The ICT-Crime 2024 conference at SPbU discussed measures to counter cybercrime

In an open discussion format, participants assessed the risks posed by technological developments, the economic sectors most affected, the measures that can reduce the number of cybercrimes and their legal regulation.

The event was attended by representatives from 17 countries and four international organisations. The moderator was Dmitry Babekin, Deputy Director of the Department of International Law and Cooperation of the Ministry of Justice of the Russian Federation.

Andrey Vikhlyaev, a member of the interdepartmental working group of the Russian Federation on combating information crime noted that ability to detect and suppress crimes at the stage of planning and preparation to avoid any harm or damage from unlawful acts is an important indicator of effectiveness of law enforcement authorities and security forces. 

The expert emphasized: "Effectiveness of implementation of combating crime measures depends largely on the operational cooperation between competent authorities, including the process of information exchange. Therefore, while drafting provisions of the international regulations, which contain mechanisms for international law enforcement cooperation, it’s appropriate to provide for the possibility of using modern methods, enabling quick and secure exchange of information, including through protected communication channels and electronic signatures in the process of operational exchange of information in electronic form".

Participants also discussed the impact of technology on society. In the process of digitalisation, people often lose some basic knowledge and risk awareness, which can make them gullible and leave their personal data vulnerable to malicious actors. The implication, experts say, is that ICTs increase society’s overall vulnerability. Inefficiencies in crime prevention allow criminals to evade countermeasures. A number of laws and measures have been enacted to combat cybercrime and protect personal data. For example, banks are obligated to refuse to execute customer orders that violate the law, and investigators and prosecutors have the power to contact foreign law enforcement authorities.

Artem Sychev, Advisor to the General Director of Positive Technologies, spoke about the issues that can arise when commercial organisations participate in cybercrime investigations. Companies often outsource the investigations of such incidents to specialist companies. 

The reports they produce are admissible in court, but their format often differs from that required by the Criminal Procedure Code. It is therefore necessary to standardise such criminal investigation procedures in order to speed up the process and ensure the necessary quality of evidence. The expert also noted that companies that suffer DDoS attacks are often unable to provide sufficient data for investigation due to the speed with which the effects of the attack are eliminated by the companies themselves. In addition to standardising investigation procedures, it is therefore necessary to speed up the collection of evidence.

Artem Sychev added that there is a need to increase the number of qualified personnel in the field of information security, especially among employees of Russian universities. Such improvements may require new educational methods, testing, as well as training programmes in specialised centres.

Boris Miroshnikov, president of the National Association for International Information Security, noted that the lack of clear procedures and algorithms, and the lack of the necessary authority for law enforcement officials, all hamper the fight against cybercrime, while the cross-border nature and speed of attacks make investigation of incidents all the more challenging. Another obstacle is the lack of cooperation with other countries; the solution lies in building trust and creating regional alliances to share experiences and provide legal assistance. 

Information law expert Tatiana Yakova stressed the importance of national legislation and scientific research in the digital sphere. She also highlighted the urgent need for a digital legal code, the development of approaches and experimental legal systems to counter threats, and an increased cooperation with other countries. SPbU Associate Professor Sergey Olennikov, Head of the Criminal Law Department, spoke about SPbU’s assistance in investigating cybercrime through consultancy services, the importance of involving technology experts in this work, and organising cooperation with experts in the field of information law. SPbU Master’s programme in Information Law and Data Protection provides expertise in this area. 

At the end of the session, the experts held an open discussion with participants on various topics related to cybercrime. The experts agreed that ICT-enabled crime remains a global problem affecting all countries. In Russia, the financial sector is particularly affected. According to the conference participants, the state should play a key role in ensuring the security of citizens and fighting cybercrime, and in order to combat it, it is also necessary to raise citizens’ awareness of the risks involved in using the Internet.

ICT-Crime 2024, an international conference on countering crimes committed using information and communication technologies, is dedicated to the development of effective measures against ICT crime, exchange of practical experience and improvement of legislation and regulation in the field of cybercrime.

SPbU has previously discussed the issue of cybercrime. Last December, the University hosted a roundtable where experts discussed the extent of the problem, the ineffectiveness of the usual investigative methods in cases of telephone fraud, the profiles of the victims and the measures that can be taken by the state.