Justice News

Deputy Attorney General James M. Cole Speaks at the 80th Interpol General Assembly
Hanoi Hanoi
Monday, October 31, 2011

Good Afternoon. Thank you, President Khoo, for that kind introduction. Thank you Secretary General Noble for hosting this meeting. I would also like to thank our host country and the people of Vietnam for their warm hospitality and I want to congratulate them on their 20th anniversary of being a member of Interpol. And I would like to thank INTERPOL and the National Central Bureaus from around the world for organizing and attending this extraordinary event – celebrating our joint achievements, building upon our relationships, and developing a path forward for this organization. It is an honor to be here and to have an opportunity to address the global law enforcement community.

During my tenure as the Deputy Attorney General, I have come to learn firsthand of the unprecedented level of international cooperation between member countries in developing the critical law enforcement tools of 24/7 communication, information sharing, and coordinated responses. The unwavering dedication to mission by INTERPOL and the world’s National Central Bureaus is both inspiring and critical to our joint successes in combating crime. And the broad array of issues you deal with on a daily basis and on a global scale is simply astonishing: terrorism, transnational organized crime, stolen and lost travel documents, human trafficking, fugitive operations, environmental crimes, counterfeit pharmaceuticals, piracy, and repatriation of lost and stolen art – just to name a few.

The United States and its citizens have benefitted greatly from our robust partnership with INTERPOL and its member countries and allies. You all have played a significant role in adding a layer of security around our borders. For that, we are truly grateful – and we pledge our continued support for the mission of INTERPOL. We must all continue to work together in order to remain more globally organized than the criminals we pursue.

To that end, I'd like to talk about an area in desperate need of INTERPOL’s continued leadership and support – and in need of member countries’ investment, vigilance, and cooperation – it is the area of combating cybercrime.

Cybercrime has become a global crisis and a worldwide epidemic. It takes many forms: It can be used to steal valuable intellectual property; it can be used to steal financial information such as account numbers and passwords allowing access to people's financial assets; it can be used to effect a denial of service attacks; and it can be used to re-direct point of sale transactions to divert the proceeds to the criminal elements. As President Khoo noted this morning, the loses from this type of crime is hundreds of billions of dollars a year and it is the new medium for trans-national organized crime.

But beyond traditional forms of crime, the global cyber threat also poses frightening national security threats. From disruption of critical infrastructure - such as the power grid, nuclear power plants, financial and banking institutions, transportation systems, and vital communication systems - to the recruitment, inspiration and incitement of terrorists; from the theft of classified information to the infection of the supply chain. It is organized, borderless, and dangerous. It presents unique and ever-evolving challenges for law enforcement. It can only be fought through the cooperative efforts of all of our countries. Let me give you some examples.

In August 2008, the United States charged 11 members of an international hacking ring – located in the United States, Estonia, Ukraine, the People’s Republic of China, and Belarus. It was responsible for the theft and sale of more than 40 million credit and debit card numbers obtained from the databases of various retailers. The defendants included one of the world’s top hackers, Albert Gonzalez, and one of the world’s top traffickers in stolen account information, Maksym Yastremski. Gonzalez pleaded guilty and was sentenced to 20 years in prison. Yastremski was convicted on related charges in Turkey and sentenced to 30 years in prison.

Earlier this month, in another devastating form of cybercrime, a U.S. citizen – and previously convicted sex offender -- was sentenced to life in prison. His crime: using his office computer in the United States to engage in an online chat with a young woman in the Philippines and to entice her and her 2-year-old child to produce child pornography via a web camera.

One of the more worrisome trends in cybercrime is the growing prevalence of "botnets" – networks of computers that have been infected by malicious software designed to take control of countless PCs without the user’s knowledge or consent. This network of infected computers is used to steal financial information, launch denial of service attacks to disable targeted computer systems; or gain access to other networks and computers.

In April 2011, U.S. law enforcement disabled a botnet known as “Coreflood” -- created nearly a decade ago and believed to have infected over 2 million computers worldwide. After installation, the malicious software allowed infected computers to be controlled remotely for the purpose of stealing the users' key strokes that revealed personal and financial information. The stolen data was then used to gain access to financial accounts and steal funds. While we could not find the defendants, the botnet was nevertheless disabled using a number of investigative and law enforcement tools, including: the filing of a civil complaint, the execution of search and seizure warrants on servers and domain names, and the issuance of a restraining order.

These are just a few examples, but they help us realize the nature of the problem. How diverse it is, how extensive it is, and how much work we have to do to keep up with these criminals. One of the reasons I was anxious to be here today was to tell you that, on behalf of President Obama, Attorney General Holder, and the entire United States law enforcement community, we pledge our commitment to each of you – and to all of our partners and allies – to advance our joint and global fight against cybercrime. As part of this effort, the United States has developed an International Strategy for Cyberspace that complements the strategies already developed by our international partners and allies, including the Budapest Convention on Cybercrime.

Much like our commitment to INTERPOL, the United States’ strategic approach to combating cybercrime aims to unify our engagement with our international partners and highlight our domestic and international policy priorities. The strategic plan serves as a roadmap for our government agencies to better define and coordinate their roles in international cyberspace policy, to execute a specific way forward, and to plan for future implementation. For those nations that have not done so already, I invite you to join us in realizing this vision of security and openness in our networked world. In particular, I urge countries to become parties to the Budapest Convention. I also call upon the private sector, our communities and citizens, and end-users to reinforce these efforts through partnership, awareness, and action.

