Top cop details the complexities of fighting cyber-crime

Top cop details the complexities of fighting cyber-crime

Traditional investigation techniques fall short when facing cyber-criminals from bank robbers to pedophiles… and then there’s the struggle to explain the cases to judges

Illustrative: A man suspected of pedophilia at a court hearing in Jerusalem. (Kobi Gideon/Flash90)
Illustrative: A man suspected of pedophilia at a court hearing in Jerusalem. (Kobi Gideon/Flash90)

If police have a hard time keeping up with criminals in the “real world,” they’ve really got their hands full online, according to Israel Police Superintendent Meir Hayoun, of the Police Cyber-crime Unit. Dealing with cyber-crime has been a game of catch-up — and as cyber-criminals develop new and innovative ways to rip off people, he said, it’s a constant struggle to keep up with them.

Hayoun was speaking at the annual event of the Israel Internet Association (ISOC-IL), where top computer and Internet industry leaders gathered this week to discuss everything from future trends in search engine technology to the future of TV, Internet marketing, gaming, and branding — and cyber-crime, which continues to get worse as the perpetrators of scams, plans, and daring daylight robberies become ever more sophisticated in their methods.

The cyber-life has caused no end of headaches for police, said Hayoun. “Once, there was a clear differentiation between telecommunication crimes and computer crimes. Phone conversations were one thing, and Internet surfing was something else. But today, thanks to the convergence of devices, and the ubiquitousness of services, everything has merged.”

Thus was born cyber-crime.

A good example of the new issues faced by police is the emergence of the popular messaging program WhatsApp, which for many users has replaced their phone’s built-in SMS function. When users sent text messages via SMS, the messages moved via the servers of the cellphone service providers, which keep records of what is sent and by whom. Thus, police running an investigation could subpoena the records relating to a suspect. “But WhatsApp messages are sent via the Internet; the only records are in the device, and they are erased every few days,” said Hayoun. This makes it much harder to account for messages the police need to build cases.

“Modern cyber-crime is different from anything we have had to contend with, and has forced us to change our whole approach — how we train officers, who we hire, the methods we use, and more,” continued Hayoun. “Like all government services, we have limited resources, and dealing with cyber-crime has forced us to reconsider how to allocate those resources.”

Criminals have discovered, for example, that’s it’s far easier to rob a bank using phishing (sending out messages to convince victims to surrender their account information) and other cyber-crime techniques than it is to rob a bank using a gun. If police want to eliminate bank robberies, investigators must be trained in computer techniques and be on top of the latest Internet technology and cyber-crime techniques. That takes time, money, and training, and finding the right people for that kind of job is a challenge unto itself, bemoaned Hayoun.

Police have yet another major hurdle, in convicting cyber-criminals: convincing a court that the evidence indicates that the suspect is indeed guilty as charged. “Judges are not necessarily well-versed in computer security issues, so you have to provide them with examples from the ‘real world’ that are metaphors for things unique to the digital world, such as port scanning (where hackers check a computer’s virtual ports for one that allows access).” For a judge who is used to hearing cases about breaking and entering, the closest comparison in that case, said Hayoun, might be comparing port scanning to an attempt by a car thief to gain access to a car by checking the locks on a lot of cars until he found an unlocked one. “But of course that is an inaccurate description,” conceded Hayoun, and finding the right way to describe things is a challenge.

Even if the judge is cyber-savvy, the police have other problems. “Even in cases where the chain of evidence is clear, there is always going to be the shadow of a doubt that the person whose computer was used to send phishing e-mails that led to account robberies is really the guilty party. Perhaps their computer got hijacked for that purpose.” In some cases, such as child porn, proving guilt might be easier. But even in cases like that, it depends on how fast an investigator can get to a suspect’s computer, and the power of the software to decipher the suspect’s hard drive.

Perhaps the most frustrating thing for the police, continued Hayoun, is that they are often forced to reinvent the wheel with each new cyber-crime case: The crooks know what the police are looking for, and are likely to try new ways to circumvent detection. “We live in a democracy and there are clear rules on how we as police are required to operate,” Hayoun explained. “In court, we have to provide not only evidence in a case, but also how we acquired that evidence.” In cyber-crimes, there is no way of doing that without revealing the technology that was used.

“All this is publicly available on websites where legal issues are discussed, and is read not only by lawyers, but by cyber-criminals,” claimed Hayoun. “As soon as they know how we work, they develop methods to achieve their goals in other ways, and we have to start the next investigation from scratch. It’s a cat-and-mouse game, in which we are constantly playing catch-up.”

In fact, to add insult to injury, bemoaned Hayoun, there have been cases where technology developed for the police has been utilized by cyber-criminals. “Many people doubt me when I tell them that cyber-criminals are using the most up-to-date methods and technologies — as if the elite of the IDF or the Internet world are selling secrets and top technologies to cyber-thieves.” That’s not the case; there are other ways for crooks to get what they need.

“A good example is how a pedophilia site is born with the latest technologies,” said Hayoun. “The bad guys will go to a website design company, for example, that designs legitimate commercial sites, or even designs web technologies for us. They will tell the designers that they are setting up, say, a flower sales site, and supply all the information for a legitimate looking e-commerce site. Once it’s done, though, all they have to do is swap out the flower data with their pedophilia content. Thus they get a world-class site for their criminal activities, using legitimate and legal methods.”

Big data keeps getting bigger, digital devices keep getting more popular, and the cloud keeps filling up with sensitive, personal data that crooks can utilize to make themselves money — so cyber-crime isn’t going anywhere but up, continued Hayoun. Still, the issues faced by the Israel Police are the same as those faced by police in all other democracies. Therefore, cooperation and collaboration can go a long way to nipping cyber-crime in the bud — especially considering the international nature of the Internet.

As far as the police are concerned, beating cyber-criminals requires a lot of grunt work — and patience. But there is one bright spot, Hayoun claimed. “We, too, have access to technology. With each threat a new door opens. And if we know how to enter those doors and use the technology properly, we can go a long way to preventing cyber-crime.”

read more: