Cybercrime is growing in both volume and sophistication. It is already one of the largest illegal industries in the world. Symantec is committed to stopping cybercrime and raising greater public awareness of the steps every person, family, organization, and business can take to stay safe online. Through outreach, education, research, and online tools, we are partnering with our customers, employees, government agencies, communities, and families to protect individuals and their information to ensure confidence in the online experience.
Every second, 12 adults become a victim of cybercrime – that’s more than one million cybercrime victims each day globally, costing the global economy approximately $113 billion per year.
Symantec has long been a leader in the effort to create new approaches to support the fight against cybercrime and to support victims of cybercrime. For that reason, we have a number of initiatives in collaboration with law enforcement and non-profit safety groups which provide law enforcement with training, technical expertise, and improved global cooperation. These initiatives include:
- Cybercrime Victim Assistance Program: In April 2014, we launched website. The site provides cybercrime information, such as videos and guides on preventing and recovering from Internet-related crimes, and directly links victims to the Internet Crime Complaint Center (IC3) to file complaints of malicious internet activity. The launch of VictimVoice.org is the result of a two-year partnership between Symantec and the National White Collar Crime Center (NW3C).
- Cybercrime Prosecutor Training: We sponsor the UCLA School of Law to produce an annual cybercrime mock trial for law students to help train the “next generation” of cybercrime prosecutors. Last year we had more than thirteen teams compete from all around the country.
- Cyber Career Connection: We are part of a cybersecurity training partnership to solve the cyber career gap and move underserved young adults out of low-end jobs and into highly paid and meaningful careers. Read more about this on the Symantec Cyber Career Connection page.
- Government Cybersecurity Partnership: Symantec works closely with governments and government entities around the world to help to raise awareness, mitigate threats, and share cyberthreat information to better protect citizens, and their information and critical infrastructure. Two recent examples include Europol’s Cyber Crime Center (EC3) and the Organization of American States.
- Cybercrime Investigations: Symantec is taking the fight to cybercriminals by partnering with law enforcement agencies around the world, including the FBI, INTERPOL, Europol and other national law enforcement agencies, to investigate and help disrupt cybercrimes. We contributed to several investigations and botnet disruptions this year, including the takedown of the Ramnit botnet. Symantec also partnered with the FBI, the U.K. National Crime Agency, other law enforcement agencies and industry partners to bring down the financial fraud botnet Gameover Zeus and ransomware network Cryptolocker. These are just two examples of what can be done when private industry and law enforcement join forces to go after cybercriminal networks.
At Symantec we recognize that we face many challenges in our effort to protect against and fight cybercriminals. But while there is still much work to be done, we are making progress. Today, at all levels, both government and industry recognize the imperative for cooperation and partnerships to fight cybercrime. No single company or government can “go it alone” in the current threat landscape. The threats are too complex and the stakes are too high. Ultimately, defeating cybercriminal networks will require strong technical capabilities, effective countermeasures, industry collaboration, and law enforcement cooperation to be successful. You can find our Introduction to Cybercrime & Crimeware podcast, and other useful information on our Cybercrime page
Developing Policy to Promote Cybersecurity
Cybersecurity requires not only individual consumer and business action, but also internationally coordinated legislation and policies. For this reason, Symantec advocates for effective laws and regulations and coordinates with governments and law enforcement agencies worldwide to ensure that they have the training and resources needed to aggressively pursue cybercriminals.
Our priorities for influencing policy include the following:
Focus on behavior, not technology. Symantec believes that laws to deter cybercrime should focus on punishing bad behavior rather than regulating the technology itself. Laws should criminalize acts such as intentionally obtaining or transmitting personal information with the intent to defraud a person or damage a computer, not simply outlaw programs capable of collecting or transmitting data that also have many legitimate uses. Similarly, laws must be technologically neutral and not pick “winners” and “losers” or they could inadvertently stifle innovation.
Increase penalties. Stronger cybercrime penalties and enforcement measures are needed to punish and deter bad actors who seek to capture information from a user’s computer without authorization. These penalties must coexist with provisions that account for innocent, unsuspecting users whose computers are unknowingly taken over by cyber criminals.
Develop a model approach for use globally. Unless crimes are defined in a similar manner across jurisdictions, coordinated efforts by law enforcement officials to combat cybercrime will be complicated and sometimes impossible. Therefore, a globally harmonized framework of legislation against e-crime is needed, preferably developed through a coordinated, public-private partnership to produce a model approach that eliminates the risk of inadvertently creating cybercrime havens.
Privacy. Security is an indispensable underpinning of true and lasting privacy, but security must be implemented in a way that respects individual privacy. As such we advocate for policies that meet both of these requirements – security and privacy. For instance, we support strong, uncompromised encryption, and believe that companies that share cyber threat information should only do so after they have stripped out any personally identifiable information. Governments play an important role in ensuring security – but this cannot be at the expense of the privacy of their citizenry.
Modernize Cybercrime Laws. In the U.S. we encourage amending laws such as the Electronic Communications Privacy Act, which was written before most people had heard of the Internet. This is no less true overseas, where most nations’ laws also are playing catch-up with the pace of innovation and technology. A major challenge today is that in order for governments to share cyber information internationally, we must still proceed through Mutual Legal Assistance Treaties (MLATs) and Letters Rogatory – processes first developed in the 1800s – and take far too long to address the real-time nature of cybercrime. To keep pace with 21st Century threats, the MLAT process should be overhauled and streamlined.
Avoid duplication of effort through enforcement partnerships. Law enforcement efforts should be coordinated across international, national and local levels in order to share expertise and technology and avoid costly duplication of effort.
Improve Information Sharing. Companies want to work together to stop cybercrime by sharing threat and vulnerability information with each other, with non-profit organizations, with academia, and with the government. We need to modernize our laws to ensure that we encourage and even incentivize sharing of cyber threat information so that we can all stay ahead of the cybercriminals. Of course this must be done in a way that ensures that privacy is protected and that companies don’t unnecessarily share personal information.
Stopping Software Piracy
To learn about stopping piracy and Symantec’s anti-piracy efforts, visit our piracy website
. We also developed an anti-piracy tip sheet and video with to help educate students about piracy issues.