New Law In The Netherlands Would Allow Authorities To Hack Cybercriminals
A new law called Act Cybercrime III was proposed to the Dutch parliament, which would allow law enforcement authorities in the country to find loopholes in the software cybercriminals use and hack with.
According to digital crime expert Martijn Egberts, cybercrime is growing and the police canât do much against suspects with the traditional methods, such as wiretapping and house searches. With advanced encryption technologies, cybercriminals can hide easily without authorities locating them. Thatâs the reason why the House discussed the new law proposal, which would give law enforcement more power to catch the suspects.
However, the law already received heavy criticism from privacy advocates and political parties including D66, SP, and Groenlinks. They argued that the police were not authorized to break into yet unknown loopholes in software and apps. The critics painted a picture of investigators paying and searching for information on software vulnerabilities behind the manufacturersâ back. They said that the whole internet will become a less safe place if police participate in weakening encryption applications.
A research conducted by an accounting and consulting firm, Deloitte, shows that Dutch companies and the government lose about 10 billion euros per year due to cyber attacks. According to Egberts, cybercriminals on the dark web can remain anonymous easily by using specific software and encryption tools.
“There are several organizations active in the Netherlands that sell such services to criminals,” he said.
The security expert says that if police will not be granted power to hack the criminals, cybercrime will grow. Companies that are breached tend to not report the crime to police since so few of the actual cybercriminals are caught. Egbert is mostly worried about the financial sector.
“It is attacked continuously. Russian and Ukrainian banks are captured in a series of cyber attacks costing $300 million. I want to avoid similar scenarios in the Netherlands,” the expert said.
In the new law, supporters of Act Cybercrime III state that law enforcement authorities can hack the software criminals use, and reach their devices as well. This includes computers and smartphones. For example, the prosecution would be able to install a spyware on the devices, which tracks the daily activity on the suspectsâ keyboards. Security expert Ronald Prins says that cybercriminals often do not meet in place.
“They work together in a smart international system. The loot is distributed via bitcoin,” he said.
With this current Dutch cybercrime law, a permission will be necessary from the magistrate to hack criminals who are hiding behind encryption applications. The problem is that it is hard to decide whether to issue a warrant and when it is actually going to be issued.
D66 MP Kees Verhoeven, on the other hand, argues that cybercriminals could take advantage of the software loopholes law enforcement authorities discover and use them to hack innocent citizens of the country.
“Any vulnerability that the police is left open to hacking therewith itself, criminals can use to hack citizens. This gives the government a stake to leave infirmities,â Verhoeven said.
Privacy advocate Ton Siedsma from Bits of Freedom says the vulnerabilities in the cyber world should not be abused but fixed as soon as possible.
“You aim for a market where weak spots to be repaired as soon as possible,” he said. “Now, shadowy companies could earn a lot of money with this trade. The government should stay away from this.”