Cybersecurity Alliances
Wedding couple’s hands @ Unsplash

how many cybercriminals are caught

It is important to understand how many cybercriminals have been caught. Are cybercriminals and the entities that support them able to be captured, held accountable, and prosecuted. What can countries do to increase the number of cybercrime convictions?

These and other urgent questions are important because cybercrime is growing and threatening international security. Despite rising cybersecurity threats, there is still a significant gap in the way law enforcement agencies respond to cyber-related incidents.

As cybercriminals adopt sophisticated technologies and malicious programs, hacks and data breaches have increased dramatically over the past decade. Many cybercrime events continue to plague some well-respected companies that have suffered massive data breaches.

Equifax was one of the victims of a massive data breach that affected over 147 million customers. The hackers gained access to sensitive information such as social security numbers, credit card data, and dates of birth. In a settlement agreement with affected customers, the company suffered losses of up to $671 million.

How many cybercriminals have been caught?

Cybercrime poses the greatest threat because a guilty criminal is not often caught and prosecuted. Consequently, governments and businesses are vulnerable to targeted attacks because of the low conviction rate.

The Third Way think tank estimates that 0.3% of all cybercrime complaints are investigated and prosecuted. This means that 3 out of 1000 malicious cyber incidents are being investigated and arrested. Cybercriminal actors can engage in criminal activities with confidence because they don’t have to worry about being arrested, tried, or punished. A large number of victims of cybercrime do not report cases so the enforcement gap could be less than 0.05%.

Mark Lanterman (CTO of Computer Forensic Services) made a similar observation. He estimated that less than one percent of hackers are caught and convicted. It is like finding a needle in the haystack and catching a cybercriminal. Hackers who are skilled in understanding the evidence created by a particular attack will take great care to make sure that it is not there. Many businesses could be hacked, but they may not know it.

Even if hackers leave evidence, it is often insufficient to identify the culprit group or person. Law enforcement agencies often use interviews with security professionals to identify cybercriminals. This is in addition to the computer forensic evidence. The Justice Department announced in 2014 that 90 people were arrested in connection to a Blackshades-related malware case. It took two years to complete the investigation, which required cooperation from 19 countries and hundreds of searches in Canada, America, and Europe.

Notable is the fact that cybercrime has increased significantly in recent years as more people turn to this vice for financial rewards. Recent research has shown that cybercriminals can earn as much as $2 million per year while others make between $40,000 to $1 million each year. But attackers spend just as much time planning and designing their malicious activities, as they do devising ways to remain stealthy and under the radar. Hackers have the perfect platform to engage in cybercrime, increasing their difficulty in apprehending them.

Cybercrime and fraud are two of the most common offenses. 10% of the population has been the victim of hacking. Nearly 50% of all UK crimes are committed every year by cyber attack victims. Cybercriminals are seldom prosecuted or arrested even though the problem is so large.

Hackers use sophisticated methods to hide and cover their tracks. Due to a lack of technology and resources, most police officers are unable to find the tracks. Cybercriminals are estimated to get caught and punished by 5% of law enforcement officers. This is a testament to the difficulties law enforcement faces in arresting and prosecuting them.

Why is it so difficult to prosecute and catch cybercriminals

The notion that crime doesn’t pay is absurd for malicious cyber-criminals, as the internet has seen an unprecedented rise in Internet crime. As cyber criminals feel less likely to be apprehended, it has become more lucrative than ever. Hackers often use sophisticated techniques and secure software to hide their tracks and remain anonymous. Cyber adversaries may use proxy servers to hide their identities, funnel communications, bounce their IP addresses across multiple locations, evade detection, and use technologies such as Tor and VPN encryption. Hackers can use a combination of technologies to carry out high-profile crimes and not be detected. Cybercriminals can also be caught, but it is difficult to do so.

  1. Jurisdiction Questions

Cybercriminals are often unable to be arrested and tried due to jurisdiction issues. Many hackers commit cybercrimes in foreign countries or where judges and prosecutors lack legal jurisdiction. It can be difficult enough to ensure that cyber criminals are prosecuted in the same court as victims, but it is almost impossible when they are located in different locations.

Many times, although law enforcement can gather enough legal evidence to verify the identity and location of the perpetrators, they do not have the legal authority to arrest them. Some countries have agreed to cross-boundary, reciprocal legal rules with cyber-allies, but others are not. Cybercriminals are difficult to prosecute and catch because of jurisdiction barriers.

  1. Unreported Cybercrimes

Online cybercrime victims are not reported to authorities, making it difficult to track and arrest cybercriminals. As most people don’t know where to report them, it is easy to understand why. Even if they did, they are rarely given a positive report. It is difficult to keep a count of cybercrimes solved if cybercriminals are not reported. This also prevents law enforcement from obtaining the evidence necessary to pursue and prosecute those responsible for an attack. The low number of cyber criminals caught and the lower prosecution and conviction rates are due to unreported cybercrimes.

