Features
Policing cybercrime

Serving communities in a digital age

Cybercrime rates are on the rise in Canada and the threats are becoming more sophisticated. While Canadian crime statistics are typically combined with U.S. numbers, it is important to note that Canada deals with its own unique cyber landscape. The 2020 Cyberthreat Defense Report stated that 78 per cent of Canadian organizations experienced at least one cyber-attack within a 12-month period¹, compared to the 71 per cent that was experienced in 2019². Over 42 per cent of Canadians experienced at least one type of cyber security incident since the beginning of the pandemic, including phishing attacks, malware and fraud.³

“Because of our reliance on smart technology, Canadians have never before been subject to the level of disinformation, theft, exploitation, fraud and abuse that is happening in the online space,” said RCMP Sgt. Caroline Duval. “Victimization is as devastating and damaging online as it is in person.”

The nature of these crimes is continuously evolving, and the impact has been prevalent and far reaching. This impact can be seen in the efforts that law enforcement has put in to advocate for cybercrime victims, and their investigations into these digital attacks. Agencies across the country have spent the last decade training personnel to focus on and fight against this type of crime, but continuing education will be needed to keep up with the cybercriminals of today and the days ahead.

Defining cybercrime

The RCMP defines cybercrime as “any crime where a cyber element (that is, the internet and information technologies such as computers, tablets or smart phones) has a substantial role in the commission of a criminal offence.”⁴

Cybercrime falls into two categories: technology as a tool and technology as a target. In the first, the technology—whether it is a device or the Internet—is used to facilitate the criminal offence. This includes online scams and fraud, money laundering, intellectual property infringements, and online illicit marketplaces.

In the second category, the target of the criminal offence is the data—personally identifiable information, protected health information, credit card data and cryptocurrency. Examples include hacking to steal sensitive data, using malicious software to illegally access a computer (or a network of computers), or disrupting online services.

Trends in cybercrime

In the cyber realm, there are many different ways someone can be targeted and attacked. Sgt. Duval stated that ransomware was the top cybercrime threat that the RCMP’s National Cybercrime Coordination Unit (NC3) saw in its first year of operation (2020 to 2021).

“Human beings remain the weakest link in the chain of cybersecurity. It only takes one click, or even just opening the wrong email, and in a nanosecond your system has been breached,” said Det. Cst. Kenrick Bagnall, Toronto Police Service Computer Cybercrime Unit (C3).

Throughout the pandemic, Tim Molcsan-Spidel of the Calgary Police Service (CPS) has seen a rise in crypto scams, romance and intimate images extortion, lawyer scams, and full-fledged company targeted ransomware attacks.

The growth of social media and the Internet, advances in and adaptation of new technologies – AI, 5G, quantum computing, blockchain, gaming platforms, the emerging metaverse, etc., has directly impacted law enforcement and their operations. Officers must approach each radio call, interaction with a complainant/victim or investigation with a mindset that there will be a technology component connected to each case at some point. “Street-level crime meets ‘the cloud’, and we must adapt our law enforcement mindset and approach it from the outset to better facilitate successful outcomes,” Bagnall stated.

“Canadians have never before been subject to the level of disinformation, theft, exploitation, fraud and abuse that is happening now in the online space.” – RCMP Sgt. Caroline Duval.

Addressing cybercrime

During the early 2010s, police agencies recognized the importance of establishing cybercrime units within their task force in order to address the rise in digital crimes being committed.

As Molcsan-Spidel said, “Setting up a cybercrime unit truly depends on how big it can be and what the mandate and focus will be on. CPS, for example, is one of the few Canadian units that covers a wide range of cybercrimes, with expertise in ransomware, cryptocurrency, undercover communication, the dark web and OSINT, which stands for open-source intelligence.”

Resources “are always going to be an issue with law enforcement cybercrime units”, according to cybercrime and digital investigator Steven Wilson. For that reason, there are a few key aspects of cybercrime that members of law enforcement need to be trained on. First and foremost, all officers should have basic cybercrime training, which includes basic digital literacy skills. This would incorporate everything from a basic understanding of social media privacy and basic computer/digital media use and best practices to both handling the evidence and preventing cybercrime. At a much higher level, this would essentially involve the digital transformation of all law enforcement agencies across Canada, which Wilson would say is truly overdue.

