A conference in London last week discussed the challenges posed by the proliferation and irresponsible use of commercial cyber intrusion capabilities and initiated the Pall Mall Process.
Briefly, that’s guiding principles and policy options for states, including the UK and United States, industry and civil society in relation to the development, facilitation, purchase, and use of ‘commercially available cyber intrusion capabilities’. A document released as part of the event at Lancaster House stated that ‘Without international and meaningful multi-stakeholder action, the growth, diversification, and insufficient oversight of this market raises the likelihood of increased targeting for profit, or to compromise a wider range of targets, including journalists, activists, human rights defenders, and government officials’.
Comment
Among cyber firms represented at the event were Meta, Microsoft and ESET. Jake Moore, Global Cybersecurity Advisor, ESET, said: ““Hackers for hire” pose a significant threat to both individuals and organisations, largely due to their extensive knowledge and ability to bypass security systems in order to access confidential information and take down any size or nature of business. These cybercriminals are the most up-to-date hackers and experienced masterminds making them extremely challenging even with the most robust security measures in place. The anonymity and ease of access to these services increase the threat as they can be employed by anyone with a motive from disgruntled employees to rival businesses or even hostile nation state actors. Although this area of policing is difficult, collaborating with international allies to target this increasing threat will naturally put pressure on these criminals and cause a level of disruption to their activities.”
A follow-up conference is proposed in France in 2025.
