The Norwegian Police Security Service (PST) and Criminal Investigation Service (Kripos) have to contend with highly organized cybercrime groups, but this is the new normal for all police officers. More education about cybercrime and international cooperation early on in police officers’ training is essential, says a professor at the Police University College. (Photo: Gorm Kallestad / NTB scanpix)

Police are on the streets while criminals are online

Police students are still taught to catch thieves on the streets, even though crime for monetary gain has moved to the Internet.

"Thieves aren’t going after individual bank customers any longer. They’re going after the whole bank,” said Professor Inger Marie Sunde of the Norwegian Police University College at the recent Police Research Conference in Oslo.

A growing number of criminals now earn big money by committing crimes in public spaces where the chance of being caught is very small and penalties are low.

Traditional acquisitive crime plunges

At the same time, traditional crime is plummeting.

The number of reported offenses in 2016 was the lowest level registered in the 24 years that Statistics Norway has recorded this type of statistic. Theft and drug crimes have both seen a significant decline.

Norway is not alone in experiencing this trend. At the Oslo conference, British criminologist Barry Loveday reported that traditional street crime in Britain and Wales has fallen sharply.

Robberies have dropped by 70 per cent since 1995.

This type of crime is now at its lowest since the Crime Survey for England and Wales (CSEW) started collecting crime data in 1981, Loveday said. He is a professor at the University of Portsmouth.

More likely to be robbed now

Even though the pickpockets are gone, the likelihood of being robbed in today's UK has increased significantly.

Fraud and cybercrime now constitute the biggest threat to the police in the UK and Wales, Loveday believes.

The dark figure of crime – a term used to describe unreported crime – is large, but for the first time CSEW has estimated this type of crime in the two countries. They estimate that 5.8 million cases of fraud and cybercrime occurred in 2015.

Individuals are now 20 times more likely to be exposed to fraud or robbery and ten times more likely to experience theft, Loveday writes in an article published in the International Journal of Police Science & Management.

Examples of this kind of crime include fraud in connection with e-commerce, computer virus attacks, hacking and identity theft and bankruptcy scams.

“Boss” ordered transfer of 500 million

According to Kripos, fraud on the Internet is a major crime challenge, Sunde says.

For example, a company employee receives an email with an apparent order from his boss to transfer a large payment to an account.

She relates how an employee of a Norwegian company transferred NOK 500 million after receiving just such a false order. The company figures to lose 100 million of this.

“This is the format of cybercrime. And the police's ability to investigate this type of crime is very limited, "says Sunde.

Only a handful of cybercrime cases make it to court. Between 2004 and 2012, not a single case came before the Supreme Court of Norway.

New skills needed

Both Sunde and Loveday believe that police are now facing a challenging situation. As crime evolves, law enforcement need to change along with it.

Sunde notes that the National Police Directorate has so far failed to plan for how the police can solve these challenges.

"We have reforms that constantly reorganize the police in Norway, but the same heads are being reorganized,” she says. “Where is the plan to recruit differently and provide the police with the new skills they need to solve social issues in today's society?”

Police expertise in this area is low, says Sunde says.

"The Norwegian Police Security Service (PST) and Criminal Investigation Service (Kripos) have to contend with highly organized cybercrime groups, but these are questions that concern all police officers. More education about cybercrime and international cooperation early on in police officers’ training is essential,” she says.

International becoming the norm

Sunde believes that greater foreign language proficiency is important for police officers. Perpetrators of crimes often live in other countries, meaning that international cooperation will become more the norm than the exception in the future.

Norwegian police reforms that came into effect in 2016 emphasized that the police should still be generalists.

Sunde thinks more discussion will be forthcoming soon on this topic. She believes that more specialization is needed, and that investigations will require more professionals like computer engineers.

"Nobody can expect the police to be able to do everything – to be both out on the streets and tracking thieves on the Internet,” she says.

Low chance of being caught

People generally expect a criminal act to be investigated and that the perpetrator may be punished.

This expectation fails when it comes to cybercrime, Sunde says.

In order to catch perpetrators and put them in prison, they have to be accessible – which cyber criminals aren’t.

"These criminals are often in completely different countries, and there are too many of them for police to handle. Very few end up being brought to account.

If the perpetrator is caught, the punishment is often a short and conditional sentence or maybe just a fine.

The same section of the law applies to a person who goes onto someone else's Facebook profile and a person who hacks into someone else's bank account. Both invoke a two-year penalty. If money is taken from the account, the perpetrator is charged with Internet fraud as well, which is punishable by up to six years of jail.

"I think the law needs to differentiate better between types of cyber fraud because their character and motives are so different. The penalties don’t fit the crime. If we want to deter this kind of crime, we have to adjust the penalties,” says Sunde.

Is more monitoring inevitable?

People expect the police to prevent criminal acts. Cybercrime makes this challenging, too.

Due to privacy laws, the police currently have limited access to monitoring people online.

When law enforcement isn’t able to gain insider access to the Internet or set up sensors for this, the whole issue of preventing crime becomes a major enigma, says Sunde, who is also a member of the Norwegian Parliamentary Intelligence Oversight Committee and a former state prosecutor.

She wonders if increased monitoring is an inevitable result.

“The European Court of Justice has put its foot down regarding surveillance in the form of general data storage, but I don’t think we’ve heard the last word in that debate. More monitoring is needed, but it also has to be regulated.

Police University College focuses on research

Sunde believes that research can help create a knowledge base that increases our ability to distinguish between acts that should be considered data security offences and those that should be considered criminal acts.

This distinction is important both for prevention and prosecution, she believes.

The Police University College is now focusing heavily on researching role of police in a digitized society, through its own projects and participation in major projects. More doctoral degrees in the field are being created that are relevant to the police.

But the police can’t do everything, she reminds us once more.

"We often talk about the Internet as a new social arena. But the police can’t just go online like they go out on the street or into parks. They’re completely dependent on other actors for insider access to the web. Sharing the work of tackling cybercrime with other entities is an urgent issue.


Read the Norwegian version of this article at

Scientific links

Related content
Powered by Labrador CMS