At the CPS, officers are given a choice of taking Cyber 100, 200, 300 and 400, where the topics range from basic computer skills, to having the knowledge to launch a cyber investigation, to being fully undercover in the dark web. This way, all members of law enforcement are able to work on technological aspects of any case.

Keeping in mind the resource constraints, cybercrime units should be developed as a partnership between law enforcement agencies. Communication between law enforcement agencies is critical both as a way to share lessons learned, and resources. Developing a standard across the country for equipment, training, investigation best practices and legal framework will also aid law enforcement in the long run. If an agency has a dedicated cybercrime unit, the members of this team should be responsible for the proactive development and updating of a knowledge base and list of resources, so that all members of law enforcement have access to it. This list should be updated continuously.

Collaboration with the private and academic sectors will also be a helpful tool. These collaborations should not share sensitive information, but rather collaborate on training and resource development for law enforcement. A notable example of collaborative efforts is the RCMP BCIT Cyber Learning Resource Portal.

The Cyber Learning Resource Portal is something that the RCMP had in works for years, and finally came to fruition with the help of BCIT’s Centre for Digital Transformation and BCIT students in the Digital Forensics and Cybersecurity program. The portal’s purpose is to help advance frontline members’ knowledge and skills when it comes to cyber economic crimes. The training material included in the portal ranges from Cryptocurrency/Bitcoin/Blockchain to malware, ransomware, IP location tracing, phishing, and more.⁵

The RCMP’s National Cybercrime Coordination Unit (NC3) is also mandated to serve as a central hub supporting Canadian law enforcement efforts to combat cybercrime, and act as Canada’s main point of contact for international partners in the global fight against these cyber-attacks.

Raising awareness

As the digital economy continues to increase, cybercrime is only going to keep growing exponentially for both individuals and organizations. “I can’t emphasize enough the importance of proactive public awareness and education provided not only by law enforcement, but by everyone,” said Wilson.

Unfortunately, only approximately 10 per cent of cybercrimes are reported to law enforcement, according to Bagnall. Why is this? As he would explain it, there are still some systemic issues when it comes to cybercrime, and there is still a lack of trust from the public that this is an area of criminality that law enforcement cares about and thoroughly investigates. “One reason I think these crimes aren’t reported is because most times it can be remediated by the bank. If they get their money back, they don’t care to report it,” Bagnall stated. Similarly, he finds crimes aren’t reported when the victim knows that the criminal is likely halfway around the globe, and the belief is that law enforcement won’t be able to catch them. “But the thing is, we do catch them.”

The biggest challenge five to six years ago was getting the word out that law enforcement agencies were there to help and investigate cybercrimes for their communities. The new message that officers are trying to spread is that they can tap into a global network of law enforcement agencies to catch criminals around the world.

Increasing the public’s education and awareness on cybercrime must be ongoing. While officers need to have a knowledge base that’s continuously being updated, the public’s understanding of cybercrimes also needs to be given a lot of attention.

Wilson suggests educational sessions in the community, local newspapers, and social media outreach. He frequently visits coffee shops on Sunday mornings and speaks to anyone who wants to have a chat. He covers everything from cybercrime to elder abuse prevention – whatever people want to hear about.

Molcsan-Spidel has found success in providing ‘lunch and learns’ to businesses, organizations and communities, and sharing a monthly cyber newsletter with trends that law enforcement members are seeing.

The digital future

As the world shifted to more work-from-home and digital practices at the beginning of the pandemic, law enforcement agencies saw a surge in the number of cyber-attacks happening and subsequently being reported. In this digital age, it is more important than ever for communities to learn of the dangers of cybercrime, and how to protect themselves from it. This is where law enforcement is needed.

References

1. O’Driscoll, A. “Canada cyber security and cyber crime statistics (2020-2021).” Comparitech. November 2021.
2. 2019 CIRA Cybersecurity Survey. CIRA.
3. “Canadians spend more money and time online during pandemic and over two-fifths report a cyber incident.” Statistics Canada. October 2020.
4. “Cybercrime defined.” Royal Canadian Mounted Police. September 2021.
5. Chen, A. “BCIT students support RCMP in developing Cyber Learning Resource Portal.” BCIT News. October 2021.