Recap: Catching the Cybercriminal

Catching Cybercriminals recap v3
Header Tw Cyber Enforcement
Part one twenty four in the Series

On November 18th, Third Way partnered with the New York University Center for Cybersecurity and the Journal of National Security Law and Policy to host the first-of-its-kind symposium on improving the ability of governments to stop, identify, and punish cybercriminals. The event, Catching the Cybercriminal: Reforming Global Law Enforcement, showcased a diverse array of sectors and perspectives. Speakers included Members of the US Congress, the FBI, Secret Service, the private sector, the United Nations, foreign governments, academia, and civil society.

Click here to view the detailed agenda and list of speakers for the symposium.

Along with the day’s discussions, the agenda was interspersed with flash talks from authors who have written papers for a special issue of the Journal of National Security Law and Policy on policy challenges and solutions to reduce cybercrime, produced in partnership with Third Way. The event was oversubscribed and the day started with a standing-room only crowd, with over 150 people attending the event throughout the day. Attendees included cybersecurity experts, law enforcement officials, members of the private sector, law students, and reporters from outlets like the Wall Street Journal, Yahoo News, CNN, and Cyberscoop.

The day was kicked off by Mieke Eoyang, Vice President for the National Security Program at Third Way. In her opening remarks, she outlined Third Way’s motivation to launch the Cyber Enforcement Initiative last year. She highlighted that the Initiative’s research has found that only three in 1,000 cyber incidents see an enforcement action taken against the suspected perpetrators. The Initiative’s work along with this symposium, has been aimed at solutions to the narrow this cyber enforcement gap.

A few takeaways from the day’s discussions:

1. Congress can and must do more to address cybercrime

Image Alt Text

For the first session of the day, Ben Wittes hosted a live podcast recording of the Lawfare Podcast with Senator Mark Warner (D-VA), Vice Chairman of the Senate Select Committee on Intelligence and co-founder of the Senate Cybersecurity Caucus, and Representative Jim Himes (D-CT), Chairman of the STAR (Strategic Technologies and Advanced Research) Subcommittee of the House Permanent Select Committee on Intelligence to discuss congressional responses to cybercrime. Both Members agreed that the US government should and could be doing more to address the cybercrime threat with law enforcement responses being a key component of that. It was clear from the discussion that Congress can play a greater role in making progress on this front. Senator Warner described the cyber threat as a “security and economic challenge unlike we’ve faced in our lifetimes.” Representative Himes highlighted jurisdictional challenges as a major hurdle to narrowing the cyber enforcement gap. Representative Himes added that, to make progress on cybercrime enforcement, there ought to be safe, real time mechanisms for information sharing between state, local, federal, and international law enforcement agencies and the private sector.

Additionally, the discussion covered issues around election security with both Members expressing concerns about the ability of the US government to prevent against election interference. Senator Warner warned the audience that Russian electoral interference is going to happen again in 2020, and it is happening right now. “Russia increased their disinformation campaign post-2016, they did not decrease it,” he said.

2. Cybercrime is complex and motivated by a variety of factors.

Image Alt Text
Image Alt Text

A panel of former US federal and state law enforcement members joined members of the private sector on a panel to discuss “The Who, What, When, Where, Why of Cybercrime.” Ambassador (ret.) Gina Abercrombie-Winstanley, served as moderator for the panelists. Jim Baker, Director of National Security and Cybersecurity, R Street Institute, identified adequate resources as the biggest challenge to narrowing the cyber enforcement gap. Law enforcement needs an increase in resources to allow for more training and proper systems and data analysis to allow them to investigate and bring to justice cybercriminals. Baker also highlighted that these increased resources will only come to fruition if we have effective leadership in the White House and in Congress that is dedicated to the issue. Eileen Decker, President, Los Angeles Police Commission, reinforced that sentiment and highlighted that state and local law enforcement agencies need even more resources to get the sufficient tools so they can find and prosecute cybercriminals. She also drew attention to the lack of comprehensive metrics on cybercrime, arguing that we cannot create detailed solutions for a problem we cannot measure. Rob Bushar, Vice President and CTO – Government Solutions, FireEye, presented a perspective of the threat landscape from the private sector. He described the diversity in actors behind the attacks and their motivations, including the gray area between nation-state and non-state actors. Kristin Judge characterized the current status of cybercrime as an economic crisis and showcased the important work her organization, Cybercrime Support Network, is doing to assist individual victims of cybercrime in reporting their crimes.

