In very short order and in relatively short time the world has changed. With the advent of the Internet and its widespread adoption one can reach out and touch someone almost anywhere on the planet in near real-time.
Computer related innovation has provided myriad of benefits, but the same economies of scale, speed of distribution and borderless information exchange has also brought the dark side of society.
Those that want to do us harm, that want to take and steal, those that are malicious in nature or simply uninformed in their beliefs have access to this same technology but with a radically different risk/reward ratio than they experienced in the physical world.
As I was traveling through London recently the number of cameras, police and general law enforcement struck me. If someone were robbed while walking the streets, regardless of the amount, the response would be appropriate.
The police would take a report, investigate, perhaps even find and capture the criminal. The victim would, for the most part, know what to do and how to respond and there would be a fairly supportive group of individuals assisting them through what could be a fairly traumatic event.
If that same person was in their hotel room and someone gained access to their computer, online credit card or banking information, if a malicious actor were able to siphon hundreds or thousands from their accounts, the vast majority of individuals would have no idea what to do.
If they did contact the hotel or local law enforcement they would be met with a wall of confusion, misdirection and misguided advice on how to best proceed.
The current structure and knowledge of local law enforcement create a significant gap in how we deal with cybercrime at the individual level. In fact when it comes to individuals and cybercrime we simply don’t deal with it in any formal or impactful way at all.
Computer crime is not a victim-less crime. Anyone who has been on the receiving end of online theft or had their character assassinated can attest to his or her level of victimization, not to mention the real impact on physical lives we have and will continue to experience as a result of online criminal activities.
This is not an easy problem to solve. In the physical world there are clear boundaries between the locations of a crime, associated laws and the agencies that will be involved. In cyberspace it is all quite murky.
In fact we are unable to draw agreed upon distinctions between cybercrime, cyberespionage and cyberwarfare even though their physical world counterparts are well understood and managed. This confusion has pushed cybereverything to the most opaque military and intelligence agencies in the world.
To the victims there is no difference between online crime and physical crime, just as there is no difference between espionage and cyberespionage. The only difference is the medium used. So why are we unable to recognize the individual as victim of cybercrime and respond accordingly?
I am not suggesting that we hire a legion of cybercops that are dispatched throughout local law enforcement but we do have a significant gap and we must begin to rationalize the similarities between cyber and physical world crime and learn how to protect individuals online. This must be done at the state and local level in addition to the federal level.
Until we can begin to change the economics of online crime, including how we support individuals, we will continue to experience an increasingly hostile digital frontier.