Intel / Cyber Operations
OSINT intel briefs, structured summaries, and trend signals. Topic: Cyber-Operations. Updated briefs and structured summaries from curated sources.
← back to ALL
Prosecuting cyber-enabled international crimes: What solutions are available?
Prosecuting cyber-enabled international crimes: What solutions are available?
2026-02-05T06:59:16Z
Open source | Open detail
Full timeline
0.0–300.0
Harmful cyber operations are increasing in pace, scale, and impact, with identity theft remaining the primary method for cybercriminals. The need for international cooperation in prosecuting cyber-enabled crimes is emphasized by experts from various institutions.
  • Harmful cyber operations are increasing in pace, scale, and impact
  • Cybercrime is evolving into an industrialized global enterprise, often operating from permissive jurisdictions
  • Identity theft remains the primary method for cybercriminals, with most attacks stemming from compromised credentials
  • % of identity attacks are conducted through password spray or brute force methods
  • The panel includes experts from Microsoft, Reading University, and the Oxford Institute of Technology and Justice
  • The discussion emphasizes the need for international cooperation in prosecuting cyber-enabled crimes
  • The event encourages audience participation through questions and social media engagement
300.0–600.0
Multi-factor authentication effectively blocks over 99% of unauthorized access attempts, highlighting its importance in cybersecurity. AI is increasingly used by malicious actors to enhance the scale and sophistication of cyber fraud and social engineering attacks.
  • Multi-factor authentication effectively blocks over 99% of unauthorized access attempts
  • AI is enhancing the scale and sophistication of cyber fraud and social engineering attacks
  • Malicious actors are increasingly using bots to create fake accounts, with 1.6 million attempts blocked per hour
  • AI-generated identities have seen a 195% increase globally, highlighting the need for robust verification processes
  • Nation-state threats involve organized groups focused on cyber espionage to achieve geopolitical objectives
  • The most targeted sectors for cyber espionage include IT, research, academia, government, and NGOs
  • The United States, Taiwan, Israel, and Ukraine are among the most targeted countries in their respective regions
  • Cyber operations can disrupt critical infrastructure, affecting hospitals, water supply, and power grids
  • Identity manipulation in cyber operations can lead to persecution and exposure of vulnerable groups
  • Supply chain exploitation complicates attribution and remediation efforts in cyber incidents
600.0–900.0
Cyber-enabled international crimes include genocide, war crimes, and crimes against humanity, which are prosecuted by the ICC. Cyber operations can facilitate traditional kinetic crimes, such as missile attacks on civilian infrastructure, leading to significant civilian harm.
  • Cyber-enabled international crimes include genocide, crimes against humanity, war crimes, and aggression
  • The International Criminal Court (ICC) focuses on prosecuting these serious international crimes, not ordinary cyber crimes like fraud
  • Cyber means can facilitate traditional kinetic crimes, such as missile attacks on civilian infrastructure
  • War crimes require a contextual element, typically occurring in armed conflict, which can be initiated or exacerbated by cyber operations
  • Examples of cyber-enabled war crimes include targeting civilian energy infrastructure, as seen in the conflict between Russia and Ukraine
  • The ICC has issued arrest warrants for high-ranking Russian officials for war crimes related to attacks on civilian objects
  • Cyber operations can lead to significant civilian harm, equating to traditional methods of warfare in terms of legal accountability
  • Hacking air traffic control systems can result in crimes against humanity if it leads to mass casualties
900.0–1200.0
Cyber operations can facilitate traditional crimes, including genocide and torture, through digital platforms. The existing legal framework can be applied to cyber-enabled crimes without necessitating changes to the statute.
  • Cyber operations can facilitate traditional crimes, such as genocide and torture, through digital platforms
  • Mental harm can be inflicted via the circulation of sensitive images, impacting personal dignity
  • The crime of aggression may require significant cyber power to meet the legal threshold of a manifest violation
  • Cyber attacks can be part of larger kinetic operations, as demonstrated by the U.S. raid in Venezuela
  • Crimes against the administration of justice can be executed through cyber means, including intimidation of judges and tampering with evidence
  • The existing legal framework can be applied to cyber-enabled crimes without necessitating changes to the statute
  • A new policy is needed to signal readiness and address practical challenges in prosecuting cyber-enabled crimes
  • Jurisdictional questions arise regarding where cyber crimes are committed and who is responsible
1200.0–1500.0
The International Criminal Court is evolving its frameworks to address the complexities of prosecuting cyber-enabled international crimes that cross multiple jurisdictions. This adaptation involves navigating the challenges of determining jurisdiction and the role of corporate actors in facilitating such crimes.
