Read on Twitter
Last Friday I had the opportunity to present on cyber crime issues during @CrimConOrg. It was super tough to do as presentations were only 10 minutes long. I think I left some important things out. 1/
Has property crime really declined ? This quote from @rossjanderson sums it up best. âThe claim by police forces and government officials that crime overall was falling was wrong; physical crime was falling while online crime was rising.â 2/
In the UK, @rossjanderson found That when crime victimization surveys were evaluated for 2018, approximately half of all property crime is internet/online base taking into account reported victimization. There is no reason to think the situation in the U.S. is different. 3/
. In attempting to quantify the economic impacts of cybercrime@rossjanderson et al catalogue a wide array of potential crimes that involved the use of a computer to commit that range from........ 4/
email based schemes(advanced fee fraud, business email compromise, phishing emails to harvest user names and passwords) to online banking fraud etc Some crimes which had become less significant since they were first examined in 2012.
for the majority criminal activities that were evaluated, the costs of which in some categories ran into the billion dollar range; were either new or on the rise as online activity has transitioned from fixed to mobile services combined with the increase in the use of...... 5/
social media making it much easier to reach victims. As researcher @zcobb pointed out in https://jnslp.com/2020/02/13/advancing-accurate-objective-cybercrime-metrics/ UCR/NIBRS data currently is woefully inadequate. NCVS only captures ID theft. 6/
Additionally @zcobb states "In 2016 identity theft cost Americans $ 17 Billion possibly more than losses due to household burglary, motor vehicle theft, and property theft combined" while also noting some limitations victim surveys crime metrics. 7/
And as @MiekeEoyang et al of @ThirdWayNatSec found 1% of cyber criminals are arrested which translates into approximately 3 arrests for every 1000 reported cybercrime incidents compared to clearance rates of 18% for other property crime and 46 % for violent crime. 8/
@ThirdWayNatSec also found that according to the Federal Bureau of Investigation (FBI) that it only based only 9 cases on FBI Internet Crime Compliant Center data even they received 298,728 complaints (none of which are included in NIBRS data) in FY16 9/
For example, @MiekeEoyang found the United States Secret Service (USSS), an organization that is nominally in charge protecting the integrity of the US financial system, only brought 251 cyber crime cases in 2016. 10/
Special Agent Matt OâNeil Director of the @SecretService Global Investigations Center put it best when he said âSomebody said one timeâŠbefore you take us cyber security professionals too seriously understand that we are the Chicago Cubs or the losing team ⊠11/
Covid-19 has accelerated my societal trends that were already in motion before the pandemic including cyber crime. In May of 2020 the FTC saw the most online shopping complaints in a one-month time period in its history with over 2500 in that month alone. 12/
The internet crime complaint center is also seeing a record number of complaints involving consumer purchases ranging from spoofed websites to scams regarding items related to the pandemic such as masks. 13/
Ransomware attacks have continued to rise as well hitting vital industries such as the healthcare sector. Additionally, state governments have been subject to massive digitally enabled fraud surrounding their unemployment systems as well. 14/
Even with the changes to the current operating environment, much of what constitutes law enforcement activity is still based on the Peelian policing paradigm in the UK and âbroken windowsâ and its successor model of problem-oriented policing in the United States. 15/
The Peelian Policing model being defined by David Wall of Durham Univesity as â bureaucratically organised agency formed locally but partly funded by government to keep the dangerous classes off the streets, maintain order and enforce lawâ. 16/
The model was designed to help traditional deploy law enforcement resources with aided with the advent of radio cars, crime mapping, and sophisticated predictive policing models such as COMPSAT and PREDPOL 17/
however, one of these technologies were designed evolve with what @zcobb has referred to as âcrimes against governments and businesses that are not specifically spatial in a way that is linked to a local police jurisdictionâ such as cyber crime.18/
Police forces are generally conservative institutions that are slow to change institutional culture to adapt to changing societal needs. One of the ways that policing organizations seek to react to new threats without having to change the conduct of the whole organization...19/
is to create âspecialized unitsâ which tend to corral expertise. organization is to create âspecialized unitsâ which tend to corral expertise according to Wall.