  1. Inability To Prosecute

It took decades for the legal systems and law enforcement agencies of developed countries to become proficient in prosecuting cybercrime. Many countries, particularly those that are less developed, do not have strong legal systems or equipped law enforcement departments capable of catching and convicting cyber criminals.

However, established systems require that law enforcement officers invest a lot of money to help them identify cybercrimes. They also have to overcome difficulties in preserving forensic evidence and in hiring, retaining, and training cybercrime investigators. It is only now, after years of cybercrime running rampant, that countries are starting to understand how to successfully arrest and prosecute those involved in various cyber crimes.

  1. The Challenges of Collecting Legal Evidence

Although many investigators are confident in their ability to collect digital evidence that could lead to an arrest for cybercriminals, it may not be admissible in court. It is not easy to gather unquestionable evidence of cybercrime. It is possible, for example, to obtain a log showing the existence of an unauthorized intruder entering a system. Although the log data can be copied to the police and presented to them, it may not stand up to cross-examination by a defense attorney.

In court, the log data could raise questions such as: What happens if someone alters the log file? Who had access to the log file? How do you verify that the date and time stamps are accurate? What if the IP addresses are faked? So on. When an arrest is made, both law enforcement officers, as well as cybercrime investigators, must ensure that the evidence presented to the court is reliable and can be trusted.

Recommendations to reduce the enforcement gap

The world needs to be prepared to not just identify cybercriminals, but also bring them to justice. These are some suggestions to help reduce the enforcement gap by capturing and prosecuting more cybercriminals.

  1. Identifying Responsible Individuals

It is difficult to catch and prosecute cyber criminals if they are not identified. It is often difficult to identify the attackers. This requires multiple investigators, cybersecurity experts, and law enforcement agencies. Advanced encryption and VPNs allow malicious hackers to hide their identities. Other machine learning tools are used to assist with reconnaissance and information gathering. Cyber actors can execute attacks with high precision and accuracy thanks to these tools. To identify criminals, victims and other parties must work together to find them.

To improve attribution levels, nations can cooperate by allocating technology-advanced resources for cyber investigations. Building and maintaining alliances can improve information-sharing and procedures, streamlining the process for identifying those involved in cybercrime.

  1. Use a Carrot and Stick Approach

Cybercriminals can be hard to catch if some organizations or nations offer a haven. The carrot and stick strategy is a broad strategy that can help in the capture of cybercriminals. The carrot is a reward-based incentive to share information to capture malicious hackers. The stick is to impose targeted sanctions on cybercriminals and potential organizational or nation-state sponsors. Both strategies can be combined to allow a country, even if the cybercriminal is still at large, to impose various consequences.

  1. Reforms in International Coordination and Cooperation

All countries need to transform their law enforcement both domestically and internationally. Due to multiple jurisdictions, bureaucratic obstacles have made it difficult to capture and prosecute cybercriminals since the advent of the Internet.

Many countries and law enforcement agencies have to overcome many obstacles to get international partners to work together in the pursuit or arrest of cybercriminals. Cyber threats are increasingly globalized. To reduce the enforcement gap, it is necessary to coordinate and lead international efforts. Cybercriminals must be caught and prosecuted by international cooperation.

  1. Increase the International Capacity to Catch Cybercriminals

While successful prosecution can reduce the enforcement gap, it all depends on how many cyber criminals are captured. Nearly all countries have law enforcement that is not effective in combating cybercrime. It is therefore vital to increase international enforcement capacity. This is why countries with technologically advanced innovations such as Russia, the US, and China must increase their support for building and realizing a global cybersecurity enforcement capacity. They can help build capacity through international judicial programs, development, strengthening diplomatic relations, and other means.

Examples Of Arrested Cybercriminals in 2020

1. Yevgeniy Nikolina, a Russian national, was found guilty in September of hacking LinkedIn and Formspring. The hacker stole credentials and other information belonging to over 100 million Americans. The hacker was sentenced to a seven-year term in prison.

2. Four suspected hackers were arrested in Poland in connection to a coordinated cybercrime strike. This operation was a collaboration between the Regional Prosecutor’s Office of Warsaw, Cybercrime Departments in Europol, provincial police headquarters, and the Polish Police Centre Bureau of Investigations.

3. The dark web was used to sell illegal goods by many people, according to global security agencies. DisruptTor was the codename for an operation that saw at least 179 people arrested. Because it included separate but complementary operations by North American and European authorities, the operation was successful.

4. Nathan Francis Wyatt from Britain was sentenced to five years for helping a group called The Dark Overload steal information from several US companies. The suspect pleaded guilty to conspiring and participating in aggravated ID theft. The suspect was also ordered to pay $1.5 million in restitution. These and other examples show that the recommendations for reducing cybercriminals’ enforcement gaps are effective.