3. Companies like Google must do a balancing act when working with law enforcement

Image Alt Text

The lunch time session was a conversation between Google's Director of Law Enforcement and Information Security, Richard Salgado, and Jennifer Daskal, Professor and Faculty Director of the Tech, Law, Security Program at American University. Salgado discussed the challenges organizations like Google face in responding to law enforcement requests for data, explaining the difficulties in balancing Google’s commitment to human rights but also its need to cooperate with law enforcement across different jurisdictions. Daskal also added that her 2018 report, “Low-Hanging Fruit,” covers how private sector and law enforcement can collaborate more seamlessly to share digital evidence. Salgado urged governments to join the Budapest Convention, the only global cybercrime treaty, and called on countries to adopt strong due process and rule of law protections for cybercrime cases.

4. There are immense challenges for US law enforcement in apprehending malicious cyber actors but it is possible to reduce the cyber enforcement gap.

Image Alt Text
Image Alt Text

Judith Germano, Distinguished Fellow, New York University Center for Cybersecurity, Adjunct Professor, New York University School of Law, and Founder, Germano LawLLC, moderated a discussion with senior officials from two of the leading US law enforcement agencies on cybercrime, the US Secret Service and the FBI. The discussion focused on the successes and challenges federal law enforcement agencies have in bringing to justice cybercriminals. Michael D’Ambrosio, Assistant Director of the Office of Investigations for the US Secret Service, talked about the importance of cutting edge technology along with open source resources and information for improving attribution capabilities. On extraditing and arresting criminals in countries that do not cooperate with the US, he pointed out progress that has been made in arresting these individuals when they travel to another country. Tonya Ugoretz, Deputy Assistant Director of the FBI Cyber Division, added that countries like Russia try all kinds of tactics to try to foil extradition efforts, including spurious claims and counter indictments. She also emphasized the importance and value of organizations and individual victims reporting quickly to law enforcement. The FBI’s asset recovery team has over a 78% recovery rate if the incident is reported in the first 48 hours. They also highlighted the importance of cyber hygiene along with deterring malicious actors. Assistant Director D’Ambrosio warned that it's tempting to think technological advances alone would counter ransomware, but "as long as malicious actors see a vulnerability, they will capitalize it,” which is why bringing to justice perpetrators is also critical.

5. Strengthening international coordination and capacity building is critical to addressing cybercrime but that requires resources and political will.

Image Alt Text

The final session of the day featured speakers from foreign governments and the United Nations, and was moderated by Jenna McLaughlin of Yahoo News. Allison Peters, Deputy Director of the National Security Program at Third Way, set the scene for the session informing the audience that that very day, a Russian-led resolution on cybercrime was being voted on at the United Nations. The resolution would pave a way forward for a new global treaty on cybercrime, which the United States and its allies oppose and has tremendous human rights concerns.

The discussion turned to the importance of investments in global cybercrime capacity building, with Norikazu Otaki, Legal Attaché for the Japanese Embassy in DC, touting the importance of such capacity building assistance so we bring every country along as we deal with 21st century crimes globally. Neil Walsh, Chief of the Cybercrime and Anti Money Laundering Section, United Nations Office of Drugs and Crime, highlighted the work the UN is doing on this but pointed out that organizations like his are not funded from the UN, but from independent donor states. Terlumun George-Maria Tyendezwa, Assistant Director and Head of the Cybercrime Prosecution Unit for the Federal Ministry of Justice in Nigeria, spoke to how resource intensive cybercrime investigations are, and how capacity building efforts are required. Peters highlighted the number of challenges at the political level in governments that are hindering progress in capacity building, as assessed in her research at Third Way. Neil Walsh, also noted that the biggest challenges to capacity building and funding efforts is the lack of tech literacy in lawmakers around the world. If lawmakers do not understand the technology, they will not be able to comprehend the issue and drive sufficient resources to it.

6. Wrapping up the day.

Image Alt Text

Ari Schwartz, Managing Director of Cybersecurity Services at Venable, provided closing remarks and some reflections of the day. As he said, we heard many challenges to narrowing the cyber enforcement gap both at home and abroad. Throughout the day we heard how resources were one of the biggest barriers for US law enforcement, as well as internationally. However, there were a number of reasons to be optimistic about our chances in reducing the cyber enforcement gap. There are Members of Congress who are dedicated to solving this issue, and law enforcement agencies are constantly improving and cracking more cases.

The symposium ended with a cocktail reception, where attendees had an opportunity to network and interact with other attendees and the speakers.