Q&A: Interpol’s Cybercrime Chief on How AI is Driving Borderless Cyber Threats

The Cipher Brief spoke with Dr. Neal Jetton, the Cybercrime Director of Interpol, to discuss how the world’s largest international police organization is taking on the threat. Speaking from last month’s Global Cybersecurity Forum in Riyadh, Saudi Arabia, Dr. Jetton said Interpol-driven efforts like information-sharing, cross-border cooperation and law enforcement training are critical in countering emboldened cybercriminals.

The Cipher Brief: Can you tell us what kind of buzz has been there? Have there been key themes or issues at this very point in time among the cyber experts that you’ve been talking to?

Dr. Jetton: I think you can’t get away from AI here. Every panel, every discussion has an AI focus, and you think, “Ugh, more AI.” But, it’s here. It does impact probably everything. We have a lot of cyber threat intel companies here from the private sector who are working with it every day for their means.

And then from a law enforcement perspective, we look at it kind of as a double-edged sword. I’m from INTERPOL, so we look at how AI can benefit law enforcement in the long run. But as a cybercrime director, I also see how cyber criminals are also utilizing AI to enhance the effectiveness of their criminal activities.

The Cipher Brief: What can you tell us about the role that INTERPOL plays in countering these threats?

Dr. Jetton: So, just a little bit about INTERPOL because maybe there’s some misconceptions about what it is. Even my neighbors sometimes think, “What do you actually do, Neal?” So in INTERPOL, there are 196 member countries. We are focused on law enforcement to law enforcement connections. So what we want to do in the Cybercrime Directorate is understand what our membership is suffering from as far as the type of crimes that they are seeing the most.

So we will send out yearly threat assessments because we think we might have a good idea of what a particular region is suffering from, but we need to hear it directly from the law enforcement officers and experts on the ground. We’ll get that information, and then we’ll turn that around and we’ll try to base our training, our coordination meetings, and then our operations focused on the threats that they, our members, see most commonly.

Save your virtual seat now for The Cyber Initiatives Group Winter Summit on December 10 from 12p – 3p ET for more conversations on cyber, AI and the future of national security.

The Cipher Brief: When we talk about things like attribution, going after threat actors and bolstering cybersecurity, where do those rank on the priority scale for INTERPOL?

Dr. Jetton: Within the Cybercrime Directorate, we have three goals. I tell my team, what we want to do is we want to build up the capacity for our country. So we have to understand what they need, what they’re lacking in terms of tools and training. We then want to provide accurate, useful intelligence to our member countries that they can use and turn into evidence that then helps drive their investigations to be more successful.

But my goal is to increase the capacity for our member countries, to provide relevant intelligence to them so that we have operational success, and we’ve done that. I think we’ve done more than 10 operations this year within the Cybercrime Directorate, both global and regional, focused on the threats that our members are seeing most.

What we will do is, in a lot of instances, we will bring the countries that are participating in our operations all together at one point. We’ll then bring relevant private sector partners, many of them here at GCF, to come and provide training to them on the ground. We will do tabletop exercises, and then at the end of that week, it’s usually a five-day process, we’ll kick everybody out and we’ll just focus on the operation at hand. We’ll say, “We’re going after this malware or these threats. These are the types of steps that we think you should take that would help you in your investigation.”

So we really do want to benefit our members. I want to say though that the success that these operations have had—we’ve had some big wins recently—the lion’s share of the success goes to our member countries, the law enforcement on the ground who are doing the actual investigations, who are going and making the arrests and seeing those things through. We’ve done several recently with great success.

The Cipher Brief: We asked Chris Inglis, who is the former National Security or Cybersecurity Director in the United States, about the connections between nation states and cyber criminal groups. How do you see INTERPOL playing a role in this area? Are there both challenges and opportunities when you’re talking about cybercrime that may be backed by nation states?

