高网络犯罪报告机制变化各机构在制定指标方面面临挑战

GAO-23-106080

UnitedStatesGovernmentAccountabilityOffice

ReporttoCongressionalCommittees

June2023

CYBERCRIME

Reporting

MechanismsVary,andAgenciesFaceChallengesinDevelopingMetrics

Highlightsof

GAO-23-106080,

areporttocongressionalcommittees

WhyGAODidThisStudy

Cybercrime(includingcyber-enabledcrime)generallyconsistsofcriminalactivitiesthattargetacomputerornetworkfordamageorinfiltrationorusetheinternettoconductcriminalactivity.CybercrimeintheUnitedStatesisincreasing,resultinginbillionsofdollarsinlossesandthreateningpublicsafety.However,theUnitedStateslackscomprehensivecybercrimedataandmonitoring,leavingthecountrylesspreparedtocombatcybercrime.TheBetterCybercrimeMetricsAct,enactedin2022,requiresDOJtodevelopataxonomyfortypesofcybercrimeandcyber-enabledcrimeandestablishacategoryinitsNationalIncident-BasedReportingSystemtocollectreportsforcybercrimefromlawenforcement.TheactalsoincludesaprovisionforGAOtoreportonexistingcybercrimereportingmechanisms.

Theobjectivesofthisreviewweretofocuson(1)existingmechanismsusedtoreportcybercrimeandcyber-enabledcrime,includingreportedstrengthsandlimitations;(2)differencesbetweendatareportedoncybercrimeorcyber-enabledcrimeandothertypesofcrime;and(3)challengesselectedagenciesreportedindefiningsharedmetricsforcybercrime.GAOidentifiedagencieswithkeyresponsibilitiesforidentifying,investigating,andprosecutingcybercrime.GAOrevieweddocumentationonagencymechanismsforreportingcybercrimedata,suchascasemanagementsystems.Italsointerviewedagencyofficialsregardingthesemechanisms,differencesbetweencybercrimeandothertypesofcrime,andchallengesinestablishingsharedmetrics.

View

GAO-23-106080.

Formoreinformation,

contactMarisolCruzCainat(202)512-5017

or

cruzcainm@

orGrettaL.Goodwin

at(202)512-8777or

goodwing@

.

June2023

CYBERCRIME

ReportingMechanismsVary,andAgenciesFace

ChallengesinDevelopingMetrics

WhatGAOFound

Federalagenciesuseavarietyofmechanismstocollectandreportdataoncybercrime.Themechanismsuseddependonwhethertheagency’smissionrelatedtocybercrimeisidentification,investigation,orprosecution.(Seefigure.)

TypesofAgencyMechanismsUsedforReportingCybercrime

Note:GAOidentified12agencies,includingtheDepartmentofJustice,FederalBureauofInvestigation,andInternalRevenueService;theentirelistisincludedinthereport.

Strengthsofthesemechanismsincludedspecificfunctionalityforcapturingcybercrimeattributestofacilitateinformationsharing.Limitationsincludedvariationsinhowsystemsclassifyandtrackcybercrimeandtheabsenceofacentralmechanismthatcollectsdataoncybercrime.Thesearepartlyduetothelackofanofficialorcommonlyagreed-ondefinitionofcybercrime.

Agenciesalsoidentifieddifferencesbetweendatareportedoncybercrime(includingcyber-enabledcrime)andothertypesofcrime.Forexample,cybercrimemaynotbeconsistentlytrackedbecauseitisnotalwaysassociatedwithaspecifictypeofoffense.Inaddition,victimsmaybehesitanttoreportcybercrimebecauseoflackoffamiliarityorreputationalconcerns.

Agenciesidentifiedchallengesindefiningsharedmetrics.Theseincludemeasuringtheextentandimpactofcybercrime,agreeingonadefinitionofcybercrime,andcoordinatingamonglawenforcementagenciesatvariouslevels.TheDepartmentofJustice(DOJ)effectivelydevelopingacybercrimetaxonomyandcategoryinitsnationalcrimereportingsystemshouldhelpaddressthesechallenges.GAOintendstomonitorfutureefforts,includingthosetodevelopcybercrimecategoriesandensureconsistentreporting.

