March 12, 2009, 9:40 AM — More countries are joining a network designed to quickly react to cybercrime incidents around the world, a senior U.S. Federal Bureau of Investigation official said Wednesday.
Fifty-six nations are now part of the 24/7 Network, which means a country has a computer security official available at all times to help meet requests for data or preservation of data from another nation, said Christopher Painter, deputy assistant director of the FBI's cyberdivision.
Becoming part of the network is required under the Convention on Cybercrime, an international treaty that sets a legal model for other countries to follow when writing anticybercrime legislation.
Of 47 countries that are part of the Council of Europe, 24 have ratified the treaty, and 23 others have signed it but are awaiting their national legislatures to ratify it. Countries outside the Council are invited to accede to the treaty, meaning they have national laws in line with the treaty.
The 24/7 Network is intended to improve coordination between law enforcement, as Internet scams and frauds are often executed using networks of hacked computers located around the world.
That poses much difficulty for law enforcement, as potential evidence could be quickly erased or lost, making prosecutions difficult.
"The evidence is ephemeral," Painter said. "It disappears very quickly. You need to have a way of at least preserving that data in other jurisdictions very quickly."
The 24/7 Network started with the G8 nations -- the world's most developed economies -- in 1997 and now has been expanded to countries implementing the cybercrime treaty. On Wednesday, law enforcement, government officials and security professionals held a closed-door meeting at the International Conference on Cybercrime in Strasbourg, France, to discuss its status.
Painter said one issue under discussion is harmonizing the contact lists of people who are part of the network as well as ensuring the protocol and procedures for requesting data to be preserved are uniform.
The long-term goal is to get more nations to sign the Convention, which would also require them to join the network. China, for example, is not part of the network. Computer security experts often point to China as a hotbed of hacking activity.
"We are still reaching out to a lot of countries to get them to join," Painter said.
However, Painter said the U.S. and other countries have bilateral agreements with China dealing with computer security.
Officials are hoping to organize a meeting of the network's members by the end of the year, Painter said. The last one was held two years, and the one before was four years ago.