Cyber Crime Fighting Capacity in BiH

{gallery}newsletters/7/4/{/gallery}There are good and bad news in terms of cyber crime fighting capacity in BiH. The good news is that Bosnia and Herzegovina does not, at the current moment, seem to be a hotbed for cyber criminal activity. The bad news is, BiH is not particularly well equipped to handle the detection, investigation, and prosecution of criminals using the internet to steal information, rob people of their identity, disrupt and deny internet service, and spread illicit content.

In an interview with Professor Muhamed Budimlić, and expert in the field of cyber criminology, BiH has begun initiating efforts towards harmonizing its criminal code and enforcement policies with the Convention on Cyber crime. However, not enough is being done in this respect.

Lack of Awareness

Part of the problem, he argues, is simply one of awareness. Police and prosecution institutions are only beginning to understand the threats posed by cyber crime. Currently, the Prosecutor’s Office is initiating legislation to handle criminal threats to judges via electronic means.

SIPA, on the other hand, does not have an investigative unit devoted to cyber criminal activity. However, SIPA has had some success in coordinating with foreign law enforcement agencies to apprehend criminals using BiH IP addresses.

According to Professor Budimlić, a major obstacle to harmonization with international norms on cyber crime is one of jurisdiction between entity and federal enforcement agencies. Property and copyright crimes are handled at the federal level, whereas many of the more serious cyber crimes fall within the jurisdiction of the entities.

Professor Budimlić thinks that it should be the other way around. He argues that the entities would be more effective in combating property and copyright crimes, whereas the federal government is in a better position to handle most other cyber criminal activity.

Namik Plivčić, a senior systems engineer for IT firm ConnexIT and instructor/ IT trainer at the Center for Computing Education, echoes the sentiments of Professor Budimlić. Plivčić believes that the two greatest concerns for cyber security in BiH are: 1) inadequately defined laws and legislation in the field of IT security and 2) Inadequate training and education of IT security staff.

Plivčić observed that, “The most important thing is to have rules and the instruments to enforce those rules.” Cyber crime is particularly difficult to detect and it is even more difficult to identify who actually committed the crime. BiH does not have sufficient identification and auditing systems to monitor and prosecute serious cyber crimes. As such, many of the victims of cyber crimes are not likely to report cyber crime, or even realize that cyber criminals have targeted them.

Plivčić recommended closer cooperation between the government and the private sector. Private firms are doing much of the cyber security within BiH, in-house. Cyber criminals often attack private-sector companies as they provide lucrative targets, are frequently susceptible to cyber crime, and they often do not report the crime for fear of negative publicity.

Currently, law enforcement agencies must compete with private firms for talented IT security staff. This is a difficult task, as private firms tend to offer higher salaries. Instead of competing, Plivčić argues, that private-sector expertise can be consulted to study and devise better solutions to cyber criminal threats.

Harmonize & Integrate

The bad news about cyber crime is that it is a stateless entity that is capable of wreaking havoc to commerce, stealing identities of individuals, and disrupting effective governance. The good news is that cyber crime offers a powerful motivator for states to cooperate and assist one another.

Integration with Europe and NATO is one way for BiH to tap into a whole wealth of expertise and resources, thereby boosting its own capacity to fight cyber crime.

Text and photo by Michael MORELAND