December 23, 2016

“The biggest misconception is that the government will solve it all .. They will definitely not!”

Says security expert Michiel Steltman, Director of DINL (Digitale Infrastructuur Nederland)

WebHosting.info was the official Information Partner for ‘ResellerClub Presents HostingCon Europe, 2016’ in Amsterdam.

Here’s an exclusive interview of Michiel Steltman, the Director at ‎DINL (Digitale Infrastructuur Nederland) which connects providers of digital infrastructure in the Netherlands.

How grave is the trial of a guilty hacker / cyber criminal?

The general idea is that cyber crime is a different category of crime but it’s not like the crimes in the physical world but they are committed and conducted through technical means.

(If) you steal somebody’s money, or (commit) fraud, or create or produce child pornography, or do a DDoS (attack), or are coercing people to get their money, the nature of the crime has not changed, only the means that the criminal uses is different. Therefore I think that the means play a minor role in how guilty the perpetrator really is.

If you steal data, you violate people’s privacy, or steal data which represents a certain value. So, it’s always about money or a certain motive that is not different from those in the physical world, only the way people do it is different.

Is the evolution of technology encouraging cyber crime?

I don’t think the Internet (itself) makes people criminals. With technology, it is easier (to commit crime) if you have bad intentions. It is easier to be anonymous and the bottom line is, do people want to do bad things or good things?

And that’s not very different from the physical world, so the fact that it’s an easier opportunity, this automatically turns people into criminals. But the volume of people who have become criminals are not very high.

If you think about it, one script kiddie can (cause an) issue for billions of people, if more and more people become criminals, then the Internet would probably have stopped working a long time ago.

What is your opinion on the concept of ethical hackers?

Its extremely important because these are the people that first find vulnerabilities, they have the curiosity, the explorative powers, the incentive or ideas to find weaknesses.

How else would you find weaknesses? All these you would discover when it is too late.
So ethical hackers, people who have that curiosity, the exploratory ideas, should be rewarded and compensated.

Because this is how you should charge your efforts and you should try to find the holes to make things stronger and better.

So it’s a key ingredient, ethical hackers, and code of conduct for responsible disclosure.

Is there any sort of misconception regarding cyber crime that you would like to address?

Yeah absolutely and I think I’m completely in line with Erik Akerboom (Dutch top official). The traditional law and order thinking says that the police and the ministry of justice have to have more entitlements, more empowerment and more means to, not just detect but also prevent and stop cyber crime.

This means that they should stop the DDoS’es, and some political parties think the answer lies only with the government. They think that the government can stop abuse and bad stuff on the Internet and that is totally wrong. It’s not possible.

The Internet fundamentally is a multi-stakeholder model where many parties have a stake in how the Internet works. That means all the parties have to come together to make it totally resilient and to take anonymity away from perpetrators. That requires out of the box thinking, a new way of approach, but the biggest misconception again is that the government will solve it all… They will definitely not!

Share this articleShare on FacebookShare on Google+Tweet about this on Twitter