Cybercrime is increasing at an unprecedented rate – estimated to be $600bn  annually and accounting for roughly 33% of all criminal activity . Our police force was founded on the principle of protecting our physical world – but we don’t have the same protection in our digital world. Police have developed methods to deal with various levels of crime from petty local criminals to gangs and international terrorism. But today, physical crimes are far from being the only challenge.
Cyber-scams – ranging from the basic to the highly sophisticated – are rampant. While most of us know to avoid emails asking for bank information or a payment, these cyber-scams target the most vulnerable and enough people fall into their trap to sustain them. But we’re all vulnerable to the most sophisticated cyber-scams as criminals play on our basic impulses. And while there’s advice to prevent citizens from falling into these traps, the ability to protect people remains limited.
Even more worryingly perhaps, there are also now emerging threats to national infrastructure, including extortion and destruction. For example, the WannaCry attack successfully hit national infrastructure including health systems. As our world becomes increasingly digital, the risk of cyber threats is more challenging than ever. We clearly need a different approach in the digital world.
Police already have cyber units that address these digital threats – yet the nature of the threat may require a different strategy and structure.
Digital threats have a propensity to spread rapidly and have global impact due to the interconnected nature of our digital world. Responding locally limits the opportunities to pursue criminals. The common approach to cyber-scams is to educate citizens on the risks – yet this doesn’t address the source of the problem: the attacks and the criminals themselves. They are likely to be resident in different countries outside the intended victim and therefore beyond the jurisdiction of local authorities. So a national approach is likely to be less effective – perhaps expanding the role of Interpol and Europol.
The nature of digital crime also increases risks. Physical locks’ weaknesses need to be exploited one at a time. But a digital vulnerability can be simultaneously exploited all around the world. The diligence we apply to digital vulnerabilities must therefore be significantly more sophisticated and immediate to make sure we maintain our safety.
A strong digital identity can form the basis of improved protection. For example we can indicate emails that are not from a trusted source and thus make it harder for emails scammers to operate. Similarly for web-sites we can trust sites that are backed by an identity and either block or require confirmation to access sites where the identity of the owner is not shared. This improves digital trust without compromising our privacy.
So we need to consider global collaboration to pursue digital crime. And that is never going to be easy given police derive their authority from the nation state. Nevertheless, there are ways to support a global approach without creating a new structure that may compromise national sovereignty and countries’ individual controls. Blockchain and Zero Knowledge Proof would allow national police agencies to share information without compromising their own national intelligence. While this would require agreement about the adoption of global models, that could be achieved without having to compromise national interests.
So do we need a digital police force that’s responsible for administering and coordinating the security policies and practices that are necessary to protect our society and people from harm? Or do we need to make sure our existing police forces are better equipped to deal with the challenges? Much in the way that we have national authorities with international collaboration responsible for air safety, building safety and so on, do we need to strengthen our digital safety authorities?
I’d be interested to hear your views, please get in touch.
 McAfee – Economic Impact of Cybercrime – Feb 2018.
 Global Financial Integrity – Transnational Crime – Mar 2017