“I love my profession, but in some respects … law enforcement as a profession is still focused on the threat as it was yesterday,” said John Cohen, executive director for the Program for Countering Hybrid Threats at the Center for Internet Security (CIS). Cohen has a background in law enforcement and homeland security and is principal author on the report.
The CIS report calls for new law enforcement training, as well as efforts to help communities learn about and detect online manipulations. It also recommends creating a national clearinghouse to receive information from public- and private-sector sources about cyber threats, subsequently sharing both analyses and warnings. Simply put, addressing these multidimensional threats requires a holistic view.
“When you're looking at being better prepared to deal with these types of attacks — or being better prepared to respond to these types of attacks — you can no longer do it in a traditional stovepipe,” Cohen said. “You can't just have the IT department focusing on cyber attacks, and the police department focusing on physical attacks, and the communications department focusing on information operations.”
Some examples include domestic extremists creating online content intended to inspire physical violence, online doxing sparking real-world harassment or human traffickers using social media to find potential victims and customers. Recently, cyber criminals linked to a foreign nation even hacked a water utility to make a statement.
Investigative tactics can be slow to adapt, Cohen said. For example, dealers sell illegal drugs over the dark web, use couriers hired off social media and receive payment in cryptocurrency, Cohen said. But police may still be using investigative techniques designed when drug traffickers used pagers and pay phones to arrange in-person exchanges for cash.
“Currently, federal, state and local law enforcement generally lack the training, resources and authorities to prevent an astute offender from leveraging Internet-based tools or platforms to pursue their intended target(s),” the report says.
Government is still debating what sort of online content monitoring and analysis is appropriate for it to conduct, Cohen noted. To preserve public trust, a national clearinghouse for information about these threats should be run by a non-government, nonpartisan organization that collaborates with government, he said. Another benefit of that approach is that many of the experts in Internet subcultures reside outside of government, he said.
CIS hasn’t decided yet whether to take on the clearinghouse leadership role, but during the two-year research project that led to the report, CIS analyzed and shared threat-related information with state and local law enforcement. CIS is still considering if it could do so longer term, Cohen said.
To keep pace with evolving threats, the report further recommended creating a public-private task force to study how new tech like AI could be used to uncover threats facilitated by online communications as well as how it could be used by threat actors for malicious purposes.
The report also recommends creating a national framework for “incorporating malicious or illicit online activity” into law enforcement threat prevention and response efforts. Members of law enforcement at all levels, mental health experts and civil society organizations should all help consider best practices.
Reducing violence spurred by online disinformation also requires helping constituents detect online efforts to manipulate them. Trying to remove harmful online content has not seemed to make a significant difference, with perpetrators easily reposting under new accounts or on different platforms, per the report. But education can help reduce the impact.
For one, stakeholders can share ideas and provide funding and resources to help those closest to residents — like local government — regularly inform residents about online manipulations that might target them. Educating K-12 age students on digital literacy, critical thinking and basic cybersecurity can help them resist threat actors’ manipulations or efforts to groom and recruit them.
Additionally, engaging residents in elections or other civic processes helps them understand how the processes work, making them better able to spot when claims about them are false online. Plus, in-person meetings can help humanize election officials to the public, fostering more trust.
