Cybercrime is generally understood as behaviors that involve the use of virtual environments and/or networked computer systems to generate harm. This broad definition of cybercrime captures a variety of different online behaviors, including interpersonal violence offenses such as cyberbullying and online harassment, as well as those involving the unauthorized use and access of computer systems such as malware dissemination, ransomware, and distributed denial of service attacks.
Cybercrimes are policed by both law enforcement (e.g., local, state or provincial, federal) and extralegal agencies. Local law enforcement agencies are composed of police officers, who are generally tasked with maintaining public order within a specific municipality or county, including investigating crimes, apprehending offenders, and implementing crime prevention mechanisms (e.g., educating the public on available resources; proactive neighborhood patrol) within their local jurisdiction. State and provincial law enforcement agencies are larger police forces that are generally responsible for conduct that occurs within their wider state and provincial borders, including conducting highway traffic control and providing forensic services to smaller local agencies residing within their state or province. State and provincial agencies often become involved only when local forces are limited in their resources to adequately respond to an incident or when local jurisdictional conflicts exist. Federal agencies operate at the highest level of law enforcement, because they deal with crimes that involve homeland security. In fact, federal agencies can obtain cooperation among several national jurisdictions depending on existing political ties and extradition agreements. Several extralegal agencies (e.g., Internet Crime Complaint Center; Computer Emergency Response Teams) are also active in responding to cybercrime incidents. These agencies, which may develop from either public or private sectors, generally perform acts that support law enforcement, including facilitating communication and information sharing between victims and law enforcement agencies.
Despite efforts to sanction online offenses, research suggests that cybercrimes present several challenges for law enforcement agencies across all levels of government. First, cybercrime offenders often anonymize their attacks and offline identities, making arrests and criminal prosecutions extremely challenging. Second, even if offenders and their actions are identified, agencies are limited by their geographic location and jurisdiction. Third, the technical nature of cybercrime means that victims may not be aware of their victimization until months after the attack, which may affect the identification of digital evidence necessary to prosecute an offender. Fourth, law enforcement officers may not possess the knowledge and expertise needed to secure and investigate a digital crime scene adequately.
One approach that could improve how cybercrimes are enforced and regulated is the paradigm of evidence-based policing (EBP). EBP is a collective effort involving law enforcement agencies, academic researchers, and industry personnel/practitioners, whose central focus is to develop a robust evidence base that can identify current and emerging problems in policing, examine possible solutions to these problems using rigorous scientific methods, and monitor these solutions over extended periods of time to ensure successful outcomes are maintained. Knowing which operational practices work best in different situations will not only lead to a more intentional use of officers’ time and agency resources but also strengthen public perceptions of law enforcement in responding to cybercrime calls for service.