  • The International Criminal Court (ICC) is adapting its frameworks to address cyber-enabled international crimes that span multiple jurisdictions
  • Cyber operations can involve actors from different countries, complicating the determination of where a crime was committed
  • Jurisdiction may apply to both the state where the cyber conduct occurs and the state where the effects of the crime are felt
  • There is ongoing debate about whether data can be considered an object under international humanitarian law, particularly in the context of cyber attacks
  • Facilitation of cyber crimes by IT companies raises questions of complicity similar to traditional forms of aiding and abetting criminal acts
  • The corporate sector plays a significant role in cyber operations, impacting the prosecution of cyber-enabled crimes
1500.0–1800.0
Prosecution of cyber-enabled international crimes is complicated by the covert nature of cyber activities and the spread of evidence across multiple jurisdictions. The International Criminal Court's new policy aims to adapt international law to address these challenges, but significant hurdles remain in investigations and prosecutions.
  • Prosecution of cyber-enabled international crimes faces significant challenges due to the covert nature of cyber activities
  • Evidence in cyber cases is often spread across multiple jurisdictions, complicating investigations
  • Open source evidence, such as social media posts and videos, can be fragile and subject to deletion by platform providers
  • The rise of deep fakes raises concerns about the reliability and verification of digital evidence
  • Sophisticated cyber operations may require specialized digital and forensic expertise for effective investigation
  • Mutual legal assistance treaties between states are often slow and cumbersome, hindering timely prosecution
  • Private sector involvement may be necessary to obtain the expertise required for cyber crime investigations
  • The International Criminal Courts new policy aims to adapt international law to technological advancements
1800.0–2100.0
The investigation and prosecution of cyber-enabled international crimes is complicated by the involvement of private sector infrastructure and the need for efficient evidence gathering. Recent treaties and conventions aim to address these challenges, but concerns about human rights implications persist.
  • The investigation and prosecution of cyber-enabled international crimes is complex due to the involvement of private sector infrastructure
  • The Budapest Convention on Cybercrime has 81 states parties and facilitates the efficient gathering of electronic evidence
  • A recent global cybercrime trends report indicated that 97% of states have reformed their laws related to cybercrime in the last decade
  • The UN cybercrime convention, signed by over 70 states, is expected to come into force soon and covers serious crimes, including cyber-enabled international crimes
  • New procedural treaties, such as the second additional protocol to the Budapest Convention, aim to expedite evidence gathering between states
  • The ICC relies on states parties for evidence collection, with most EU member states being parties to the Rome Statute
  • Concerns have been raised regarding human rights implications of cybercrime laws, particularly their use against journalists and human rights defenders
  • The UN cybercrime convention includes provisions to ensure implementation in accordance with international human rights law
2100.0–2400.0
Several countries have successfully prosecuted foreign fighters for war crimes involving the filming of atrocities. The complexity of cyber operations and the lack of resources in many national prosecution services hinder effective investigations.
  • Several countries, including Germany, Finland, the Netherlands, and Sweden, have successfully prosecuted foreign fighters for war crimes involving the filming of atrocities
  • Investigating major cyber operations is challenging for individual states due to the complexity and time required for digital forensics
  • Many national prosecution services lack the necessary e-discovery facilities to manage large volumes of data sent by private sector providers
  • There is a need for collaboration between cybercrime units and war crime units within prosecution authorities to effectively address cyber-enabled international crimes
  • Joint investigations are becoming increasingly valuable, with treaties like the Budapest Convention and the LObiiana Hague Convention promoting international cooperation
  • The joint investigation into the MH17 tragedy exemplifies the effectiveness of collaborative efforts among multiple countries in complex cases
  • A joint investigation team was quickly established in response to the Ukraine conflict, involving seven prosecution authorities and aiding the ICCs investigations
  • States must have appropriate legislation in place to participate in joint investigations, which many currently lack
2400.0–2700.0
The UN cybercrime convention has facilitated greater involvement of civil society and industry in negotiations compared to previous efforts. IT companies play a crucial role in identifying cyber threats, providing context, and supporting lawful cooperation with law enforcement.
