States take growing role in cyber crimefighting

It's unclear whether cyber crime is increasing or simply being reported more often — or a combination of the two. But as the number of cyber crime cases increase, state and local law enforcement agencies are taking an increasingly active role in investigating them.

The number of complaints that individuals filed with the Internet Crime Complaint Center jumped more than 30 percent from 2007 to 2008 and corporate cyber crimes continues to make headlines. The FBI, nonprofit National White Collar Crime Center and Bureau of Justice Assistance jointly operate the IC3.

“There are not that many lawyers who understand these types of crimes, especially on the state level,” said Domingo Rivera, a defense attorney in Richmond, Va., who has a technology background and has worked on cases at the federal and state levels.

Defense attorneys might need to brace for an onslaught. Federal agencies provide training for state and local law enforcement organizations that are continually increasing their abilities to investigate and prosecute cases.

Federal investigators handle cases that cross state lines or international borders. But federal officials say they see real benefits in developing the non-federal authorities' abilities. The FBI and Secret Service have training programs for non-federal authorities and work with them through task force programs.

“It’s a mutual benefit,” said Malcolm Wiley, a Secret Service spokesman.

Craig Butterworth, a National White Collar Crime Center spokesman, said the center has about 3,000 member agencies that receive cyber crime training. The majority of those are from law enforcement, but some are also regulatory organizations and attorney generals’ offices.

Butterworth said that as local and state authorities have improved their capabilities, they develop a greater sense of independence.

At the federal level, agency leaders must decide when to pursue a case or let it go. John Lynch, deputy chief of the Justice Department's Computer Crime and Intellectual Property Section, said two big determinants of a cyber case being prosecuted federally are whether the conduct has a significant interstate effects or a foreign component.He added that investigative agencies have an initial idea of what is likely to be a federal case, but although there are rough guidelines for monetary thresholds that would make it a federal matter, determinations are made on an individual basis.

“From state to state, the penalties do vary greatly,” said Terri Campbell, acting section chief for the strategic outreach and initiative section of the FBI’s Cyber Division. “If it meets federal guidelines and we are working that case, that might be a consideration in where to prosecute the individual or individuals.”

Crimes such as sexual solicitation of a minor tend to be handled at a state level while copyright infringement and hacking are typically federal cases, Rivera said. The federal government has mandatory minimum sentences, but states are catching up, he said. Still, he said, federal courts probably are still more likely to impose harsher sentences than many state courts.

Federal judges also tend to have a good understanding of cyber crime and the related technologies, while judges at the state level vary widely.

Federal officials often prosecute cyber crime cases under the portion of U.S. code that covers fraud and related activity in connection with computers.

Edward Lowery, assistant special agent in charge of the criminal investigative division at the Secret Service, which focuses on protecting the country’s financial infrastructure, said high-level hackers have stepped up attacks on payment processors, which handle high levels of transactions, rather than individual businesses.

“It’s become a professional game,” he said.