Online child exploitation was one the challenges that police began to respond to early on as people moved online. 20/
Online child exploitation was one the challenges that police began to respond to early on as people moved online. 20/
Ever since the days of the crackle of the dial up modem that would bring American consumers to first internet services providers AOL, Prodigy, and Compu-serve; individuals have sought to exploit children online. 21/
Even before increased bandwidth made internet pornography ubiquitous ubiquitous individuals were using chat rooms to lore minors into the real world in order to be sexually exploited. 22/
This was the first foray into public policing of online behavior at scale and in many ways served to define what the police response to digital crime would be in the US. 23/
The ICACs would come to be synonymous with digital crime more generally with their specialized skills set apart from the rest of policing more generally. 24/
The ICACs were initially very adaptive to the various changes in technology utilized by individuals to commit acts of child exploitation shifting from the child luring schemes of the early chat rooms....25/
to the rise of bulletin boards and commercial websites trafficking in indecent images, and to peer to peer file sharing of the 2000âs. However, this adaptive spirit due to a variety of reasons did not transfer to other crimes 26/
The siloed nature of this expertise appears impacting enforcement as evidenced by a digital crime needs assessment conducted for the cities of Charlotte, North Carolina and Savannah, GA documented by by Teri Cummins Flory of Purdue University 27/
According to the surveys taken by serving police officers âAlmost half of the respondents had no opinion on whether cybercrime was being taken seriously enough in law enforcement, and nearly 73% believed that cyber crime should be dealt with by a special unitâ. 28/
As Flory would note, this is a potential troubling development as a patrol officer is most often the first person at a crime scene and that initial preservation of evidence is key in potential future prosecutions. 29/ https://commons.erau.edu/jdfsl/vol11/iss1/4/
Within the same survey, however, the majority law enforcement officers also though that there should be an increase in the prosecution of cyber crime. 30/
A number of possible steps can be taken to improve the law enforcement response to cyber crime. And as noted by@ThirdWayNatSec Cyber crime is listed as Tier 1 national security threat on the same level as terrorism in the UK and as a top criminal priority of the FBI 31/
It appears, however; that cyber crime still does not get the same budgetary consideration as counter-terrorism and the UK Cybercrime Cyber Security program saw one third of its budget transferred to counter terrorism. 32/
There is a tremendous amount discussion about how to increase international cooperation in cyber crime investigations due to their âborderless natureâ through various agreements and legal processes. 33/
What if the money would be better spent recruiting, hiring and training a different type local police officer not to focus on traditional public order offenses but on digital investigation? 34/
While international cooperation is essential, the origin of much the investigation and origin of cyber crime may well be an issue situated closer to home. 35/
An assertion by @rossjanderson that âitâs difficult to get anything done because the scammers are overseas, and those cases have to be referred to police units in London who have other things to do. Nothing joins up and......36/
, as a result, we end up with no enforcement on cybercrime, except for a few headline crimes that really annoy ministersâ is true to the extent that cybercrime investigations have tended to go after the biggest fish such as the Silk Road Market Place and Carders Market 37/
But almost no one looks at the digital broken windows. And as wall pointed out by Wall âSince local policing strategies are often reduced to decisions that are made at a very local level over the most efficient expenditure of finite resources.....38/
the public interest,â a key criterion in releasing police resources for an investigation, is often hard to justify in individual cases of cyber crime victimisation.â This is what Wall refers to as the de minimis trap. 39/
In 2019, the NGO @TheBADASS_army which specializes in helping victims seek justice for non consensual pornography called out law enforcement for not doing doing enough to help victims ever though it is crime 46 states. 40/
This fits with what Wall says about non-routine events (or those perceived non routine) include those created by the Internet, such as cross-border investigations, or types of deviant behaviour not normally regarded as criminal by police officers. 41/
In examining the US state of Indiana as of 2016, Flory found there was no instruction block for digital crime investigation within their basic law enforcement training program. 42/
I examined the police basic training programs of all 50 states none included a block longer that 8 ours for cyber crime. 43/
For the states in which I was able to obtain a full peace officer basic training curriculum with the hours allotted 22 states have no mandatory cyber crime training block 44/
6 states had 1 hour, 5 states had 2 hours, 1 state had 4 hours, 1 had 7 hours, and 1 state had a block of between 1 and 8 hours. 45/
The lack of inclusion of cyber crimes in the foundational course for police officers sets a tone from the beginning that cyber crimes are neither routine nor particularly important 46/
A cybercrime needs study was conducted for a major police force in the UK recently revealed several potential ways forward. 47/
According to Schreuders et al the process might start with the call taking center where initial police contacts are made âso that they can more effectively advise callers and preserve digital evidenceâ 48/
The process would then move through an integrated intelligence function which took into account the unique aspects of cyber related investigations with additional support for front line teams in order to better identify digital evidence opportunities. 49/
@MartinKaste reported earlier this year on a New York City pilot program designed challenge the notion that digital crime was â too technical and too internationalâ for local police to investigate. 51/
An application was deployed for police officer to capture the right interview details getting the right information to detectives and instead of overseas scammers they are finding that "A whole lot of it is knuckleheads from the Bronx." 52/
@fuzztech the now former director of cyber investigations for the NYPD stated that "If somebody walked into the precinct holding a bloody handkerchief to their head and said, 'Somebody hit me over the head and took a thousand dollars out of my wallet,'........53/
you'd have five cops running out to find the guy,'" "[But] if they come in and say, 'Some scammer took a thousand dollars from me,' [police say] 'Ooooh, you've got to call the FBI!' That's crazy. That's the old way of thinking.â 54/
![you'd have five cops running out to find the guy,'" "[But] if they come in and say, 'Some scammer took a thousand dollars from me,' [police say] 'Ooooh, you've got to call the FBI!' That's crazy. That's the old way of thinking.â 54/](https://pbs.twimg.com/media/EnzZQnDXEAErUri.jpg "you'd have five cops running out to find the guy,'\" \"[But] if they come in and say, 'Some scammer took a thousand dollars from me,' [police say] 'Ooooh, you've got to call the FBI!' That's crazy. That's the old way of thinking.â 54/")
The NYPD is experimenting with this app for patrol officers' smart phones. It walks them through interviews with victims of cyber crime, making sure they get the technical details that detectives will need when they investigate the case 55/
https://www.npr.org/2020/01/15/796252827/coaxing-cops-to-tackle-cybercrime-theres-an-app-for-that 56/
Cyber crime is one of the fastest evolving criminal threats faced by law enforcement. In order to counter the threat local law enforcement should be trained and deployed to investigate more cases of lower-level cyber crime 57/
This approach could improve both reporting and statistics by increasing the confidence of the public that these types of cases will be investigated with suitable outcomes for victims. 58/
Society can no longer rely on a few premier law enforcement agencies to investigate cyber crime cases alone as that has been a failed endeavor. 59/EOT
