(by Erik Barnett, Attaché to the European Union – U.S. ICE Homeland Security Investigations)

Law enforcement has too often reacted to cybercrime by wringing its hands and lamenting the lack of technology, resources, and training to compete with sophisticated, savvy, and well-financed cybercriminals.

The qualities of cybercriminals which cause so much anxiety in law enforcement can be categorized as “globalized,” “united,” and “complex.” In moments of extreme honesty, most law enforcement officials would not use such words to describe their own police agencies.

International borders are often seen as obstacles to law enforcement and private sector partners, but as opportunities by transnational criminals. Emerging technologies are too often viewed as vulnerabilities, instead of as valuable forensic tools.

Public and private sectors react differently to cybercrimes and, very often, in isolation from each other.

But it need not, and should not, be this way. To succeed against cybercrime, police must act and think the same as cybercriminals. Law enforcement must globalize investigations through multilateral organizations when appropriate, automate its ability to share information and develop criminal leads, and must become far more sophisticated in our use of technology to actively prevent crime, not merely solve it once it has already left behind victims and damage. And law enforcement must embrace private sector capacities and solicit its assistance when possible.


Sir Robert Peel created the “modern” police force in 1829, revolutionizing law enforcement through a focus on professionalism and prevention. [1]. Among other improvements in policing, this led to increased use of science and technology, fingerprint analysis and DNA for example, to solve crimes.

However, while law enforcement has increasingly become sophisticated and mature, it has also been regularly confounded by criminal exploitation of emerging technologies. As a society, we cannot be surprised by this, because it follows a regular pattern.

In the 1930s in the United States, a massive project of rural electrification also brought use of the telephone to very remote parts of the country. The phone provided the ability to summon emergency medical care if needed at home, grow a business through communication with customers, or maintain contact with loved ones far away. [2].

But fairly quickly, entrepreneurial criminals began to perpetrate frauds over the phone. [3]. The same device that provided law-abiding families with convenience and safety, provided fraudsters with greater anonymity, plausibility, and increased opportunity.

Law enforcement was initially unprepared to combat this threat, in part because the criminal laws had not kept up with the criminals. But the U.S. legislature reacted to the crime with a “wire fraud” law in 1952 that punishes such activity when using the phone. [4].

Criminal exploitation of emails followed this pattern and the term “phishing” was coined to categorize this criminal threat. [5]. Police, prosecutors and legislators again had to adapt and overcome. [6].

But of course criminals also adapt to law enforcement’s efforts and simply embrace new ways to commit old crimes.

Encrypted communications through personal electronic devices may challenge law enforcement’s ability to use judicial warrants to intercept communications within a criminal conspiracy. [7].

Already, virtual currencies are used regularly to commit crimes of drug trafficking, child sexual exploitation, and even the purchase of lethal chemicals with the aim to commit murder. [8].

In law enforcement circles, the Darknet and The Onion Router (TOR) are terms almost synonymous with criminal activity. Even if many law-abiding individuals are unfamiliar with these technologies, criminals have found the purported anonymity appealing as they commit nefarious acts. [9].

Law Enforcement Turns the Tables on Cybercriminals

But there is some very good news and great reason to hope: Law enforcement now uses the tools that make cybercriminals seemingly invincible.

  • – “Globalization,” with appropriate respect for sovereignty, is now a term applicable to police agencies as well as cybercrime. Europol organized the European Cybercrime Centre (EC3) in 2013, bringing together the national experts from 28 European Union Member States. [10]. The EU nations are complemented by additional third countries, such as the United States, that provide liaison officers and coordinate international operations against cybercriminals as well as private sector and academic partners. [11].
  • – Police officers from across the globe are chatting online in real time through Interpol’s Child Sexual Exploitation forum, providing collective and individual expertise to find and rescue sexual abuse victims. [12].
  • – Law enforcement creates Apps for smart phones and tablets that take advantage of public awareness in investigations and use social media to “crowdsource” efforts to catch fugitives or advise of threats to public safety. [13].
  • – Over twenty-five law enforcement agencies from nineteen countries joined together in Operation In Our Sites Transatlantic V to target almost 300 websites selling counterfeit goods. [14].

And law enforcement no longer waits for the emerging threat to become pervasive. With criminal exploitation of virtual currencies as just one example, over seventy police officials from twenty-one countries gathered in The Hague in June 2014 to exchange best practices and discuss appropriate laws or regulatory schemes to defeat transnational organized crime’s abuse of virtual currencies. [15].

In September 2014, the European Cybercrime Centre launched the Joint Cybercrime Action Taskforce (J-CAT) as a multilateral law enforcement effort to “take action against key cybercrime threats and top targets.” [16]. J-CAT offers cyber cops a centralized location to exchange intelligence, determine priority targets for enforcement action and conduct joint operations quickly and effectively.

Even as J-CAT was announced, it was recognized that the prevention of cybercrime cannot be the sole responsibility of law enforcement, but requires an investment and commitment by the private sector as well. Fortunately, there is good news on that front as well.

Private Sector and Public Sector Unite

There is a mutual recognition by public and private sectors that neither can succeed alone against organized cyber criminals.

Just a mere few years ago, a hack, or other cybercrime, involving a multilateral corporation might be handled internally, without referral to law enforcement. Fear of negative publicity was a powerful disincentive to cooperating with the police. [17].

But a recent hack of a major movie studio was quickly reported to the U.S. Federal Bureau of Investigation, which worked very closely with executives and information systems managers within the corporation. [18].

