Opinion | Why the F.B.I. Is So Far Behind on Cybercrime
The “anywhere” expectation is also misguided. Unlike agents on crimes such as bank robberies, cyberinvestigators usually don’t need to be near a crime scene to collect evidence. Still, F.B.I. agents typically span the country, changing posts every few years, for career advancement.
The F.B.I.’s emphasis on arrests, which are especially hard to come by in ransomware cases, similarly reflects its outdated approach to cybercrime. In the bureau, prestige often springs from being a successful trial agent, working on cases that result in indictments and convictions that make the news. But ransomware cases, by their nature, are long and complex, with a low likelihood of arrest. Even when suspects are identified, arresting them is nearly impossible if they’re located in countries that don’t have extradition agreements with the United States.
All of these aggravations cause computer experts to leave the F.B.I. It’s an easy transition because their skills are both immediately transferable to the private sector and in high demand.
The F.B.I. should study the success of the Dutch National Police’s High Tech Crime Unit. Because of its fast internet and favorable legal conditions, the Netherlands has long been a popular spot for hackers to set up the servers they use to commit crimes. The Dutch responded by launching the H.T.C.U. 15 years ago. Since then, it has become one of the world’s leading law enforcement forces in fighting cybercrime. Beyond arrests, it has prioritized anything that reduces hackers’ return on investment, seizing criminals’ servers, disrupting ransomware-spreading botnets and notifying victims of impending attacks.
From its early days, the H.T.C.U. hired tech experts with no background, or even interest, in traditional policing. When some talented digital recruits couldn’t pass the physical fitness tests or didn’t want to use weapons, H.T.C.U. leadership changed the requirements, allowing computer experts to join without passing the usual exams. But they left the job titles unchanged: Digital staff remained eligible for promotion to nearly any job in the H.T.C.U.
The H.T.C.U. also specified that half its staff must be cyberexperts. Each one is paired with a traditional law enforcement officer, and they work cases as a team. As John Fokker, who once served as digital coordinator of the H.T.C.U.’s ransomware team, told us, “the old school with the new school made it work.”
That approach works for the Dutch. If it is willing to let go of the “any job, anywhere” mantra, it could work for the F.B.I., too.