  • The UN cybercrime convention allowed for greater participation from civil society and industry compared to previous negotiations
  • Member states can veto the participation of specific entities in UN discussions, impacting the inclusion of stakeholders
  • IT companies can help identify emerging cyber threats and provide context for understanding them
  • Attribution of cyber incidents requires clear mapping of actors and their methods, which IT companies can assist with
  • Timely incident response is crucial for preserving evidence and mitigating harm during cyber intrusions
  • Disrupting criminal infrastructure can raise the costs of cybercrime, a role that IT companies can play
  • Lawful cooperation between industry and law enforcement is essential for providing reliable evidence in court
  • Sharing knowledge and trends within the industry can enhance overall resilience against cyber threats
2700.0–3000.0
The rise of harmful cyber operations necessitates effective prosecution methods, with tech companies playing a crucial role in providing evidence. Domestic legal frameworks are essential for facilitating evidence sharing between private entities and international courts.
  • The rise of harmful cyber operations necessitates effective prosecution methods
  • Tech companies can assist in investigations by providing evidence, though cooperation is often voluntary
  • Domestic legal frameworks are essential for facilitating evidence sharing between private entities and international courts
  • Challenges exist in disclosing methodologies for evidence collection, particularly regarding interception and hacking
  • The International Criminal Court (ICC) requires cooperation from tech companies to effectively prosecute cyber-enabled crimes
  • Building internal capacity within the ICC is crucial for handling cyber-related cases
  • Past cases have utilized interception evidence successfully, indicating potential pathways for future prosecutions
3000.0–3300.0
The first ICTY case involved legal procedures against a camp prison guard, highlighting the complexities of prosecuting cyber-enabled crimes. The use of AI in military decision-making raises challenges regarding intent and knowledge in prosecuting commanders, but the ICC's technology-neutral statute can accommodate new technologies.
  • The first ICTY case was the Staddich case, which involved legal procedures against a camp prison guard
  • An ideal first cyber case would focus on offenses against the administration of justice, being manageable and straightforward
  • States often gather evidence across networks without consent, leading to reluctance in submitting that evidence for international prosecutions
  • AI is viewed cautiously in relation to international criminal law, with concerns about its implications for criminal liability
  • The use of AI in military decision-making raises challenges regarding intent and knowledge in prosecuting commanders
  • The ICC typically prosecutes individuals responsible for large-scale crimes, making it easier to establish intent despite AI involvement
  • The statute governing international crimes is technology-neutral, allowing for the accommodation of new technologies like AI
3300.0–3600.0
Countries like Nigeria and Eswatini have enacted cyber crime laws addressing serious offenses, but their effectiveness is questioned due to reliance on disinformation. The International Criminal Court faces challenges in prosecuting private companies involved in cyber operations, highlighting a gap in international legal frameworks.
  • Countries like Nigeria and Eswatini have enacted cyber crime laws addressing issues such as genocide and crimes against humanity
  • The effectiveness of these laws is questioned due to their basis in disinformation rather than clear definitions of cyber-enabled crimes
  • The International Criminal Court (ICC) faces challenges in prosecuting private companies involved in cyber operations, such as Pegasus
  • There is a need for greater clarity in international law regarding the prosecution of cyber-enabled international crimes
  • Only two national positions on international criminal law, from Austria and Belgium, currently exist, highlighting a gap in legal frameworks
  • The development of law in this area may benefit from more national positions or alternative mechanisms for clarity
  • The complementarity principle under the Rome Statute raises questions about the adequacy of domestic prosecutions for international crimes
3600.0–3900.0
Jurisdiction is crucial for prosecuting cyber-enabled international crimes, with corporate offenders being prosecutable but not the corporations themselves. National policies on cybercrime are essential for legal clarity and resource allocation, and international discussions should involve platforms like the UN Global Mechanism.
  • Jurisdiction is essential for prosecuting cyber-enabled international crimes
  • Corporate offenders can be prosecuted, but not the corporations themselves under domestic law
  • National policies on cybercrime are desirable for legal clarity and resource allocation
  • International discussions on cybercrime should include platforms like the UN Global Mechanism
  • There is a need for constructive dialogue among countries regarding international law provisions
  • Cross-border data flows pose challenges for countries outside of established conventions
  • Private sector collaboration is crucial for disrupting cybercrime and sharing evidence
  • The National Crime Agency is partnering with non-convention countries to address cybercrime
3900.0–4200.0
International cooperation is increasingly vital in combating cybercrime, with multi-agency approaches emerging to address threats like ransomware. Operations such as Chronos demonstrate the effectiveness of partnerships among states, international organizations, and tech companies in tackling cybercriminal activities.
