It’s all about data (1)

On the Cauce website Neil Schwartzman and J.D. Falk wrote that cyber crime = crime, in their contribution “Kidnapping, Theft and Rape Are Not “Cyber” Crimes”. (http://www.cauce.org/2010/11/kidnapping-theft-and-rape-are-not-cyber-crimes.html)

I totally agree with them that cyber crime is crime, cyber fraud is fraud. The “cyber” criminal will be sentenced by a judge for that and not for using his computer. They end with a plea for police forces to start acting. It is here that I feel there’s a need to clarify.

To my mind most police officers do not understand cyber crime, nor are they able to recognize what is reported to them. Also most countries do not have a system that aggregates reports (where cyber crime is concerned). So the magnitude of the problem is unknown. How can a government or police agency prioritize this way?

Hence, I would suggest that all this has to be amended. As long as this does not happen, the RCMP official will keep saying “we don’t do spam”. Why? He simply does not have a clue what is hitting Canada. So you almost can’t expect him to respond to cyber crime, when he is faced with murders, drug trafficking, etc.. This is something he does understand and is trained to respond to

So what does it take to make (Canadian) police forces, government officials and anti-spam authorities understand it is time to act? Education? A data base? A severe incident? Presentations in the right places? Let’s discuss this and take our conclusions back to the different communities.

I will be writing more on this on the Bridgebuilder’s blog. You may want to follow me, as there is much more to it then just this.

Wout de Natris

Leiderdorp, 7 November 2010

Advertisements

About Wout de Natris

As a consultant I specialise in establishing new and different relationships between industry, governments and law enforcement where internet safety and the fight against cyber crime are concerned. This makes me a bridge builder. Hence the blogs name. In this blog I intend to stress the need for interaction, cooperation and exchange of information in order to change the mentioned relationships. On offer: a comprehensive training on all non-technical aspects of spam enforcement and a cyber awareness presentation for companies and institutions
This entry was posted in Cyber crime data or the absence of it. Bookmark the permalink.

6 Responses to It’s all about data (1)

  1. John Briscoe says:

    Maybe they can explain too why British police will not take reports of phishing scams and direct you to your bank instead? A big contradiction here for super intendant Charlie McMurdie.

  2. Suresh Ramasubramanian says:

    Well said, Wout

    I guess it is up to industry to train the police – or the CERTs, or whoever else has the time and capability to do so.

    More pertinent question – how ready are the police to listen? And how do we keep these focused on helping the police rather than serving as promotional / publicity vehicles for specific single vendors? [which tends to hijack the process, a bit]?

  3. Rob Tremonti says:

    Well, let’s start with what you would define as “cyber crime”.

    It may that the labeling is part of what is scaring them away, in that it is seem as too “hi tech” for their particular skills base, and therefore regarded by the local sheriff as either outside their jurisdiction or beyond the capabilities of their small budgets, or even possible not the biggest issue for their community when compared to dealing with dangerous drivers or drug dealing.

    • A good comment, Robert, on both accounts. If cyber crime is seen as crime the distinction would no longer matter. At this moment it is though, so for the sake of this discussion let’s make it broad: crimes committed through or with the aid of ICT and the Internet. And let’s assume it’s serious, as many people state or assume it to be. From there please look at the questions again.

      Wout de natris

      • Phil Butler says:

        One disadvantage is that it is seen as a specialised area. In other words to investigate it you need a specialised unit or department which can put off regular officers from investigating themselves. However as cybercrimes become even more widespread I believe that in the future law enforcement officers will see cybercrime investigations as routine. It’s a cultural thing, in the future younger recruits will be used to the technology but for the moment the criminals are streets ahead.

      • Andreas Olligschlaeger says:

        The criminals are way ahead for a number of reasons, not the least of which is that most cyber crime is cross-jurisdictional and in many cases spans two or more countries. This is way beyond the scope of local law enforcement agencies. Investigating cyber crime doesn’t necessarily always require high tech skills, but they certainly help. I do believe that most local law enforcement officers understand cyber crime, but find that there is very little they can do about it, even if the perpetrator is known. It costs a lot of money to have someone extradited, money which many smaller agencis don’t have, let alone the manpower required to extradite and prosecute the suspect. “Smart” cyber criminals know to keep theft amounts below a certain limit. This helps keep them under the radar screen of state and federal agencies and out of reach of local agencies.

        Often the perpetrators are known to the victims. For example, they know the bank account to which money was transferred, or they have a name and address. Over time, as the scope of cyber crime increases, the inability of law enforcement to prosecute smaller or medium cyber crimes poses a number of dangers. First, the public will lose confidence in law enforcement. Second, there is the danger of vigilantism.

        Only a concerted international effort coupled with education of the public will ultimately have an impact on cyber crime. Clearly what is being done now isn’t good enough. Public/private partnerships that share information on incidents of cyber crime on an international level in a centralized databank would at least allow for the data mining and identification of the most egregious offenders as well as establish patterns of emerging cyber criminal behavior.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s