Cybercrime has many faces, from child exploitation, to fraud, to identity theft and more.
But from a federal perspective it only seems to have one: protecting the nation's digital borders.
Todd Shipley, president of the High Technology Crime Investigation Association (HTCIA), stresses infrastructure protection in terms of securing the online presence of the nation's power grids, communications networks, air and ground transportation, and financial transactions reigns incredibly important to national security. But he suggests it's just as important to examine how the average law enforcement agency will investigate cybercrimes.
Right now local response to cyber-related crimes can be all over the map. Shipley says some local law enforcement departments tackle cybercrime response head-on, thinking it's solely their responsibility, and others ignore the crimes entirely, believing the job lies with the Feds. However, neither stance is correct.
"It's not just a federal problem," Shipley says. "It's a state and local problem too because the victims are citizens of the local community."
Securing digital borders from cyber miscreants involves more than dispatching victims to the Feds. "There are no pedestrians in cyber space," agrees Gen. Dale Meyerrose, who heads Harris Corp.'s National Cyber Initiative and once worked as the information sharing executive for the director of National Intelligence.
Taking in the big picture
"Looking at digital crimes can be daunting, because every crime can have some sort of Internet tie-in," Shipley admits. "There's a huge space out there and without clear federal direction it becomes overwhelming."
Parry Aftab, a lawyer specializing in Internet privacy and security law and the executive director of WiredSafety.org, thinks the tendency to lump all cybercrime together spurs this flawed thinking. There's a need to categorize cybercrimes as officials currently classify traditional crimes. "We have burglaries, we have assault and battery, we have rape, we have drunk driving — there are a million things people can do to violate the law," she says. "When we talk about cybercrimes, we have to break them into similar categories. And we need to realize every law enforcement official cannot be an expert in all of them."
Jurisdictional issues drive much of the hesitance surrounding cyber investigations among the locals. Law enforcement typically focuses on obvious and tangible crimes such as burglary, robbery or assault — crimes with distinct jurisdictional boundaries — but when offenses occur in cyber space the borders are not so clear. The concept of "These are the borders of my town and this is the area I work" gets lost in a space where virtual connections bring people from other states and even other countries into citizens' homes.
Officers must ready themselves for the multi-jurisdictional nature of cyber land. "They've got to be prepared to talk to the FBI, the Secret Service or a high-tech task force," Shipley says. "Just because you cannot investigate the crime doesn't mean you shouldn't know who can."
Throw the tendency to connect online or cyber crimes solely to computers and you've got some real problems. Just as the old proverb proclaims, "There's more than one way to skin a cat," there's more than one means to get online. People use everything from computers and cell phones to their Xbox and PlayStations to gain Internet access, and all of these tools may house digital evidence.
Understanding digital technologies, how they work and what they can do goes a long way in building a case. As Aftab says, "Law enforcement needs to think of digital technology as not having anything to do with the crime, but having to do with making their case."
Aftab believes first responders should know the three C's of digital technology: Content, contact and cost.
Content. What info might the device contain? This may be words, pictures or video.