Dr. Jetton: That’s one of the misnomers with INTERPOL. The big thing with INTERPOL is neutrality. I came from a task force where we looked at nation state transnational cybercrime. But within INTERPOL, I just have to state that our constitution does not really allow us to focus on investigative matters of a religious, racial, political, or military nature. So we know that that limits the nation state actors, and I’m very aware of that. It’s not like I’m naive to understand who’s behind a lot of these cyber criminal activities. But to maintain that neutrality and trust with 196 members, there is a limit to what INTERPOL is allowed to do. Countries will reach out to you and they will say, “Hey, our government networks have been breached,” and I know automatically this is not your usual financially motivated cyber criminals, there’s something there. So I have to work hand in hand with my legal affairs team to say, “Where can we draw the line?” I don’t just want to say, “No, we’re not doing anything,” but can we provide something, at least the starting point, but we don’t want to provide attribution or state like, “Hey, it’s this person.” But maybe give them a little bit of a head start and then hand off to the countries that provided the intel or are having the issues and then help them along the way.

So I just want to be clear. Nation state actors, there are a lot of organizations that are focused on that, including where I was previously. But INTERPOL, we are really focused on the financially motivated cyber criminals.

Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.

The Cipher Brief: It’s such an interesting patchwork of expertise that it is critical for collective defense. What vulnerabilities do you see from your perch at INTERPOL right now in cyberspace, and where do you think defenses are failing?

Dr. Jetton: For us, when we’re asking countries, “What are the biggest issues that are preventing you from being more successful in combating cybercrime?” A lot of it is the tools and the training, just having insufficient funds to actually drive up their investigative know-how or expertise. But also I think between countries, it’s just the rapid ability to share information.

There are what we call MLATS, Mutual Legal Assistance Treaties. A lot of times it just takes a long time to ask for information. And we know in cybercrime, we need instantaneous help. So I would always encourage countries to reach out to INTERPOL. We have a 24/7 network. That’s why we’re there. I can’t promise we can do everything in every situation, but we will do our very best to make the connection between which countries you need or if you need a particular company. We can’t compel, but we’d put you in touch and at least let you have that conversation.

The Cipher Brief: What are the trends you are seeing right now in cybercrime?

Dr. Jetton: What we’re seeing primarily is the use of AI in increasing the efficiency, scope, and effectiveness of emails and the phishing scams. They’re using this phishing as a platform. You can just blank X as a platform. So it’s these tools that you didn’t have to have a really sophisticated technical level of abilities, and you can have these tools that allow you to then go out and commit fraud at scale. And so we are seeing that.

Also, what we’re seeing is a convergence of different crimes. So cyber is poly-criminal. I live in Singapore, and one of the big things in Southeast Asia are the cybercrime centers. You hear about that all the time. What happens is you have these organized crime groups that are using cybercrime as fraudulent job applications, the emails, things like that, recruiting, and then the human trafficking aspect of it, and then forcing the people to commit the cybercrime while they’re there. So we see that as a huge issue, the poly-criminal aspect of cyberware. It doesn’t matter if it’s human trafficking, drugs, guns—there’s going to be some sort of cyber element to all those crimes.

The Cipher Brief: What are some of the most interesting conversations that you’ve had on the sidelines there? Has there been anything that’s surprised you from some of the other guests and speakers?

Dr. Jetton: We were talking about the use of AI and where we think it’s going, whether it’s kind of positive or negative. What I was surprised at was, I was on a panel and I was the only person that had the glass half empty. I realized that there are some obvious useful uses for AI, and it’s a game changer already for law enforcement. But what I see is these technologies being utilized by criminals at a faster rate than what law enforcement can usually do. So I see it as somewhat of a negative knowing that we’re going to have to catch up like with AI-produced malware. I think that will be an issue in the future.

Whereas my other panelists were all from the private sector, and they were all like, “No, no, AI is great. It’s going to allow us to use it in these positive directions,” which is true, but I’m the negative, the Grinch here talking about it from saying that. So I would say that that was probably the most surprising thing.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.