Companies have also had a philanthropic view of developing, and providing to law enforcement for free, patented technology to combat criminal activity in cyberspace.

As an example, law enforcement combatting online child sexual exploitation could not keep pace with the vast number of images of sexually abused children because an investigator might log thousands of such images during a forensic investigation. Because these images are shared via the internet, investigators around the globe were seeing, and spending valuable time, cataloging the same images as their international colleagues.

Microsoft, in collaboration with Dartmouth College, developed for online service providers a tool that “creates a unique signature for a digital image,” allowing police to quickly find copies of that image. [19]. PhotoDNA is a powerful forensic tool that Microsoft, through a partnership with NetClean, has made available free to law enforcement.

Software and internet service providers are assisting law enforcement in detecting websites selling counterfeit goods, particularly phony pharmaceuticals that present genuine risk to public health and safety. [20]


Law enforcement has tremendous capacity, initiative, and sophistication, but has been playing catchup for some time with cybercriminals. This led to a negative attitude toward criminal investigations involving cybercrime and, at times, a defeatist attitude that police would always be at a disadvantage.

However, there has been a shift in capacities, attitudes, multilateralism, and partnership between private and public sectors that have created a brighter outlook. Police need no longer wring its collective hands but determine how cybercriminals succeed and act as they do: organized, global, and working with all partners as appropriate.



[1] D. Thomas. Professionalism in Policing: An Introduction, page 6. Cengage Learning Inc., 2011.

[2] D. Campbell. When the lights came on. Jul./Aug. 2000. rurdev.usda.gov/rbs/pub/aug00/light.htm; accessed on 30 December 2014.

[3] C. Doyle. Mail and Wire Fraud: A Brief Overview of Federal Criminal Law, pages 1-2. Jul. 2011. Congressional Research Service. fas.org/sgp/crs/misc/R41930.pdf

[4] Legal Information Institute, Cornell University Law School. Title 18, United States Code, Section 1343. law.cornell.edu/uscode/text/18/1343; accessed on 30 December 2014.

[5] B. Sterling. Phishing scam warns against phishing scams. Wired. Oct. 2013. wired.com/2013/10/phishing-scam-warns-against-phishing-scams/; accessed on 30 December 2014.

[6] S. Eltringham. Prosecuting Computer Crimes, page 105. justice.gov/criminal/cybercrime/docs/ccmanual.pdf ; accessed on 30 December 2014.

[7] S. Rosenblatt. FBI director demands access to private cell phone data. CNET. Oct. 2014. cnet.com/news/fbi-director-demands-access-to-private-cell-phone-data/; accessed on 30 December 2014.

[8] Indictment. U.S. v. Liberty Reserve, 13CRIM368. U.S. District Court for the Southern District of New York. justice.gov/usao/nys/pressreleases/May13/LibertyReserveetalDocuments.php ; accessed on 30 December 2014.

[9] A. Greenberg. Feds Seize Silk Road 2 in Major Dark Web Drug Bust. Nov. 2014. wired.com/2014/11/feds-seize-silk-road-2/; accessed on 30 December 2014.

[10] (EC3) Opening of the European Cybercrime Centre. Jan. 2013. europol.europa.eu/latest_news/ec3-opening-european-cybercrime-centre; accessed on 30 December 2014.

[11] Joining Forces to Catch the Criminals. europol.europa.eu/ec3/joining-forces; accessed on 30 December 2014.

[12] Victim Identification. interpol.int/Crime-areas/Crimes-against-children/Victim-identification; accessed on 30 December 2014.

[13] K. McCord. ICE releases new app to help find child predators. Sep. 2013.

deseretnews.com/article/865586294/ICE-releases-new-app-to-help-find-child-predators; accessed on 30 December 2014.

[14] L. Essers. Officials seize 292 domain names to protect consumers during holiday season. PC World. Dec. 2014. pcworld.com/article/2853712/officials-seize-292-domain-names-to-protect-consumers-during-holiday-season.html; accessed on 30 December 2014.

[15] Cybercrime Experts Tackle the Criminal Exploitation of Virtual Currencies. Jun. 2014. europol.europa.eu/content/cybercrime-experts-tackle-criminal-exploitation-virtual-currencies; accessed on 30 December 2014.

[16] T. Brewster. Europol launches taskforce to fight world’s top cybercriminals. Sept. 2014. theguardian.com/technology/2014/sep/01/europol-taskforce-cybercrime-hacking-malware; accessed on 30 December 2014.

[17] G. Gross. Investigator urges companies to report cybercrime. Computer World. Aug. 2006. computerworld.com/article/2547183/cybercrime-hacking/investigator-urges-companies-to-report-cybercrime.html; accessed on 30 December 2014.

[18] Update on Sony Investigation. Dec. 2014. fbi.gov/news/pressrel/press-releases/update-on-sony-investigation; accessed on 30 December 2014.

[19] B. Harmon. Microsoft PhotoDNA Technology to Help Law Enforcement Fight Child Pornography. Mar. 2012. blogs.microsoft.com/on-the-issues/2012/03/19/microsoft-photodna-technology-to-help-law-enforcement-fight-child-pornography/; accessed on 30 December 2014.

[20] S. Novack. How Google and the Feds Are Trying to Protect Your Drug Supply. National Journal. Mar. 2014. nextgov.com/health/2014/03/how-google-and-feds-are-trying-protect-your-drug-supply/79945/; accessed on 30 December 2014.

Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.