The challenges facing specialist police cyber-crime units
Inspired by the difficulties faced by police cyber-crime units a team of researchers from the Deakin and Monash University conducted an empirical research, using a mix of survey data and in-depth interviewing, with staff from two Australian specialized cyber-crime units.
Conducted by Diarmaid Harkin, Chad Whelan and Lennon Chang (2018) the study aims to uncover: “the key challenges facing specialist cyber-crime units” and based on the opinions of those surveyed: „what are the key changes needed to strengthen police responses to the escalating threat of cyber-crime?”. This Article will present their main findings and shortly summarise the study.
You can also read the full study here.
The two specialised Australian cyber-units surveyed are both part of police organisations with more than 10.000 staff with a jurisdiction of hundreds of thousands of square kilometres and a population of well above 2.5 million, according to the study. The researchers suggest, for instance, the Greater Manchester police in the U.K as comparable example.
In early 2017 the members of both of the cyber-units included in the study conducted an online survey. This was followed by semi-structured interviews. The interviews were based on those having completed the online survey and on a snowball sampling technique. Therefore, the study points out that being based on the opinions of the members it reflects their views rather than their respective organisations.
According to the study, in the first case study, 17 sworn investigators with a cyber-focus in addition to two civilian staff members took part in the survey. Additionally, 12 interviews were conducted.
In the second case study, 5 sworn investigators and 8 civilian staff responded. This was followed by 9 interviews.
Therefore, the study is based on a survey of 32 experts and 21 interviews.
Among those surveyed, the study found, 68% felt happy with their experience within the cybercrime unit. Further, the overall majority, with the exception of three individuals, reported a strong job satisfaction in comparison to their previous role or job.
However, the study notes, that staff retention was identified as ongoing problem within the cyber-units. One of those interviewed, expressed strong competition from the private industry in addition to a major workload as major reason for this problem. Similar views were expressed by others, which added transition into other police units as reason for some to leave. According to them, this resulted in a problem as the high turnover made training difficult, leaving the few tech-savvy staff present within specialist units with even more work.
The study summarises, that in total three major trends were observed from the surveys and interviews and occurred similarly in both case studies:
- The quantity of work
- Resourcing of the units is not commensurate with the volume of work
- The necessary skills are in short supply
The quantity of work
The majority of the respondents identified the quantity of work as key challenge. The study cites one of the those interviewed: “I think last month we got 800 reports just for one month. Between six people.”. The study itself, points to an imbalance between reports made and number of staff available to deal with them, seeing it as a major area of concern.
Moreover, the study observed that the workload of these units is further expanded:
Members of cyber-crime units also provide a service role to other specialised units and regional police, seeking advice on cyber-crimes encountered. Further the study points out, that constant technological advancements and changes make the individual cases more time-consuming, even more traditional crimes. One of those part of the survey explained: “We used to allocate an hour to do someone’s phone but that doesn’t work anymore because it could take us all day just to extract the data off and that’s without the time of someone looking at it.” Thus, not only the use of more complex technologies by the criminals but also the victims, makes the individual case increasingly complex.
Resourcing of the units is not commensurate with the volume of work
The study summarises the concerns of the participants further. According to them, the reported increase in work has not been accompanied by an increase in resources. The study highlights, how one of the specialised-crime units received 478 cases in May 2016. One year later 860 cases were reported in May 2017; however, staff levels remained constant.
The study presents several interviews, in which the staff highlights the imbalance between resources and the constantly increasing range, complexity and size of the cyber-crime dimension. From the interviews presented, all appear to agree that “cyber’s going to be a growth area” and that cybercrime is : “definitely going toincrease”. Only three individuals agreed with the statement that there was a “suitable allocation of resources”.
In this regard, the study shows that several respondents expressed frustration about being drawn into investigations of other crime units. Moreover, the study summarised that members of the cyber-crime unit perceived cyber-crime to be seen as low priority in comparison to other forms of crime in the organisation. As such, one of those interviewed expressed:” it just doesn’t get the interest from the supportservices like your surveillance and your technical units.”
The study further analysed, that: “certain members of the cyber-squads feel somewhat distanced, marginalisedor undervalued”. This was connected by the researchers to the identified perception of the members of the cyber-crime units that: “the existing hierarchy were unlikely to have intimate knowledge of the work of cyber-squads or the nature of cyber-crime investigations”.
Only six respondents agreed that their organisation “places an appropriate amount of significance and attentionon the issue of cyber-crime”, while at least 19 respondents disagreed. The study summarises its perceived reasons for this:
- current leaders in the organisation being unlikely to know what the work involves;
- cyber-crime being broadly considered a lower priority compared with other crime types;
- and its increasing significance not fully being recognised.
The necessary skills are in short-supply
As final point the study highlights, that participants suggested the required skills in the units are not matched with the task of cyber-policing. Only 10% agreed that “they are adequately prepared to respond to the present and forthcoming challenges of cyber-crime”.
According to the study, this problem arises from a feeling that “current training is inadequate for the nature of the work”. The study offers the response of one interviewee:” There is no training for a lot of the stuff here. You just bring the skills with you”. When attempts to train officers did occur, they were perceived as inadequate. Further, the study observed that some practitioners suggested that skilled investigators, having to pay their training out of their own pocket, left the police all together because of this.
Moreover, beside the “brain drain” to the private sector, the investigators reported competition over experts in cyber-crime with other government departments and agencies.
Hence, from the results of the study it appears that there is a lack of cyber-crime experts, in general. This appears to increase the workload of the remaining experts within the special units, making an exit to the private sector or other agencies more likely. Moreover, beside their much-needed qualities, the study appears to show that those working in the cyber-units are generally happy with their work but do not feel that they get the support and training they require.
What needs to be done to improve cyber-policing capabilities?
Having analysed the problem, the study asked the practitioners how the cyber-crime capacities of their organisations could be increased.
The majority of those interviewed argued for a significant increase in the number of staff allocated to tackle cyber-crime. However, it was also pointed out that this increase in quantity should be accompanied by a focus on quality as well. Thus, the study highlights the concerns that an increase in numbers would only be beneficial, if “the necessary technical skills and training were suitably available”. Also, for those already engaged in the units, “further training opportunities” were seen as vital for an overall improvement of cyber-crime units’ capabilities.
The study, also highlights, the expressed need for supervisors to be more aware of the needs and requirements of their cyber-units. In this regard, the participants stressed that there needed to be more stability within the units as well.
This Stability, it was suggested, could be achieved by reducing the number of members being rotated out of the units after a specific term or seconded to other units.
Especially, opportunities for promotions were desired, which would also advance the number of higher-ranking police members with specific knowledge about the requirements of cyber-crime units.
Finally, it was suggested to offer courses and training on cyber-crime to police outside of the specialised units. This, would not only address the increasing impact of technology on crime in general and the spread of technology enabled crime. Moreover, this would also reduce the workload of the cyber-crime units to some degree and provide a pool of potential recruits, which could be provided with special training and be integrated into the cyber-crime units.
Note: This article is based on a 2018 study, condcuted by Harkin, Whelan and Chang.
Autor: Niklas Hamann
Harkin, D., Whelan, C. and Chang, L. (2018). ‘The challenges facing specialist cyber-crime units: an empirical analysis’. Police Practice and Research, 19(6), pp. 519-536.
cybercrime, policing, research,