By: Jason Wiseman
Having focused on the various vulnerabilities we face in cyberspace, this article will analyze the most persistent and growing threat individual citizens are currently facing from the internet, cyber crime. This brief will focus on three things. First, what is cyber crime and how serious is it. Two, what are some of the barriers that law enforcement face when combating cyber crime. Three, what can we do about it.
First, cyber crime can be most broadly defined as the use of computer technology to engage in illegal activity. This is commonly broken down into three categories: crime where the computer is the target, crime where the computer is a tool and crimes where the computer is a key component of the crime.
Over the last few years, cyber crime has become one of the most persistent and serious threats individuals face worldwide. According to a variety of studies, between 60-70% of internet users worldwide have been victims of cyber crime. Victims most commonly suffer online credit card fraud, phishing scams, sexual predation, social network profile hacking and identity theft.
What is important to note is that the technology is not the key to cyber crime, but rather the lack of awareness and gullibility of the internet user. With the most common scam being the marketing of mail order brides or the sale of fake medicine, cyber criminals are in many ways just basic con artists. What keeps’ them in business are naive and lonely people. In their own words, “there’s one born every minute.”
According to a recent study done by the Canadian Association of Police Boards, “the average citizen is now more likely to be a victim of crime through the internet than on the street or in their home.” While a British source stated that the annual loses of the global banking system stands at £50 billion, President Obama stated in 2010 that $1 trillion was lost in 2009 to cyber crime, making this a bigger underworld and criminal threat than the drug trade.
Cyber crime is rising faster than any other type of criminal activity and is the biggest growing sector of organized crime. It is cheap, easy to do and is accompanied with a low risk and a high potential for reward. To date, the main centers of cyber crime are Brazil, Russia, India and China. The combination of high poverty rates in these countries mixed with access to computers, good education and powerful economic growth results in a perfect storm for the growth of cyber criminals.
Perhaps equally concerning, cyber criminals are getting more sophisticated and only a small percentage of them are actually getting caught and convicted (less than 5% of cybercriminals operating in Canada are reprimanded according to the RCMP). According to cyber security expert Richard Clarke, cyber criminals are now starting to write their own specially designed code to beat security systems, as was the case in the theft of millions of credit card numbers from TJ Maxx in 2003. Simply put, the criminals are far ahead of the curve in the digital realm, if their sophistication continues to grow at such an alarming rate, it has the potential to match the state level threat of cyber warfare.
Some of the biggest obstacles that law enforcement agencies currently face include: the borderless nature of cyber crime, the lack of a shared definition of what constitutes cyber crime, the void of an official mandate, the lack of public awareness and the absence of a skill set that can match or exceed that of cyber criminals. Moreover, many cyber criminals operate ‘under the radar’ because they do not steal huge sums in a single theft, avoiding the necessary minimum for a federal case to be authorized.
Canadian law enforcement does not have a uniform method of collecting data on cyber-crime activity and there is no national mandate that requires police departments to keep track of the number of cyber crime offences (although some voluntarily do so). Of the many police departments in Canada, only the RCMP and SQ have implemented formal policies and procedures in dealing with cyber crime (although many departments have specialized units for cyber crime such as: Toronto, Ottawa, Halifax and Vancouver).
To cope with the shortcomings, the Canadian government has taken three steps to address the problem of cyber crime that has actually made Canada one of the leading nations for resolving cyber crime quickly. First, we have broadened the mandate of Canada’s Office of the Critical Infrastructure Protection and Emergency Preparedness (OCIPEP) to protect our critical infrastructure in both its physical and cyber dimensions.
Second, Canada was one of the first countries to enact criminal laws in the area of computer crime and is ahead of nearly two-thirds of the 52 countries surveyed in enacting laws to crack down on cyber crimes. Having begun amending our criminal code to address cyber crime as early as 1985, Canada has played a decisive role in combating cyber-crime through legislation, policy-making and law-enforcement.
Third, in 2001, Canada and 29 other countries signed the Council of Europe Convention on Cyber Crime and is an active participant in a number of international organizations such as the G8 Group of Senior Experts on Transnational Organized Crime, the Committee of Experts on Crime in Cyberspace of the Council of Europe, and the Organization of American States Groups of Government Experts on Cyber-Crime. This level of international engagement on global cyber crime has prompted a new realm of international cooperation in combating the many security issues of cyberspace, countering the borderless nature of this threat.
This brings us to what the Canadian government should do in order to enhance its effectiveness in combating cyber crime. First, a national mandate for cyber crime should be formed and specialized units assigned for every Canadian police department. Second, there should be a federal law enforcement center in Canada that is specifically devoted to cyber crime where various agencies from Canada and abroad can work together to address cyber crime. Third, existing legislation must be amended and new legislation enacted that would lower the judicial threshold for search and seizure warrants without surrendering too much personal privacy.
Fourth, a major increase in the resources and funding for law enforcement and crown prosecutors must be given so they can adequately address this issue. Fifth, a law that makes it mandatory for private sector businesses and industries to report a cyber crime and work with law enforcement to address it as well as inform the public. Sixth, an interactive awareness and prevention campaign should be enacted in school curriculums, online forums, social networking programs and television broadcasts. Seventh, countries must get together and agree on a model of law that criminalizes cyber crime and forces sanctuary states (such as Russia and Belarus) to enforce these laws with clear consequences outlined if the laws are violated (such as limiting and inspecting all internet traffic emanating from these countries).
Today, no legal system or law enforcement agency anywhere even comes close to deterring the world’s cyber criminals. Until we as citizens and nations take steps to collectively address this growing threat, we will see cyber crime continue to evolve in its sophistication and intensity. Failure to take action will likely bring cyber crime to a computer near you.
Future Reading: Cybercrime Prevalent Worldwide, Study Says, Cyber Crime Becoming #1 Crime in North America, War in the fifth domain, RCMP on Canada’s cyber crime fight, Norton Cybercrime Report: The Human Impact, Cyber-Crime: Issues, Data Sources, and Feasibility of Collecting Police-Reported Statistics, The Council of Europe Convention on Cybercrime
Disclaimer: Any views or opinions expressed in this article are solely those of the author and do not necessarily represent those of the NATO Council of Canada.