Why Fighting Cybercrime Is So Hard

Fighting crime isn’t what it used to be. Ever-changing technology, rigorous legal restrictions on how evidence is collected and used in court, and disconnects between law-enforcement agencies and investigative techniques plague prosecution efforts at every level of the legal system. The end result? Frequently dismissed cases and a growing number of elusive criminals taking advantage of everything from back-doors in smartphones to faster ways of carrying out organized crime.

Enter Cal State East Bay alumnus and San Luis Obispo District Attorney Dan Dow (B.A. ’99, Political Science), who is at the helm of a first-of-its-kind initiative in California to begin unifying how cybercrimes are investigated and prosecuted: the recently launched Central Coast Cyber Forensics Laboratory.

“Criminals are using technology to commit crimes — everything from hacking to human trafficking — and they’re going undetected,” Dow explains. “We are trying to adapt so we can catch and prosecute them, but it’s becoming more and more difficult since there are a lot of different agencies across the state and there’s not a real clear standard on how to gather the evidence.”

The lab Dow has helped create is a collaboration between education and law-enforcement entities. He and several colleagues came up the idea with in 2014 — the same year the report “California and the Fight Against Transnational Crime” identified the Golden State as a prime target for cybercrime due to its high concentration of technology-based businesses. It’s a fact that routinely puts California residents, their information and personal security at significant risk.

And as most crimes today have some sort of electronic evidence component, the implications are nearly endless.

“It doesn’t matter what kind of case it is,” Dow says. “Domestic violence, sexual assault, petty theft — almost anything nowadays includes some kind of technology because everybody has phones or devices.”

“Criminals are using technology to commit crimes — everything from hacking to human trafficking — and they’re going undetected.”

The new lab will allow state agencies to work together, pooling their resources for more accuracy and consistency. For example, if the San Luis Obispo Police Department has a crime they know involves cyber evidence, investigators can bring the case to the lab, use the technological resources there and ask representatives from other agencies to weigh in. The goal is that over time, greater synergy between police departments, investigators and attorneys will result in more uniformity, and prosecution of, cybercrimes.

And the backbone of CCCFL, the focus on cross-disciplinary collaboration, is something Dow says he learned as a student at Cal State East Bay.

“My professors are the ones who prepared me to be a prosecutor … and it was being in a collaborative learning environment and participating in activities like Associated Students Inc. that I began to appreciate a collaborative approach to solving problems,” he says. (He obtained his law degree from Santa Clara University in 2005.)

As a component of Cal Poly’s larger California Cyber Training Complex, the CCCFL will also serve as an academic training space for current and future cybercrime fighters, an industry that Cal State East Bay computer science professor Levent Ertaul says is one of the nation’s fastest-growing.

“The thing is that every day there’s some sort of news about cybersecurity, something about this hacking or that hacking,” he says. “We are all so integrated and our entire lives are on the internet now … students know they can find jobs in the field and jobs that pay.”

The CCCFL founders intend for the center to help investigators collect cyber evidence in a way that’s legally compliant with the California Electronic Communications Privacy Act, so it can be admitted into court by prosecutors.

“Legal compliance is huge,” Dow says. “Now our lab team can come together and say ‘What are the challenges, what is our strategy?’ and write a search warrant that is compliant with the California ECPA and federal law, so that we’re gathering and extracting the data in a way that keeps it preserved and can be legally admitted as evidence.” 

WANT TO JOIN THE FIGHT AGAINST CYBERCRIME?

Cal State East Bay offers robust program options in cybersecurity, both through the university’s computer science and continuing education departments.

According to Professor of Computer Science Levent Ertaul, students can choose from more than a half-dozen cyber security-related courses each quarter, including Principles of Network Security, Network Security Management and Security in Computer Networks, among others.

Cal State East Bay has also hosted several cybersecurity and privacy seminars, as well as hands-on hackathons that give students the chance to test their skills in a timed setting.

In addition, Cal State East Bay Continuing Education recently launched the course “Cyber Security Awareness and Response” designed for individuals, business owners and government professionals who want to gain insight into the fast-changing cybersecurity field. 

The curriculum covers the basics of cyber intrusion, what steps can be taken to minimize an attack and how organizations can defend themselves against cyber threats. It is taught by Certified Emergency Manager Bijan Karimi, who received his master’s degree in Homeland Security and Defense from the Naval Postgraduate school and currently works for the San Francisco Department of Emergency Management.