Do we have the necessary technological, investigative, and prosecutorial capabilities and partnerships to effectively chase outlaws in cyberspace?
Introduction
Digital data is a goldmine and is rapidly becoming a criminal commodity. Irrespective of whether the data is personal, financial, corporate, academic, or governmental, all data is a target. Digital data gives access to bank accounts, credit cards, and more and allows for the fraudulent establishment of new lines of credit. It can also grant access to corporate and government secrets, leading to espionage, extortion, and more. Thus, in addition to the monetary value, there is political value, competitive value, and strategic value as well.
Individually and collectively, this obviously drives skyrocketing criminal activities. These span from phishing, pharming, and malware distribution to developing and distributing a growing number of sophisticated tools for the hacking of target databases. There is also a vibrant industry, infrastructure, and army of malicious code writers, specialist web hosts, and individuals who can easily and quickly lease compromised computers and networks to carry out automated attacks. Fundamentally, the rise of cyber-crimes is a complex challenge facing the future of humanity.
Since cyber intrusions are technically sophisticated, are integrated into geospace and space, are legally intricate, and are proliferating and becoming more common, complex, threatening, and hi-tech, it is essential to understand and evaluate how we are combating cyber outlaws.
Acknowledging this emerging reality, Risk Group initiated a much-needed discussion on the Complex Challenges of Investigating Cyber Crimes with Julie Clegg from Canada on Risk Roundup.
Risk Group discusses Complex Challenges of Cyber Crime Investigation with Julie Clegg, a licensed investigator, an intelligence expert on the UK reality TV series Hunted and Celebrity Hunted, CEO of Human-i Intelligence Services, Inc., and author of the best-selling book: How to Become A World-Class Investigator.
The Globalization of Cyber Crimes
Cybercrime is global. Over the years, advances in information, communications, and digitization technologies — along with the democratization of information — have given rise to the globalization of crime. Personal information has become a commodity, and it moves far too quickly for the current methods to keep pace.
The unparalleled scale of globalized criminal activity threatens the ability of investigators to respond in a timely and efficient manner. At the center of the complexity in combating cyber outlaws is the anonymity of cyber-criminals and the ease with which cyber-crime crosses national borders. Often, due to the current infrastructure, deceptions are possible that are employed to obstruct the identification and attribution of cybercriminals.
When there are hundreds of thousands of viruses, and other types of malicious code in global circulation and hundreds of thousands of computers are compromised per day, the question is how cyber weapons are tracked, and cyber crimes are investigated.
Investigating Cyber Crimes
Since cyber-crimes can be technically complex and legally intricate, tracking outlaws in cyberspace requires the skill set and experience of a detective and also the expertise of a technology genius. It is essential to understand what goes into the investigation.
Irrespective of the nature of the crime or whether it is a crime to an individual’s computer, a corporation’s computer, or a government’s computer, the first step in investigating cyber-crime is usually to find the internet protocol (IP) address of the origination of crime. The question then emerges, why is the IP address critical?
An IP address (a series of numbers and letters) is attached to every piece of data that moves on the internet. That is the reason it is the starting point of investigation. Unfortunately, across nations, the Internet Service Providers (ISPs) do not have a standard procedure for how long to keep the data. There are no global standards about data storage, and there is no law that requires ISPs to maintain the data. This is just one of the many challenges facing cyber-crime investigation and investigators.
Furthermore, it is vital to understand whether digital data and electronic evidence are enough for investigating cyber-crimes or whether there is a need for other science disciplines’ tools and technologies?
Complex Challenges
It seems that there are many obstacles to effectively investigating cybercrimes. First and foremost, there are no global standards. There are severe gaps in legislation, and each nation has its own version of the law. Furthermore, scientific investigation practices and procedures are still evolving. Also, there is a lack of global agreement on even the language and definition of cyber-crimes — what is and what is not a cyber-crime. It is also difficult to gather legal evidence and even find technologically savvy, skilled investigators.
The nature of long-distance attacks, the difficulty acquiring the full spectrum of information, the failure to report cybercrime to authorities, priority, the scale of cybercrime attacks, and the jurisdictional limitations in investigating and prosecuting cybercrime are just some of the challenges facing the future of effective cybercrime investigation and prosecution.
That brings us to an important question: amidst the tsunami of existing and emerging technologies, when each nation has different legal and technical standards, how we will fight cyber-crime effectively?
What Next?
While cyber-crime investigation can be argued as still in its infancy, there is a critical need to harness the intelligence of cyberspace: digital networks, technology, and legal and human resources, to ensure that investigations are useful, practical, and timely. The time is now to discuss and debate whether we have the necessary technological, investigative, and prosecutorial capabilities and partnerships to chase the outlaws in cyberspace.
NEVER MISS ANY OF DR. PANDYA’S POSTS
Join here for a regular update.