Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

Cross-border cyber attacks suspected to originate from North Korea sparked bitter protests from South Koreans last year.

The first international treaty on fighting cyber crime went into effect six years ago. Called the European Convention on Cybercrime, it aims to make different country’s laws compatible and promote investigative coöperation. But progress has stalled.

Just 30 nations, including the United States, have ratified the treaty. China and Brazil haven’t even signed it. Most troubling is that Russia–which the Internet infrastructure company Akamai identifies as the leading source of computer attacks as of late 2009–has also refused to sign. Russia objects to a provision that would let foreign investigators bypass governments and work directly with network operators.

In the face of all these delays, criminal threats continue to evolve. Cloud computing, in particular, makes it easy to move data across borders and obscure the true origin of attacks. Some European politicians say that the European Union should create a cyber security czar. Other experts think countries should just work out agreements one on one. “We need to cut deals with countries we have problems with, not pursue a general convention which requires ratification in many countries,” says Veni Markovski, who ran an Internet service provider in Bulgaria and is the representative to Russia from ICANN, the organization that assigns Internet domain names.

Representatives from the major nations have gathered several times recently for talks that could lead to bilateral agreements. Without one we’re all less secure, because cyber criminals know they can wage attacks without getting caught, says Charles Barry, senior research fellow at the Center for Technology and National Security Policy at the National Defense University in Washington, DC. “Agreement among at least the major cyber players on what constitutes illicit behavior should be a high priority,” he says.

0 comments about this story. Start the discussion »

Credit: Lee Jin-Man/AP

Tagged: Computing

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me