All it takes is a call or a text message.
There is always “some small indication” of future crimes, says Noboru Nakatani, Executive Director of the INTERPOL Global Complex for Innovation.
Artificial intelligence (AI) can help police identify patterns in what may seem to humans like unrelated incidents. “Now, we have the capability beyond human brainpower to find hidden linkages,” he explains.
At the time of the 9/11 attack in 2001, this was a challenge faced by police in the US. State police had reported cases of unknown people training to be pilots. “But it was not taken into consideration when it comes to actionable intelligence”, Nakatani notes, as police were unable to make the right links.
Technology a ‘game changer’
In the past 15 years, the amount of data that law enforcement officials must comb through has grown massively. Police forces around the world face “enormous challenges” because of digital technologies, believes Nakatani.
“It’s like a game changer,” he says. With criminals and terrorists using the latest technologies, law enforcement will need to change the way they work, he believes. “This is very challenging because everything is digitised, which is new to law enforcement,” Nakatani adds.
AI, for example, speeds up law enforcement and investigations by learning from previous experience. “Based on accumulated experience or data, they can predict how much percent of this would be happening,” he says. The technology is also more accurate than human beings, he adds.
“It’s like a game changer.”
Police simply cannot afford to be unaware of potential threats today, Nakatani believes. “That kind of excuse, we don’t want to see,” he says. “Unknown unknowns should be quite rare” today, he adds. “Otherwise, we may be surprised by some unpredictable crimes that will be impacting society in a great manner just like 9/11.”
Working with private sector
It is crucial that governments collaborate with the private sector to succeed in investigating cybercrimes, Nakatani believes. “We need to open up the process of investigation widely to private sector,” he says.
This is because businesses, and not governments, are often the ones with the most information on cyber hacks. Unlike in physical robberies, people often don’t think to report cybercrimes to the police first, he explains. Instead, they might go to a security company or telco. “Most of the information that law enforcement needs to investigate cybercrime especially rests with private sector,” Nakatani says.
“We need to open up the process of investigation widely to private sector.”
In order to collaborate, governments must build trust with private sector. “We need to build a trustful relationship in order for us to take collective action,” he says. The burden to do this lies with government, however. “Private companies are not able to create such kinds of institutionalised mechanisms,” he says.
Partnerships should be built and run transparently to avoid corruption, he adds. “We need to put in place very careful, clear, transparent mechanisms, and then we should be able to take concerted action against the common enemy,” he says.
Education for government leaders
Law enforcement agencies need to change traditional procedures and priorities in order to tackle cyber crime—and this has to come right from the top. “There must be a political decision. It’s not bottom up,” Nakatani says. “This is awareness raising, not only to the general public, but I think also for decision makers.”
INTERPOL has identified three key trends in cybercrime that officials should know: cyber bank robberies, like the $81 million heist of Bangladesh Bank; ransomware like the massive WannaCry attack; and “business email compromise” where a cyber criminal impersonates a business executive to get employees or vendors to transfer funds or sensitive data.
Governments can change the way they approach cyber crimes by balancing between security risks and growth opportunities. Too much of regulation will stifle innovation, while too little could create chaos. Nakatani advises governments to use a seven-stype cycle to balance this: awareness raising, prevention, detection, mitigation, disruption, investigation and prosecution.
The public sector will need to allocate specific resources at each of these stages. “For instance, in awareness raising, the government has a great role to play,” he says. There could also be some tax incentives for businesses to introduce cyber security services in the market, he adds.
Finally, for “maximum damage to criminals”, businesses must be willing to share cyber crime information with each other. “This kind of mechanism needs to be institutionalised in each industry,” Nakatani says. For instance, the big three German car manufacturers share information on attacks with each other, he says. All three businesses have a great stake in connected and driverless cars, and an attack on cars could do a great deal of damage to the entire automobile industry.
Criminals may always be quicker in adopting technologies. But artificial intelligence and partnerships with innovative businesses could offer governments a chance to step up their game.
Mr Nakatani will be speaking at the INTERPOL World 2017 Congress, held on 4 to 6 July.