[JURIST] US Secretary of Homeland Security (DHS) [official website] Janet Napolitano [official profile] on Friday criticized [Reuters] other nations for not advancing and embracing new technology, thus leaving themselves open to attacks from cyber-criminals. At an international security conference in Vienna, Napolitano called for an international legal framework to defend and prosecute threats to cyber security. She declined to address the status of any current investigations. Napolitano was referencing the string of recent cyber “attacks” by “hacker-activist” groups Anonymous and Lulz Security (LulzSec) [official twitter accounts]. Anonymous is credited with launching “operations” against a variety of targets whose politics upset them, including Iran, during the 2009 election protests; Amazon, PayPal, MasterCard, Visa and the Swiss bank PostFinance for denying services to Wikileaks; and the governments of Tunisia, Egypt and Libya [JURIST news archives] during their recent revolutions. Anonymous typically engages in distributed denial of service attack (DDoS), which disrupt bandwidth allocations causing web page owners to incur heavy fees and their websites to crash. LulzSec, who claimed to retire earlier this month, is primarily devoted to exposing holes in major websites’ security, but also has taken up some political causes, such as attacking Arizona’s recent immigration legislation [JURIST news archive]. They’ve released documents, usernames and passwords from several organizations, including: Fox News, PBS, Sony, the US Senate, the Central Intelligence Agency (CIA), the Arizona Department of Public Safety, AT&T, Viacom, Disney, EMI, NBC Universal, and the US Navy. Several nations have made arrests from members of both organizations.
Several countries have attempted to bolster cymbercrime security enforcement in recent years. Last week, the Australian Government [official website] introduced legislation [press release] aimed at reinforcing current cybercrime laws [JURIST report] and improving Australia’s international cybercrime security. In early June, US authorities announced that they are investigating claims by Google [JURIST report] that hundreds of personal Gmail accounts were breached by hackers in China. In November 2009, the Iranian government announced the establishment of a new police unit [JURIST report] to fight Internet crime, though opposition leaders said its true purpose was to crack down on protesters and voices of dissent, who rely on the Internet to get their message out. The Finnish legislature passed the Exercise of Freedom of Expression in Mass Media Act [unofficial translation, PDF] in December 2008 that now provides a remedy to victims of Internet crime [JURIST report], but it was not in effect at the time of an incident of Internet pedophilia. The US Senate ratified [JURIST report] the COE Convention on Cybercrime, which is intended to improve information- and evidence-sharing between national governments to prevent crimes on the Internet, in August 2006.