Why Cops Can't Catch Cybercriminals

ARLINGTON, Va. -- Computer Security Institute 2007 -- The forensics labs you see on TV might seem pretty high-tech, but in real life, most law enforcement agencies don't have access to skills and equipment like that, a top federal law enforcement officer noted this morning.

Speaking here at a conference aptly nicknamed CSI, Jim Christy, director of futures exploration at the federal government's Defense Cyber Crime Center (DC3), said digital forensics still has a long way to go before it will be widely used to catch computer criminals.

"There are 18,000 law enforcement agencies in the United States, and 50 percent of them have fewer than 25 officers," Christy says. "They are having trouble just getting the fuel they need for their vehicles. They're not going to be setting up digital forensics labs."

Despite increased public awareness of the computer crime problem, law enforcement agencies frequently don't get the funding they need to expand their ability to investigate cybercrime, Christy says. There are 340 accredited crime labs in North America, but only 14 digital forensics labs, most of which are "just four or five people at the back end of the traditional forensics lab," he observes.

Some states are complicating the matter further by forcing each lab to gain accreditation before its data can be used in court. "A case in Texas was dismissed not long ago because Texas didn't have an accredited digital forensics lab," Christy says.

DC3 and other federal law enforcement agencies have developed a repository of digital forensics data, and are working on a Web portal that would make the data available to state and local law enforcement agencies, he says. DC3 also is preparing for its annual Digital Forensics Challenge, a competition to help law enforcement develop methods to solve complex IT forensics problems.

— Tim Wilson, Site Editor, Dark Reading