Online law enforcers lack knowledge, training
The police and other law enforcement agencies globally that are dealing with cybercrimes lack understanding in the scope of these activities and are acting too slowly to arrest the spike in online crimes due to inadequate training, an industry insider noted.
That was the view of Adam Palmer, Symantec Norton's lead cyber security officer, which he shared with ZDNet Asia during a Tuesday interview. The executive had previously worked with law enforcement agencies and non-profit organizations on anti-cybercrime initiatives, which gave him insight on the online security landscape.
Currently, those tasked to police the online environment are not understanding the scope of cybercrime activities and the impact such crimes have on victims' lives, he noted. In reality, more people are affected by online crimes than physical ones. Citing a Symantec study released in September, Palmer said people were three times more likely to be victims of cybercrime than physical ones.
Besides the police, the executive shared that he had come across judges and lawyers who asked what cybercrime was because they did not understand the definition of the term or never even heard of it.
Training inadequate
Palmer also pointed out that law enforcement agencies are not being trained well enough, particularly in inter-agency collaboration and speed in apprehending cybercriminals.
The Symantec executive stated that national borders meant nothing to cybercriminals and they are constantly innovating and using different techniques of attack. As such, the authorities will also have to bear this in mind during their investigations.
He went on to add that there have been recent takedowns that took years to investigate and this, in "Internet time", is too long.
"Taking two months [to close a case] is as good as taking two years [in Internet time]. I always say, cybercriminals work at the speed of light but police only move at the speed of law," Palmer surmised.
He did acknowledge that the police have improved their skills and are doing the best they can with what they have, but there is still "a lot more to do" as cybercriminals are still finding it relatively easy to evade the attentions of these law enforcers.
To be one step ahead of these online crooks, Palmer emphasized the need to provide technical and investigative training for law enforcers at all levels--from the police force to the judges and prosecutors. Such education can be delivered as university courses or through regular training for the next generation of security officers and law enforcers, he added.
Asked if there were differences in the quality of law enforcement agencies regionally, Palmer replied that regardless of location, law enforcers are dealing with the same issues and concerns and share a "common interest" in protecting their citizens from cybercrime. Thus, there are no significant negative traits that are attributable to any single agency, he said.
However, he did call on the region's police force to learn from their U.S. counterparts in partnering in region-wide investigations.
"The key to success is partnership, and they must learn to work together as a multinational group and support cybercrime victims," Palmer urged.
Victims, in particular, are seldom given the necessary attention and care from the authorities as the latter's focus is on catching the criminals, the executive pointed out.
"As necessary as it is to catch criminals and stop cybercrime, we must show people that we are there for them and show support for victims," Palmer said.
One example of this support is the Internet Crime Complaint Center, which is currently being set up by law enforcement agencies such as the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center in partnership with Symantec Norton, he said. Through the I3C, U.S.-based victims or a third-party of the complainant can lodge their Internet crime complaints online, the Web site stated.