As we discuss and plan for these important issues, let me be clear about one thing, the United States fundamentally believes that cyberspace governance does not require the wholesale reinvention of customary international law. Rather, the Strategy and the Cybercrime Convention recognize traditional principles of inter-governmental conduct that are essential to any international environment: they promote order, peace, and mutual respect. They advance basic human dignity; and promotes freedom and economic competition. We are endeavoring to build a consensus of nations that see the value in global networks that are open to new innovations, interoperable the world over, reliable enough to support people's work, and secure enough to earn their trust.

Despite the many successes to which the Cybercrime Convention has contributed, we cannot become complacent as our adversaries will continue to evolve their techniques and their scams. There are only so many ways to walk into a bank and rob it – but there are an infinite number of ways to hack into the world’s finances. Because this evolution in technology was expected when the convention was negotiated, it was drafted to be elastic, to meet future needs without having to be amended. As the drafters understood, cybercrime is a 21st century problem and can only be combated using the 21st century techniques in the convention. We must continue to encourage more nations to ratify the Budapest Convention and to join with us in developing and improving our abilities to combat the global cybercrime threat.

The 2014 opening of the INTERPOL Global Complex for Innovation in Singapore offers a tremendous opportunity for INTERPOL and its member countries to expand operations and further invest in capacity building, forensics, training, research, and the development of best practices in the area of cybersecurity. We must take advantage of this opportunity and utilize all law enforcement tools available to combat cybercrime. And we must continue to think outside the box in search of new methods and techniques in order to stay ahead of this problem.

But I have great hope that we will succeed at this, because our working relationship with our law enforcement partners from around the world has never been stronger. In the area of cybercrime, this collaborative approach has resulted in significant progress in detecting and combating electronic penetrations, data thefts, and cyber attacks on critical information systems.

One recent collaborative effort culminated in the disruption of an internet fraud scheme conducted by several networks of organized cyber criminals in Romania and the United States in July 2011. In a coordinated criminal investigation, Romanian law enforcement officials executed 117 searches targeting individuals operating a fraudulent scheme involving the fake sales of cars and boats over the internet to thousands of victims in the United States and elsewhere. As a result of this robust cooperation, more than 100 individuals have been charged in Romania and 21 individuals have been charged in the United States.

In another case, U.S. law enforcement joined forces with our international partners to investigate an international hacking ring involving individuals from Estonia, Russia, Moldova, and the United States. The perpetrators hacked into a computer network operated by a credit card processing company and, using sophisticated techniques, compromised the data encryption used to protect customer information on payroll debit cards. The hackers then generated counterfeit payroll debit cards and circulated them to a network of "cashers." In a span of less than 12 hours, the cashers used these cards to withdraw over $9 million from more than 2,100 ATMs in at least 280 cities in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan, and Canada. Notably, in the course of this investigation, law enforcement uncovered a previously undetected hacking technique that compromised the bank's encryption system. This information was disseminated throughout the banking sector to prevent future execution of similar schemes.

These inter-governmental investigations and prosecutions are just two examples of what we are capable of doing when we share intelligence and resources to combat cybercrime. Without our law enforcement partners from around the world – none of these results would have been possible.

The last critical aspect of the cyber dilemma I'd like to discuss is the simple truth that the rapid collection and retention of electronic evidence is critical to combating cybercrime. Perpetrators may only be caught and brought to justice if evidence of their criminal activity is timely captured and properly preserved for law enforcement use. As we all know, the investigation and prosecution of these cases can take years. This is particularly true in the area of child exploitation, where the mass transmissions are instantaneous, the origin is easily disguised, and it generally takes a significant period of time to trace the evidence, identify the victims, and bring the perpetrators to justice.

As law enforcement professionals we have two important duties to always keep in mind - effective detection, apprehension, an punishment of criminals AND the protections of privacy and civil liberties so critical to maintaining our free societies. In order to do our jobs properly, we must find a way to accomplish them both. If you just want to enforce the law and give little regard to privacy and civil liberties, it's not so hard to do. Similarly, if you just want to focus on the protection of privacy and civil liberties at the sacrifice of effective law enforcement, it's also not so hard to do. But therein lies the challenge for us. To honor our sacred duty as law enforcement professionals, we must do both. And frankly we can do both.

We need to collect and retain vital evidentiary data in the cyber world. Evidence of crime, evidence of terrorism, evidence of child exploitation. We must do this to keep our countries and their people safe. But we can also establish protections and restrictions on the access to this evidence so that we ensure the freedoms we hold so dear. But in order to fulfill this dual responsibility we all, as law enforcement professionals, need to go back to our countries and make sure that our governments and our citizens understand that both law enforcement and privacy can be honored and must be honored, if we are going to effectively deal with the scourge of cybercrime, in all of its forms.

Standing alone, no country or law enforcement agency has the perspective necessary to fully assess the nature of the threats we face or to adequately address them. Only by communicating effectively, sharing intelligence, and combining resources – with our government and law enforcement partners, our allies, our international business and legal communities, and our citizens – can we truly understand current and emerging threats and create an effective strategy to anticipate and combat these crimes. The worldwide cybercrime epidemic is an extraordinary challenge for all of us. But, by working together across borders and continents, we can turn the tables on cyber criminals and the complex and ever evolving threats that they present.

Thank you all again for attending this extraordinary event and for all that you and your nations have done, and will continue to do, to support INTERPOL’s mission and the goal of keeping our countries and our world safe.

Updated September 17, 2014