples include the Korea National Police Agency and the Organization of American States.
- Society for Policing Cyberspace (POLCYB): Symantec partners with POLCYB, a non-profit group, to help train law enforcement around the world on how to investigate and successfully prosecute cybercrimes.
- Cybercrime Investigations: Symantec is taking the fight to cybercriminals by partnering with law enforcement agencies around the world, including the FBI, INTERPOL and other national law enforcement agencies, to investigate and help disrupt cybercrimes. We contributed to several investigations and botnet disruptions this year, including the takedown of the ZeroAccess botnet, one of the largest botnets in history. Symantec also partnered with the FBI, the U.K. National Crime Agency, other law enforcement agencies and industry partners to bring down the financial fraud botnet Gameover Zeus and ransomware network Cryptolocker. These are just two examples of what can be done when private industry and law enforcement join forces to go after cybercriminal networks.
At Symantec we recognize that we face many challenges in our effort to protect against and fight cybercriminals. But while there is still much work to be done, we are making progress. Today, at all levels, both government and industry recognize the imperative for cooperation and partnerships to fight cybercrime. No single company or government can “go it alone” in the current threat landscape. The threats are too complex and the stakes are too high. Ultimately, defeating cybercriminal networks will require strong technical capabilities, effective countermeasures, industry collaboration, and law enforcement cooperation to be successful. You can find our Introduction to Cybercrime & Crimeware podcast, and other useful information on our Cybercrime page
Developing Policy to Promote Cybersecurity
Cybersecurity requires not only individual consumer and business action, but also internationally coordinated legislation and policies. For this reason, Symantec advocates for effective laws and regulations and coordinates with governments and law enforcement agencies worldwide to ensure that they have the training and resources needed to aggressively pursue cybercriminals.
Governments are among the most targeted sector for spear-phishing attacks, making up 16% of the total.
Our priorities for influencing policy include the following:
Focus on behavior, not technology. Symantec believes that laws to deter cybercrime should focus on punishing bad behavior rather than regulating the technology itself. Laws should criminalize acts such as intentionally obtaining or transmitting personal information with the intent to defraud a person or damage a computer, not simply outlaw programs capable of collecting or transmitting data that also have many legitimate uses. Similarly, laws must be technologically neutral and not pick “winners” and “losers” or they could inadvertently stifle innovation.
Increase penalties. Stronger cybercrime penalties and enforcement measures are needed to punish and deter bad actors who seek to capture information from a user’s computer without authorization. These penalties must coexist with provisions that account for innocent, unsuspecting users whose computers are unknowingly taken over by cyber criminals.
Develop a model approach for use globally. Unless crimes are defined in a similar manner across jurisdictions, coordinated efforts by law enforcement officials to combat cybercrime will be complicated and sometimes impossible. Therefore, a globally harmonized framework of legislation against e-crime is needed, preferably developed through a coordinated, public-private partnership to produce a model approach that eliminates the risk of inadvertently creating cybercrime havens.
Modernize Cybercrime Laws. In the U.S. we encourage amending laws such as the Electronic Communications Privacy Act, which was written before most people had heard of the Internet. This is no less true overseas, where most nations’ laws also are playing catch-up with the pace of innovation and technology. A major challenge today is that in order for governments to share cyber information internationally, we must still proceed through Mutual Legal Assistance Treaties (MLATs) and Letters Rogatory – processes first developed in the 1800s – and take far too long to address the real-time nature of cybercrime. To keep pace with 21st Century threats, the MLAT process should be overhauled and streamlined.
Avoid duplication of effort through enforcement partnerships. Law enforcement efforts should be coordinated across international, national and local levels in order to share expertise and technology and avoid costly duplication of effort.
Improve Information Sharing. Companies want to work together to stop cybercrime by sharing threat and vulnerability information with each other, with non-profit organizations, with academia, and with the government. We need to modernize our laws to ensure that we encourage and even incentivize sharing of cyber threat information so that we can all stay ahead of the cybercriminals. Of course this must be done in a way that ensures that privacy is protected and that companies don’t unnecessarily share personal information.
Stopping Software Piracy Every year, billions of dollars are lost to software piracy, which is the illegal distribution or copying of software for personal or business use. The harmful effects of software piracy reach far beyond the software publisher. While companies suffer a direct loss of sales, consumers also suffer because companies are often forced to raise prices or cut research and development funding to make up for revenue shortfalls due to piracy.
Symantec works closely with governments around the world to strengthen copyright protection for software, both in digital and physical form. For example, Symantec is a worldwide member of The Software Alliance (Formerly the Business Software Alliance), an organization formed in 1988 that spans 65 countries across North America, Europe, Asia, and Latin America. A key part of The Software Alliance’s mission is to advance free and open world trade for legitimate business software by advocating strong protection of intellectual property. Learn more about the Business Software Alliance
Symantec provides training and education to our many stakeholders to raise awareness of the impact of software piracy and methods to help stop the spread of this illegal activity. For example, Symantec’s anti-piracy team has:
- Created and distributed piracy-related training materials for channel partners throughout our Europe, Middle East, and Africa (EMEA) region and in India
- Conducted piracy-related training sessions for customs officials throughout EMEA
- Held piracy-related training sessions for law enforcement officials in EMEA, Latin American, and our Asia Pacific and Japan region
We developed an anti-piracy tip sheet and video with Common Sense Media
to help educate students about piracy issues.