If you were to imagine committing the perfect crime, what would that entail? Maybe you would commit a crime that you knew police wouldn’t be able to investigate. Or maybe you would commit a crime where the victim didn’t know they were being deceived, and if they found out, likely wouldn’t go to authorities for help. Perhaps you would commit a crime where the financial rewards far outweighed the risk of apprehension. Whatever you were to imagine, I believe not being caught and held responsible for the said crime would be a commonality among them all. Does such a perfect crime exist? I believe so, and it is what we would equate to the catch-all term “cybercrime.”

Here’s a statistic to wrap your head around: It is estimated that every 39 seconds there is some variation of a cyberattack. Whether it’s an attempted or a successful hacking event, data breaches, “phishing,” “smishing” and the countless incarnations that cybercrime embodies occurring twice a minute is a harrowing statistic.^[1]“Hackers Attack Every 39 Seconds.” NBC News, 7 February 2007, tinyurl.com/yy9syyrb. Even scarier, the aforementioned data isn’t recent — it was derived from a 2007 study! I am sure that when that study was conducted, no one could’ve imagined that a pandemic would lead to the single largest increase in internet usage in one year.^[2]“As Internet User Numbers Swell Due to Pandemic, UN Forum Discusses Measures to Improve Safety of Cyberspace.” United Nations, 6 December 2021, tinyurl.com/ydk99mwc. As you sit here reading this article, think about this: Of the estimated 7.8 billion people in the world, 4.9 billion are using the internet in some way, shape or form.^[3]Flynn, Jack. “How Many People Use the Internet?” Zippia, 4 March 2022, tinyurl.com/4kj42jrp. And the countries with the highest internet usership are China, India and the United States.

There is no form of crime that is more prevalent and rampant than cybercrime.

In my humble opinion, there is no form of crime that is more prevalent and rampant than cybercrime. Not only is it extremely profitable, with the estimated global loss to reach $10.5 trillion by 2025,^[4]Morgan, Steve. “Cybercrime to Cost the World $10.5 Trillion Annually by 2025.” 13 November 2020, Cybercrime Magazine, tinyurl.com/ypbkbcwp. but due to being so widespread, it’s often viewed of as a nuisance versus something that entails the full extent of the law. A silver lining to that dark cloud is that more cybercriminals are getting caught and prosecuted;^[5]Braue, David. “Cybercriminals Are More Likely Than Ever to Get Caught.” 22 May 2022, Cybercrime Magazine, tinyurl.com/3sws55vn. however, the gap between the cybercrimes being committed versus the arrests of those committing them grows every single day. The communities that we are sworn to serve are being impacted daily, and what are we in the law enforcement community doing to address this?

My answer, albeit not the popular one: not nearly enough. Since President Ronald Reagan declared the “war on drugs” in the 1980s, we have seen local and state police departments aggressively pursue narcotics-related offenses for the last 30-plus years. And yet, although we’ve seen cybercrime as the fastest growing area of crime in the world; although FBI Director Christopher Wray compared ransomware to 9/11^[6]Barnes, Julian. “FBI Director Compares Danger of Ransomware to 9/11 Terror Threat.” The New York Times, 4 June 2021, tinyurl.com/ms3vdpmh.; and although the United States Institute of Peace declared cyberterrorism as a real threat in 2004,^[7]Weimann, Gabriel. “Cyberterrorism: How Real Is the Threat?” United States Institute of Peace: Special Report, December 2004, tinyurl.com/mvkyza9k. somehow cybercrime is still viewed as something not in the province of local and state police. Why?

Nationwide, more police departments are adopting the policy of referring victims to file complaints with IC3 (ic3.gov) versus fielding the reports themselves and investigating. Many jaded investigators will opine that the cases are “complicated,” with suspects ultimately being overseas. However, this complacent approach only helps embolden the cybercriminals. Remember when I asked you to envision the perfect crime? Imagine a crime where the police will actually turn away your victims!

Whether it’s a grandmother who was convinced to send bitcoin to a suspect because she believed her grandson was in a car accident in Belize and needed to pay the medical bills, or a millennial crypto investor being deceived into linking their wallet to a DeFi exchange because they were promised a large return of investment and subsequently lost all their portfolio, these cases can be successfully investigated by local and state authorities. What about business email compromises, swatting and VoIP (voice over IP) abuse and “carding” involving the dark web? The answer remains the same: it is not something beyond the capabilities of state and local partners to investigate.

My passion for teaching law enforcement across this country comes from empowering them to take on these types of cases. The belief that the cybercrime world is the “Wild West” and beyond the reach of their jurisdictional boundaries is merely a construct of misunderstanding and fear. Yes, you can take reports of cybercrime in your small towns and cities. Yes, you can work to issue court orders and subpoenas to help further the case. And more importantly, yes you can work in tandem with federal partners like FBI, HSI, USSS, IRS-CI and Interpol to help put a suspect in cuffs who could be halfway around the world! It is all too common to believe that you must have a specific skillset in order to be able to investigate these types of cases, and if you don’t possess that inherent skillset, these cases are “unsolvable.” Again, these are constructs that we use to inhibit ourselves from serving those we are sworn to protect. At a bare minimum, if the bandwidth and manpower isn’t available to pursue a full investigation, is it that much of a burden to take a report and file an IC3 complaint on behalf of the victim? This is something that I always encourage investigators to do regardless of their intent to investigate or not.

Something that I feel is always constant in the law enforcement profession is the need to adapt. As an example, when I was in the police academy, the belief that social media was not a necessity for police departments was the status quo. Now, police departments across the country have a dedicated social media presence as a medium for community outreach. With the statistics pertaining to cybercrime being as voluminous as they are, what are local and state police departments doing to address the problem? Are we adapting, or are we looking for the “easy way out”? I think you know the answer.

With the tools and software available to law enforcement today, like Ciphertrace (ciphertrace.com) and Cybersixgill (cybersixgill.com), such investigative means as cryptocurrency tracing and dark web monitoring are no longer as equivocal as the “dark arts” or “classified” software! Priced well within the range of most state, local and tribal territory (SLTT) budgets, why isn’t your department seeking licensing when it can only help the residents of your jurisdictions who are falling victim to the fastest growing area of crime in the world?^[8]Summerville, Abigail. “Protect Against the Fastest-Growing Crime: Cyber Attacks.” CNBC, 25 July 2017, tinyurl.com/ycxxwc2m.

Maybe you aren’t too keen on loosening the departmental purse strings for cybercrime. Thankfully, the United States Secret Service offers free classes at the National Computer Forensics Institute (ncfi.usss.gov) germane to computer forensics and cybercrime as a means to help teach SLTT partners to be able to better investigate this field and forge partnerships. The National White Collar Crime Center (nw3c.org) also offers free classes for sworn law enforcement to help combat the ever-growing plague of cybercrime on our communities. Quite frankly, no matter the excuse as to why your department isn’t “equipped” to handle these types of cases, there is always a solution — and it’s free. The desire to learn merely needs to be there. The one thing I can promise you as you finish this article, the cybercrime epidemic is only going to get worse. The question that begs to be answered: What are you doing to address it?