The U.S. Department of Justice (DoJ) is getting serious about putting cybercriminals behind bars. A Cyber Fellowship program launched by the DoJ and administered by the Computer Crime and Intellectual Property Section of the Criminal Division of the DoJ will over the course of three years train prosecutors on how to handle cases involving emerging national security threats.
When it comes to successfully prosecuting cybercriminals most cybersecurity professionals have low expectations. They know most of the perpetrators of these crimes are beyond the reach of local law enforcement officials. However, the good guys once in a while get lucky.
Unfortunately, most cybersecurity professionals have encountered at least one legal eagle that was out of their depth attempting to prosecute a criminal case involving cybercrime so any coordinated education effort on the part of the DoJ is welcome. In fact, hopefully, many other countries along with individual states and provinces will launch similar initiatives.
The Cyber Fellowship is a direct result of an ongoing comprehensive cyber review ordered by U.S. Deputy Attorney General Monaco last May that is intended to provide actionable recommendations to enhance and expand the DoJ’s ability to prosecute cybercriminals.
Participants in the program will rotate through multiple departments, including the Criminal Division, the National Security Division, and the U.S. Attorneys’ Offices, located in and around Washington, D.C. Fellows can expect to investigate and prosecute state-sponsored cyber threats; transnational criminal groups; infrastructure and ransomware attacks; and the use of cryptocurrency and money laundering to finance and profit from cyber-based crimes. Successful fellowship candidates must also be able to secure a Top Secret security clearance.
Fellows may also be extended or converted to permanent positions without further competition or may reapply to the Honors Program in a subsequent year provided they meet eligibility criteria. Alternatively, as they approach the end of their three-year term, Fellows may apply to permanent positions within the department that best aligns with their interests.
The best thing about this training is it is likely to encourage more cybersecurity professionals to come forward. Navigating byzantine legal statutes with the aid of somebody who doesn’t really understand cybersecurity is at best a frustrating experience. The more positive the experience the faster word will get around. Before too long, cybersecurity professionals will become a lot more willing to voluntarily share their insights and expertise. Some might even testify in the capacity of expert witnesses. Others might even decide to become lawyers that specialize in cybercriminal cases.
Of course, there’s still a lot of work to be done in terms of laying the extradition foundations required to prosecute cybercriminals hiding out in countries that turn a blind eye to their activities. Nevertheless, every journey begins with the first step. Training lawyers on how to prosecute cybercriminals is an investment in a future where successful prosecutions of cybercriminals will be a lot more common than they are today.
Mike Vizard has covered IT for more than 25 years and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb, and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.