Q&A: Olympics cyberattack not a major threat, says Interpol official

Terrorism is the greatest concern, says organization's director of police services

SEATTLE -- With cybercrime now a global phenomenon, perhaps it will take a global police organization to keep it in check.

Interpol is not the first law enforcement group that most people associate with the fight against online crime, but the 85-year-old data-sharing organization for police has been taking an increased interest in the phenomenon of late, helping train the next generation of cybercrime investigators on fighting botnets and forming regional working groups to focus on IT crime threats.

Interpol has firsthand experience with online attacks, too. Jean-Michel Louboutin, the organization's executive director for police services, says that its network was hit recently by a botnet attack and is attacked by 100,000 computers each day.

IDG News Service caught up with Louboutin at Microsoft Corp.'s Law Enforcement 2008 conference this week to ask him about cybercrime, terrorism and the Beijing Olympic Games in August. The following is an edited transcript of the interview.

Do you see any areas of the world that are emerging sources of concern when it comes to cybercrime? Terrorism. I think the main concern for the world is terrorism, fraud. This is very important. [Terrorists] use the Internet a lot. We can have different networks of terrorism using the Internet, because it is very easy to create a site. You can create propaganda. You can recruit. Now the main recruitment for Afghanistan is over the Internet.

Terrorists are chatting on Internet sites. They can provide tools for training. They can set up rendezvous. They can use encrypted language to give orders. It is a major trend.

Terrorists are not generally considered to be very good at hacking into systems, though. I was not speaking about hacking. This is more difficult, more technical. But I do not share the view that terrorists are low-level, because you know it is very easy to learn. Accessibility to education is easier than in the past and, in particular, on the computer, you have access to everything you want. These people train themselves to use these tools.

Are the terrorists getting better with computers? I am sure.

I have another comment. Hacking will be more and more difficult because of the security of systems. A company like Microsoft is taking care of a lot of that. We can better encrypt and better protect with the firewall, for example.

The Interpol network, for example, is attacked more than 100,000 times every day, without success because the security is very well done and to enter it is too difficult.

What type of attacks do you typically see? Distributed denial of service (DDOS)? Yes, it is to make the system slower.

What is the point of doing that? It would just draw the attention of law enforcement. You can imagine how the guy would be proud to say, "I shut down the Interpol system."

Lately, we've been hearing a lot about the professionalization of hackers and how they only work for money, but what you're talking about is the opposite. It's doing something for prestige, really. To launch a DDOS attack on Interpol is not going to get you any money. But when you identify the hacker, and the hacker is 15 years old, it is not for money. He doesn't come from a criminal organization.

There was a report from the China CERT (Computer Emergency Response Team) recently talking about how it is worried about a cyberattack during the Beijing Olympics. A cyberattack on what?

I'm guessing, but maybe the systems that report the scores. The main concern for the Olympic Games is the physical security of the visitors who are going to China and to avoid any terrorism attack. Of course, Interpol is involved in the security of the Olympic Games, and we are in a close relationship with the authorities. We are going to provide access to our global databases. We will send a team which will be connected to the Interpol network. We have already trained people.

But for the time being, we are providing threat assessment for the Olympic Games, and we did not detect a main threat regarding cybercrime. It would maybe be an attack on a small network regarding the tickets.

Copyright © 2008 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon