More countries are beginning to recognize the need for greater coherence in their response to malicious cyber activity, especially among law enforcement, national security and intelligence services. As a former UK attorney-general outlined in a 2022 speech, ascertaining whether a cyberattack is perpetrated by a state actor or a criminal group when it first happens is difficult. This problem calls for cross-disciplinary and cross-governmental efforts to address a wide range of threats, whether those threats are politically or criminally motivated.
As the global threat of cybercrime continues to escalate and grow in complexity, both within and across borders, the need for a collaborative and strategic response is clear. Countering cybercrime effectively requires a unified effort, with relevant stakeholders joining forces to assess the scale and nature of the cybercrimes they face, establish priorities, identify the optimal mix of interventions, evaluate the impact of adopted strategies and adapt responses accordingly. By adopting such a comprehensive approach, countries can develop tailored processes for tackling cybercrime suited to their individual contexts. Such an approach will also enable the implementation of scalable interventions that are effective in reducing the impact of cybercrime on both economies and societies at large.
The case for a strategic approach can, of course, be made for any kind of anti-crime measure. But cybercrime has unique characteristics that make this proposal particularly relevant. For example, cybercrimes are generally conducted from a distance and tend to be simultaneously directed against multiple victims, who are often located in different jurisdictions. As such, cybercrime breaks the ‘crime triangle’ of offender, victim and location that underpins much of crime-fighting orthodoxy. Cybercrime requires a greater level of collaboration and coordination between different stakeholders, including local and national components of the criminal justice system, other public authorities, international partners, the private sector and civil society.
Countering cybercrime also requires skills that are often in short supply, even in developed countries. Despite measures like the creation of central specialist units and targeted professional training schemes, keeping up with the latest cyber capabilities is still a challenge. Demand for these skills usually outstrips supply and the cybercrime landscape is constantly evolving. Other factors, such as limited knowledge, experience, capabilities and resources, often hamper attempts to fight cybercrime.
A strategic approach to cybercrime can help overcome these challenges and allow countries to develop bespoke interventions that suit their specific circumstances. Such an approach can help stakeholders identify and agree on national-level priorities, and to assess the required capacities, capabilities and resources to address those priorities. It can also help promote unity of purpose among the various stakeholders, and enable them to measure the overall effectiveness of the interventions and adjust where necessary.
This research paper proposes a new structure for developing a strategic approach – in the form of the Strategic Approach to Countering Cybercrime (SACC) framework. The SACC framework is intended to initiate a structured conversation among policymakers on how to tackle cybercrime comprehensively and strategically. It aims to assist countries in developing a set of interventions that address their specific needs and priorities, identify gaps in any current or existing plans, and benefit from established good practice and practical support available from the international community. The framework is detailed in Chapter 2 and consists of five stages covering the full cybercrime-response life cycle: strategy development; establishing the enablers; establishing operational capability; tasking and prioritization; and evaluation.
Chapter 3 then explores the potential applications of the SACC framework, offering three options as examples – focus group methodology, self-assessment and simulation exercises – and providing insights into their deployment across various scenarios and contexts.