Overview

Cybersecurity is often thought to involve protecting one’s identity and sensitive information when online, but this is not nearly the full extent of the risk. Critical information and infrastructure can be vulnerable to attack by malicious actors and when compromised, loss of critical data; publication of sensitive materials; damage or destruction of systems, or other severe consequences could follow.

This course investigates cybercrime in its many guises including in the context of prevention and transnational cooperation, and also focuses on the prosecution of cybercrime. Prosecution often involves bringing together multiple people across many departments and multiple jurisdictions which can pose a variety of challenges. Drawing from the U.S. policy, legislative, institutional and prosecutorial experience, this seminar will integrate the selected topics through lectures, case studies and class discussion. Participants will also engage in in-depth study of cybercrime investigation and prosecution while developing their skills.

The covered material will be of interest to policy makers, regulators, business leaders, government officials, prosecutors, criminal justice personnel, judges, attorneys, and academics, specifically in developing economies where cybercrime is emerging or may pose a particular threat.

Format

The seminars are currently offered both in-person and online simultaneously, at the choice of the participant. This choice must be indicated at the time of registration. A small number of courses are scheduled to be delivered exclusively in person or online, and are indicated as such in the 2024 schedule. In-Person Only seminars usually start at 9:30 am Washington D.C. time. Daily sessions usually end at 4:00 pm. Breaks (including the lunch break) are allocated as appropriate. Online Only seminars will be delivered through five (for 1-week course) or ten (for 2-weeks course) live online sessions via videoconferencing platform. Each session will last approximately 3.5 hours and will be scheduled to start within a time window of 7:00 am – 8:30 am Washington D.C. time. Hybrid In-Person/Online seminars will start at a time most convenient to both in-person and online participants, and will generally follow the In-Person seminar format. We expect the classes to be highly interactive and can include presentations, case studies and exercises.

Course Outline

Cybercrime

• Defining and describing cybercrime, and understanding the systems involved
• Hacking: Privacy, integrity, accessibility, and application
• Bots, malware, spam, identity theft, phishing and other vulnerabilities and exploits
• The Client/Server model: Peer-to-Peer (Gigatribe, BitTorrent, etc.); Darknets
• Cloud Computing
• Combating Cross-Border Cybercrime
• Combating Cybercrime Locally, Regionally and Globally
• Recent Developments

Managing Risk, Cyber Audits, Preventing Attacks, and Mitigating Damage

• Data Protection
• What systems can be affected and how are they vulnerable?
• Internet of Things (IOT), Interconnected Systems (i.e. electrical grids, traffic control systems) and Devices (i.e. IP cameras and even smart locks)
• Particular challenges for emerging economies

Prosecuting Cybercrime

• Foundational elements
• Challenges associated with prosecution
• Investigating and preparing for trial
• Relationship to other crimes, including Human Trafficking and Financial Crimes
• Cross border challenges
• Developing a robust framework upon which countries and courts can cooperate to prosecute offenders
• Coordinating and educating all parties, including the police, other investigators, prosecutors, judges and the public

International Cooperation and Cyberwarfare

• The role of state actors and case study
• EU General Data Protection Regulation (GDRP)
• The Convention on Cybercrime
• Mutual assistance and evidence sharing

Course Advisor

Matthew Gardner is a partner at Wiley Rein LLP where his practice focuses on White Collar Defense, Government Investigations, Privacy and Cybersecurity. He has extensive experience working with critical infrastructure companies to manage cyber risk, and he routinely advises clients on complicated issues involving the intersection of law and emerging technologies. Matt frequently helps clients prepare for and respond to network vulnerabilities, including working with the U.S. Departments of Justice (DOJ) and Homeland Security (DHS) to find creative solutions to challenging security issues. As a former Assistant U.S. Attorney to the U.S. Attorney’s Office for the Eastern District of Virginia, Matt has practical experience in complex investigative and enforcement matters. He received his J.D. magna cum laude from Georgetown University Law Center, and in 2015 was recognized as one of the nation’s top Cybersecurity & Data Privacy Trailblazers by The National Law Journal. Matt is a contributing author and an industry source in several publications, including the “Cybersecurity Risk Management Is a Corporate Responsibility” chapter in the American Bar Association’s 2019 publication, The Lawyer’s Corporate Social Responsibility Deskbook.