eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Bob Breeden isnt complaining, dont get him wrong. Special Agent Breeden, who heads the Computer Crime Division of the Florida Department of Law Enforcement, in Tallahassee, feels fortunate to work in one of the few state police departments running a full-time cyber-crime division. With four other officers under his command and another 10 FDLE employees at his disposal, Breeden oversees a division with an embarrassment of riches compared with its counter parts in most other states.
Still, “there are days I feel like I need 10 more agents and more money,” Breeden said. Considering Florida has the second-highest number of Internet-fraud incidents in the country each year and that Breedens team handles between 400 and 500 cyber-crime cases annually, its easy to see how resources can be stretched to the limit.
Breeden knows that most jurisdictions have it far worse. “The vast majority of local law enforcement hasnt embraced technical investigations,” he said.
Since the 1980s, when computer crimes first became a concern for law enforcement, agencies have wrestled with how to deal with the often-confusing, highly technical realm of the cyber-criminal. Early efforts to centralize enforcement within federal agencies were seen as convenient and mostly logical but ultimately have led to jurisdictional squabbles and turf wars.
“It is, in a word, chaotic,” said Mark Rasch, a former U.S. Attorney who specialized in prosecuting computer crimes and is now the chief security counsel at Solutionary Inc., in Omaha, Neb. “Theres supposedly a memorandum of understanding between the Secret Service and the FBI about who takes what, but its usually whoever gets the first referral. [Today] you can have agents from the FBI, the Secret Service, and state and local police all working on the same case.”
Meanwhile, as cyber-crime skyrockets, law enforcement at all levels is at once struggling to get a handle on the threat and trying to impress those holding the purse strings in government that it is an area in need of attention and funding. In fact, the federal monopoly on cyber-crime cases for nearly two decades had the effect of leaving state and local law enforcement departments with no resources to investigate such crimes on their own and gave state legislatures little incentive to approve funding for specialized training or task forces to tackle the problem.
As a result, during the Internet boom of the mid-to-late 1990s, most police departments were woefully unprepared for the resulting spike in online crime, experts say. Investigators accustomed to traditional cases with witnesses, clear evidence trails and time-tested techniques for tracking down suspects suddenly found themselves thrown into cyberspace, where chaos and anonymity reign. Compounding the problem: Most had little experience with computers and the Internet.
“I didnt have any real technical knowledge when I started doing this,” said Breeden, who has been investigating computer crimes for nearly six years. “You learn as you go.”
These days, even officers with technical backgrounds and relatively good support are often buried in cyber-crime casework.
“The online-fraud thing is so huge—we get so overwhelmed with it,” said Larry Smith, a detective with the Las Vegas Metropolitan Police Departments Cybercrimes Unit. “We could probably put all 20 of us on that alone. We usually have more manpower than the FBI and Secret Service, so we work with them a lot.”
Next page: Resource problem extends to FBI, Secret Service.
Page Two
But the lack of resources and training for tackling cyber-crime isnt a state and local problem exclusively; it extends to the FBI and the Secret Service as well.
The Secret Service has had a task force in New York for several years devoted strictly to investigating cyber-crime, and after the terrorist attacks of Sept. 11, 2001, the Bush administration decided to extend that model to the rest of the country. A section of the USA PATRIOT Act directs the Secret Service to form similar regional task forces around the country. There are now 13 such teams in major metro areas.
But several people involved in the creation of the task forces said they are still severely short of agents and funding. Although the act requires the Secret Service to create the task forces, the legislation has not provided additional money for the teams.
For example, Smiths local unit in Las Vegas comprises five full-time officers plus a supervisor, along with about 15 other officers with technical backgrounds who can be called in to help on large investigations. By contrast, the federal Las Vegas Electronic Crimes Task Force has just two agents dedicated full time to cyber-crime.
“They just didnt provide the required resources because there were a lot of conflicting priorities,” said John Frazzini, a former Secret Service agent who ran the Washington-Metro Electronic Crimes Task Force and now heads a security systems integration company in Virginia. “After 9/11, everything was about terrorism, with little focus on cyber-crime.
“At no other time in history has there been the opportunity for criminals to engage in such mass victimization,” Frazzini said. “The resources provided in support of various federal law enforcement cyber-crime initiatives are simply not commensurate with the massive scope of the criminal activity.”
“The feds reward people who are generalists, people who can go from protecting the vice presidents wife to investigating counterfeit currency to doing cyber-crime investigations,” said Solutionarys Rasch. “But cyber-crime requires people who are specialists. And not just specialists in cyber-crime but specialists in one specific operating system. They have people who are analysts and know this stuff, but they dont know how to write an affidavit in support of a search warrant or get a case ready for prosecution.”
Next page: How lack of resources affects victims.
Page Two
The lack of resources can also affect cyber-crime victims, Rasch said. “The investigators end up prioritizing and want the victims to do most of the legwork,” he said. “Theres a big population of people caught in the middle with no recourse.”
“Clearly, one of the biggest frustrations is that there arent nearly enough trained investigators,” Rasch added. “So the little stuff falls by the wayside. They look for people targeting banks, critical infrastructure, government facilities, high-impact sites.”
For the FBIs part, it has been trying to emulate the Secret Service model for some time, albeit with limited success. Efforts to date to create a computer crimes task force in Washington within the FBI have been fruitless. Part of the problem is a lack of clear understanding of protocol and procedure, with respect to investigations, which has led to head butting between the two agencies over jurisdictional issues. The FBI did not return repeated phone calls for comment on this story.
People who have been involved in the governments anti-cyber-crime initiatives said there needs to be a major commitment from the highest levels of the federal government for things to improve.
“The Secret Service has its task forces, and I think thats the right approach,” said Richard Clarke, former chairman of the Presidents Critical Infrastructure Protection Board and now chairman of Good Harbor Consulting LLC, based in Herndon, Va. “But theyre vastly underfunded. They need a forensics lab and training if theyre going to be really effective.
“Theyre not getting the support from above and the money that they need. They dont have nearly enough manpower,” Clarke said.
The FDLEs Breeden knows the feeling. With his unit taking on at least one new case every day, he ends up declining to investigate a large number of the potential cyber-crimes that come his way.
“We get a lot of complaints, but we dont have the manpower to handle them. We have a $10,000 [loss] threshold to even look at it,” said Breeden. “Most of the complaints are losses that are much smaller than that. We have to have an offender with multiple offenses most of the time. That leaves a lot of cases that we just cant get to, and theyre no less important than the ones we take.”
Check out eWEEK.coms Security Center at http://security.eweek.com for the latest security news, reviews and analysis.
Be sure to add our eWEEK.com developer and Web services news feed to your RSS newsreader or My Yahoo page