Jim Kouri, formerly the Chief of Police of the New York City housing project in Washington Heights, wrote recently in MensNewsDaily.com about Cyber Crime and its increasing popularity as a criminal endeavor. He rightfully identified that there is a difference between critical infrastructure protection (Cyber security threats) and Cyber crimes (traditional crimes committed through the use of technology). This is far too often overlooked at the national level and appropriate consideration given to both areas. Threats to our critical infrastructure are not the same as Cyber criminals stealing from our citizens. However, from the initial look at a crime, say a “Phishing” scam against a bank, a law enforcement investigator does not know if this criminal act is a foreign state attacking our economic system by trying to make the bank fail, or a teenager from one of the old eastern block countries simply scamming unsuspecting customers out of their funds.
Law enforcement from the outset often ignores these crimes due to the investigative complexity of the crime and the lack of training and tools to effective pursue the evidence. The current economic situation is making things even worse for those agency’s who do attempt to address Internet based crime. In California High Tech Crime Task Forces are being shut down due to the budget crisis. The Northern California Computer Crime Task Force has shut down and the San Diego area CATCH Team will shut down on February 16th. Both of these task forces have made a significant impact on criminals using the Internet to commit crimes. Yet, we are allowing them to close and very little is being done to stop it.
The new administration is due to announce the appointment of its new Cyber Czar. I don’t have a hope for the near future with the President saying one thing before his inauguration:
“As president, I’ll make cyber security the top priority that it should be in the 21st century,” … “I’ll declare our cyber-infrastructure a strategic asset and appoint a National Cyber Adviser who will report directly to me.” (from a speech at Purdue University last July)
And doing another, which is by most accounts putting the new Cyber Czar post several layers down in the Department of Homeland Security. If it does end up in DHS it will be another function unable to deal with the national problem, because the appointee will have to facilitate conversations with the FBI and other organizations outside of DHS responsible for Cyber crime investigation. In addition the new Cyber Czar would have to fight for funding within his or her own organization.
As with the intelligence collection and review issues, as determined by the 911 commission, Cyber crime is another area not coordinated nationally with the many different stake holders in the arena. The better model would be to have the Cyber Czar in the White House with positive control over budgets and agency actions responding to the problem. The National Intelligence Director’s position is the best model for this issue. The problem is not for a single agency to try and solve but it should be the responsibility of a single entity to coordinate the response nationally. Cyber crime is dealt with at all levels of law enforcement in this country, from the City police investigator looking into Vice crime on Craig’s list to International Child Porn rings investigated by the FBI. Yet with all this crime occurring there is no coordination of cyber criminal intelligence or investigations from the bottom to the top.
Lastly, the person selected as Cyber Czar should have a concept of operational response to both the Infrastructure Protection space as well as the Cyber crime arena. They are two different animals and require different skill sets, but complementary responses. We will have to wait and see if the President’s pick is up to the challenge and given the proper authority and resources required to accomplish the mission.
Technorati Tags: Cyber crime,Cyber security,Cyber Czar,CATCH team,DHS,critical infrastructure,phishing