So who investigates Cybercrime?
Reporting business/organization cyber intrusions and personally becoming a victim of cybercrime share some similarities, however in most cases:
- In most cases cybercrimes affecting businesses should be reported to federal law enforcement agencies.
- In most cases cybercrimes affecting individuals should be reported to local law enforcement agencies and federal reporting centers like the FTC and IC3.
- The cybercrime focal point for information is Department of Homeland Security contact U.S. Cert. https://www.us-cert.gov/
The Department of Justice, United States Attorney's office is responsible for the prosecution of cybercrime cases, which means all investigative cases go through them. According to their website www.justice.gov, Internet-related crime, like any other crime, should be reported to appropriate law enforcement investigative authorities at the local, state, federal, or international levels, depending on the scope of the crime.
So before you think about reporting a cybercrime case you must first understand what is meant by the term " appropriate "law enforcement authorities and “depending on the scope of the crime.”
- Does it meet the investigative or prosecutorial thresholds?
- Is there a high enough monetary loss? (the prosecuting attorney's office will calculate compensatory losses not punitive losses)
- Is it a case with a community impact?
- Is it a breach of a business?
- Are you a personal victim of cybercrime?
Both Federal and State Attorney's offices have the discretion to decline to prosecute any case based on any of the above considerations. If the case is to weak the Federal and State prosecutors are ethically bound not to bring criminal charges unless the admissible evidence will probably be sufficient to obtain a conviction. Furthermore, even when the evidence is sufficient, there may not be enough evidence sufficient for federal or state interest served by prosecution.
- United States Secret Service (USSS)
- Federal Bureau of Investigation (FBI)
- Homeland Security Investigations (HSI)
- Federal Trade Commission (FTC)
- The Internet Crime Complaint Center (IC3)
- National Protection and Program Directorate (NPPD)
- U.S. Computer Emergency Readiness Team (U.S. CERT)
- U.S. Securities and Exchange Commission - The mission of the U.S. Securities and Exchange Commission is to protect investors, maintain fair, orderly, and efficient markets, and facilitate capital formation.
- The Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) Internet bomb threats. The mission of the National Explosives Task Force (NETF) is to centrally coordinate the provision of explosives expertise to investigations and to ensure the coordination of a “whole of Government” effort to deter, prevent, detect, protect against, and respond to the threat posed by terrorist- or criminally-inspired attacks using explosives in the United States (U.S.) or against U.S. interests abroad.
OTHER AGENCIES AND ORGINIZATIONS THAT ADDRESS CYBERCRIME
- The Department of Commerce’s National Telecommunications and Information Administration (NTIA) has the necessary authority and expertise, developed through its role in other areas of Internet policy, to convene multi-stakeholder processes that address consumer data privacy issues. NTIA will lead the Department of Commerce’s convening of stakeholders in a deliberative process that develops codes of conduct and allows stakeholders to adapt the codes to protect consumers’ privacy as technologies and market conditions change.
- Department of Treasury and Internal Revenue Service: Our overall mission of cyber security at the Department is to assure the appropriate protection of cyber information, services, and assets. Security is critical to Treasury’s daily operations and fulfillment of its mission, which relies on protection of both sensitive unclassified and national security systems throughout the Department.
- The Federal Financial Institutions Examination Council (FFIEC): The Council is a formal interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions by the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Consumer Financial Protection Bureau (CFPB) and to make recommendations to promote uniformity in the supervision of financial institutions. The Federal Financial Institutions Examination Council (FFIEC) members are taking a number of initiatives to raise the awareness of financial institutions and their critical third-party service providers with respect to cybersecurity risks and the need to identify, assess, and mitigate these risks in light of the increasing volume and sophistication of cyber threats.
· The United States Department of Health and Human Services (HHS), also known as the Health Department, is a a cabinet-level department of the U.S. federal government with the goal of protecting the health of all Americans and providing essential human services. Its motto is "Improving the health, safety, and well-being of America”.
· The Health Information Trust Alliance, or HITRUST, in collaboration with healthcare, technology and information security leaders, has established the Common Security Framework (CSF), a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information. The most widely adopted security control framework in the U.S. healthcare industry, the CSF includes a prescriptive set of controls and supporting requirements that clearly define how organizations meet the objectives of the framework.
· National Council of ISACs-ISACs are trusted entities established by Critical Infrastructure Key Resource (CI/KR) owners and operators to provide comprehensive sector analysis, which is shared within the sector, with other sectors, and with government.. Services provided by ISACs include risk mitigation, incident response, alert and information sharing. The goal is to provide users with accurate, actionable, and relevant information.
Notify State & Local Law Enforcement : ( If you are an individual victim (non-business))
Check with your state Attorney General's office www.naag.org to find out if state law requires the police to take a reports for cyber crime.
- If you think you are a victim cyber-crime you should take the following steps to best insure your protection.
- Immediately report the crime to local police. If the police are reluctant to take your report, ask to file a "Miscellaneous Incident" report.
- You should also report the incident to the Federal Trade Commission (FTC) or The Internet Crime Complaint Center (IC3).
- Provide them with as much documentation as possible. Also, get a copy of the police report.
- Credit card companies, banks and others may require you to show a police report to support your claim that a crime was committed.
- After you file your police report, be sure to get a file for your personal record. It's handy for verification of your case.
- When it comes to personal credit, Experian, Transunion, and Equifax are the three primary reporting agencies.
- Report to identify theft idtheftcenter.org or lookstoogoodtobetrue.com.
Foreign Law Enforcement:
- List of Foreign law enforcement wiki list
- Russian Federation - Child exploitation
- Lithuanian Criminal Police Bureau @policija.lt
- The High Tech Crime Unit, Serious and Organized Crime Division (SO) 41-2, Bundeskriminalamt (BKA)
EuroISPA is a pan European association of European Internet Services Providers Associations (ISPAs). It is the world’s largest association of Internet Services Providers (ISPs), representing over 2300 ISPs across the EU and EFTA countries.
- AFA – Association des Fournisseurs d’Accès et de Services Internet
- AIIP – Associazione Italiana Internet Providers
- ANISP – The National Association of ISPs of Romania
- CZ.NIC – Czech Internet Association
- ECO – Verband der deutschen Internetwirtschaft
- FFT – Fédération Française des Télécoms
- FiCom – Finnish Federation for Communications and Teleinformatics
- ICT-Norway – Internet Service Providers Association of Norway
- ISPA Austria – Internet Service Providers Austria
- ISPA Belgium – Internet Service Providers Association Belgium
- ISPAI – Internet Service Providers Association of Ireland
- ISPA UK – Internet Services Providers Association UK
- LINX – The London Internet Exchange
- APIA- Asia & Pacific Internet Association
- APJII- Indonesian Internet Service Provider Association
- CAIP- Canadian Association of Internet Providers
- Centr – Council of European National Top Level Domain Registries
- ECOMLAC- Latin America and Caribbean Federation for Internet and Electronic Commerce
- HKISPA- Hong Kong Internet Service Providers Association
- IIA- Australian Internet Industry Association
- INHOPE- The Association of Internet Hotline Providers in Europe
- ISPA SA- Internet Service Providers Association South Africa
- TELESA- Telecom Services Association, Japan
- US ISPA- United States Internet Service Provider Association