Time to redraw the cyber policing landscape

Blog post

Time to redraw the cyber policing landscape

It’s becoming a cliché remarkably quickly within cyber policing circles that forces are tackling a 21st century threat with a 20th century mindset.

As clichés go, given that the number of cyber offences that took place in the UK in 2016 was in the millions and the number of prosecutions failed to hit triple figures, it’s an accurate one.

But the problem is bigger than just psychological, what is needed is a blank piece of paper, a complete restructuring of capabilities to ensure the shape of law enforcement fully reflects the global nature of cybercrime.

The lack of a unified digital investigation framework, alongside the speed of innovation and international scope of cybercrime and cybercriminals means there is a skills and resources deficit among law enforcement officers which is impeding effectiveness.

Europol has done some stellar work in promoting international cooperation in this arena.  For example, the number of agreements in place with countries known to be major forces in the cybercrime world – such as Russia and China – is growing, although the scope of the agreements with the two aforementioned countries is limited to non-personal information.

These agreements, along with a large number of Memoranda of Understanding with the world’s most renowned security companies, have the effect of increasing expertise and resources.

The fact they have been negotiated and implemented, is a significant step forward. However, currently law enforcement is still a long way off being equal to the criminals it seeks.

In an interview for Police Professional, National Policing Lead for cybercrime Deputy Chief Constable Peter Goodman, succinctly summed up the current state of affairs.

“In 2012, If you imagine the cybercrime car going down the motorway at 70 mph, we were tootling along at 20mph. I think we’ve probably got ourselves up to 50mph, but they’re now going at 120mph.”

Last week Europol and EU Agency for Network and Information Security (ENISA) hosted a joint security conference in the Hague examining the threat from the Internet of Things, which outlined the huge vulnerabilities the public face when using connected devices.

As ever, cybercriminals have been quick to weaponise this, with several DDoS attacks of unprecedented scale originating from the Mirai botnet over the last year.

This is another example of cybercriminals exploiting a developing threat about which the police and public have low levels of awareness. It sits alongside the more well-known threats emanating from new and ever more lethal strains of malware and banking Trojans that appear every week.

If we are to catch up with the scale of the challenge, we need radical thinking. What about a new dedicated cyber enforcement agency with a global remit, allied with a system of global cybercrime courts to tackle the current dearth in prosecutions?

While agencies such as Interpol and Europol have cybercrime remits, much of the investigative work is being done by national forces working within restrictive national legislation that fails to recognise that cybercriminals don’t recognise the same geo-political boundaries as the police.

For example, with current infrastructures and resources it’s almost impossible to trace hackers operating within several jurisdictions. A typical criminal might be on a laptop in Moscow and launching malware via servers in Mumbai, have victims in Manchester and Madrid and launder the money through Malaysia.

Mechanisms such as Joint Investigation Teams facilitated through Europol are making cross border policing easier, but in reality, to ensure success, forces from across the world need to be singing from the same hymn sheet. This would mean that cyber offences are analysed by the same agency, with forces across the globe feeding information to a central body and working to the same investigative standards for prosecution in a globally recognised and specially licensed court.

Current cooperation, while improving law enforcement’s response and understanding, hasn’t  been able to make a dent in cybercrime levels. A single agency with common investigative standards and a global remit could begin to change that.

I’m aware this proposal raises many questions, not least funding, membership and logistics, as well as political, legal and ethical quandaries.  But given the scale of the challenge and how far behind the curve we are, it is time to think radically about potential solutions.

Chris Allen

Chris is a researcher and journalist specialising in policing and organised crime. He is currently an intern at the Police Foundation.