  • International cooperation is crucial for addressing cybercrime, especially in a fragmented global landscape
  • Multi-agency approaches involving states, international organizations, and tech companies are emerging to combat cyber threats like ransomware
  • Operation Chronos successfully dismantled the infrastructure of the major ransomware actor, LockBit, leading to arrests and sanctions
  • Structured partnerships, such as the USs Joint Cyber Defense Collaborative, enhance confidence among tech companies to participate in cyber defense efforts
  • The ICC has strengthened its partnerships with organizations like Europol and Interpol to leverage valuable evidence in cybercrime cases
  • Challenges in collecting and verifying cyber evidence may impact the standard of proof required in prosecutions
  • The complexity of modern technology, including AI and encryption, complicates the prosecution of cybercriminals
  • Concerns are rising about the potential for businesses to face prosecution for data handling while actual cybercriminals evade justice
4200.0–4500.0
Prosecutions of cyber-enabled international crimes face significant challenges, particularly regarding corporate offenders and the complexities of jurisdiction. Recent initiatives have led to some successful extraditions, indicating a growing recognition of the need for effective legal frameworks.
  • Prosecutions of cyber-enabled international crimes face challenges, particularly when targeting corporate offenders
  • The International Criminal Court (ICC) employs three thresholds of evidence: reasonable grounds for arrest warrants, substantial grounds for confirmation of charges, and beyond reasonable doubt for convictions
  • Judges have flexibility in interpreting evidence, as demonstrated in the conviction of Radhovan Karajic for genocide based on inferred intent
  • Cyber criminals often make irrational statements that can be used as evidence against them, aiding successful prosecutions
  • Despite low conviction rates for certain crimes, such as rape, there is a call to persist in pursuing justice for cyber crimes
  • The U.S. has prosecuted cyber criminals from countries like Russia, Iran, North Korea, and China, but many remain unextradited
  • Speaking indictments serve to establish a normative framework for justice, even if immediate extradition is not possible
  • Recent initiatives, such as the Cantor Ransomware Initiative, have led to some successful extraditions of cyber criminals to the U.S
  • States are increasingly active in addressing cyber crime, forming treaties and updating laws to include cyber offenses
4500.0–4800.0
The rise of cyber operations necessitates effective prosecution strategies for cyber-enabled international crimes. International cooperation can restrict the movement of cyber criminals through mechanisms like Interpol's red notices.
  • The rise of cyber operations necessitates effective prosecution strategies for cyber-enabled international crimes
  • International cooperation can restrict the movement of cyber criminals through mechanisms like Interpols red notices
  • Establishing intent in cyber crime cases poses significant challenges for legal authorities
  • The Rome Statutes principle of complementarity encourages states to actively engage in prosecuting cyber crimes
  • Private sector involvement is crucial in investigations, but raises concerns about potential complicity in cyber crimes
  • The report emphasizes the need for practical implementation strategies to guide states in addressing cyber-enabled crimes
  • Questions arise regarding the legal status of computer data under international humanitarian law (IHL) in the context of cyber operations
  • The impact of cyber operations on critical infrastructure, such as hospital systems, highlights the need for legal clarity
4800.0–5100.0
The rise of harmful cyber operations necessitates effective legal frameworks for prosecution. Balancing privacy concerns with the need for cooperation in cybercrime investigations is a significant challenge.
  • The rise of harmful cyber operations necessitates effective legal frameworks for prosecution
  • Balancing privacy concerns with the need for cooperation in cybercrime investigations is a significant challenge
  • Lawful mechanisms exist for private sector cooperation with state requests for information
  • Cyber operations that directly cause death or injury are treated as attacks on civilians under international law
  • Disruptive cyber actions, such as data deletion, may not be prosecuted unless they result in direct harm
Related
On the Record: Microsoft's Brad Smith talks AI, energy and Gulf innovationFrance to boot out U.S. apps for homegrown brand | #shorts #France #USApps #TechPolicyGen A Alumni x Akkodis: Humanity at WorkCyber is a perpetual weapon: The Physical Reality of Virtual WorldAsia’s Money Machine: Power, Corruption & the Price of Growth | The Cost of Asia’s Economic RiseInside China’s Cyber War NetworkInside China’s Cyber War Network