UnitedStatesGovernmentAccountabilityOffice

Contents

Letter

Background

AgenciesUseVariousMechanismstoReportCybercrimeand

NotedStrengthsandLimitations

AgenciesNotedDifferencesbetweenReportingCybercrimeand

OtherCrimes

AgenciesIdentifiedChallengesinEstablishingCybercrimeMetricsAgencyComments

1

4

11

23

25

30

AppendixI

Objectives,Scope,andMethodology

32

AppendixII

GAOContactsandStaffAcknowledgments

35

Tables

Table1:Cybercrime-RelatedResponsibilitiesofSelectedAgencies

Table2:SelectedGAOReportsAddressingAspectsofCybercrimeandCyber-EnabledCrime

6

9

Figures

Figure1:TypesofMechanismsAgenciesinOurReviewUsedfor

ReportingCybercrime12

Figure2:FunctionalityThatSelectedAgencySystemsUsedto

CollectCybercrime-RelatedData20

Figure3:ChallengesinEstablishingCybercrimeMetrics26

Pagei

GAO-23-106080Cybercrime

Abbreviations

ATF

BureauofAlcohol,Tobacco,Firearms,andExplosives

BJS

BureauofJusticeStatistics

CCIPS

ComputerCrimeandIntellectualPropertySection

CISA

CybersecurityandInfrastructureSecurityAgency

DEA

DrugEnforcementAdministration

DHS

DepartmentofHomelandSecurity

DOJ

DepartmentofJustice

FBI

FederalBureauofInvestigation

FIRS

FieldInvestigativeReportingSystem

FinCEN

FinancialCrimesEnforcementNetwork

HSI

HomelandSecurityInvestigations

IC3

InternetCrimeComplaintCenter

IC3Net

IC3Network

IRS

InternalRevenueService

NIBRS

NationalIncident-BasedReportingSystem

NSD

NationalSecurityDivision

SLTT

state,local,tribal,andterritorial

USPIS

U.S.PostalInspectionService

ThisisaworkoftheU.S.governmentandisnotsubjecttocopyrightprotectionintheUnitedStates.ThepublishedproductmaybereproducedanddistributedinitsentiretywithoutfurtherpermissionfromGAO.However,becausethisworkmaycontaincopyrightedimagesorothermaterial,permissionfromthecopyrightholdermaybenecessaryifyouwishtoreproducethismaterialseparately.

Pageii

GAO-23-106080Cybercrime

Letter

441GSt.N.W.

Washington,DC20548

June20,2023

TheHonorableDickDurbin

Chairman

TheHonorableLindseyGraham

RankingMember

CommitteeontheJudiciary

UnitedStatesSenate

TheHonorableJimJordan

Chairman

TheHonorableJerroldNadler

RankingMember

CommitteeontheJudiciary

HouseofRepresentatives

Cybercrimegenerallyincludescriminalactivitiesthatspecificallytargetacomputerornetworkfordamageorinfiltrationorusecomputersastoolstoconductcriminalactivity.Inaddition,“cyber-enabled”crimecanrefertoavarietyoftraditionalcriminalacts,suchastheftorfraud,whicharecarriedoutovertheinternet.ThesetypesofcrimesintheUnitedStatesareincreasingandhaveresultedinhundredsofbillionsofdollarsinlosses,threateningpublicsafetyandeconomicsecurity.

Multiplefederalagencieshaveresponsibilitiestoprotectagainst,detect,investigate,andprosecutecybercrime.Forexample,theDepartmentsofJustice(DOJ)andHomelandSecurity(DHS)haveprominentrolesinaddressingcybercrimewithinthefederalgovernment.Stateandlocallawenforcemententitiesplaysimilarrolesattheirlevels.However,CongressandresearchershavefoundthattheUnitedStateslackscomprehensivecybercrimedataandmonitoring,leavingthecountrylesspreparedtocombatthecybercrimethreateningnationalandeconomicsecurity.

TheBetterCybercrimeMetricsAct,enactedMay5,2022,includesaprovisionforGAOtoreportontheeffectivenessofreportingmechanismsforcybercrimeandcyber-enabledcrimeintheUnitedStates.Italsoasks

Page1

GAO-23-106080Cybercrime

ustoreviewdisparitiesinreportingdatabetweenthoserelatingtocybercrimeandcyber-enabledcrimeandothertypesofcrimedata.

1

Theobjectivesofthisreviewweretoidentify(1)theexistingmechanismsusedtoreportcybercrimeandcyber-enabledcrimeintheUnitedStatesandthestrengthsandlimitationsthathavebeenreportedinthesemechanisms,(2)thedifferencesbetweendatareportedoncybercrimeorcyber-enabledcrimeandothertypesofcrime,and(3)thechallengesselectedagenciesreportedindefiningsharedmetricsfortrackingcybercrimeandcyber-enabledcrimeintheUnitedStates.

Wefocusedthisreviewonselectedfederalagencieswithresponsibilitiesrelatedtocybercrime.Weidentifiedkeyagencieswithresponsibilitiesforidentifying,investigating,andprosecutingcybercrimebasedonareviewofpreviousGAOworkinthisarea

2

andbyconsultinginternalGAOstakeholderswithsubject-matterexpertise.Wealsosolicitedinputfromagencieswespokewithtoidentifyadditionalagenciesorofficesthatplayaroleincollectingdatarelatedtocybercrime.Asaresultofthisselection,wefocusedourreviewonthefollowingagencies:

DepartmentofHomelandSecurity

•UnitedStatesSecretService

•CybersecurityandInfrastructureSecurityAgency

•ImmigrationandCustomsEnforcement’sHomelandSecurity

Investigations

DepartmentofJustice

1BetterCybercrimeMetricsAct,Pub.L.No.117–116,§6,136Stat.1180,1181(May5,

2022)(34U.S.C.§30109note).

2See,forexample,GAO,VirtualCurrencies:AdditionalInformationCouldImproveFederalAgencyEffortstoCounterHumanandDrugTrafficking,

GAO-22-105462

(Washington,D.C.:Dec.8,2021);Cyberspace:TheUnitedStatesFacesChallengesinAddressingGlobalCybersecurityandGovernance,

GAO-10-606

(Washington,D.C.:July2,2010);andCybercrime:PublicandPrivateEntitiesFaceChallengesinAddressingCyber

Threats,

GAO-07-705

(Washington,D.C.:June22,2007).

Page2

GAO-23-106080Cybercrime

•FederalBureauofInvestigation(includingitsBaltimorefieldoffice,

3

CriminalJusticeInformationServicesDivision,andInternetCrimeComplaintCenter)

•DrugEnforcementAdministration

•BureauofAlcohol,Tobacco,Firearms,andExplosives

•ComputerCrimeandIntellectualPropertySection

•NationalSecurityDivision

•BureauofJusticeStatisticsDepartmentoftheTreasury

•InternalRevenueService-CriminalInvestigation

•FinancialCrimesEnforcementNetwork

U.S.PostalService

•U.S.PostalInspectionService

4

Toaddressourfirstobjective,wereviewedrelevantfederallaws,includingtheBetterCybercrimeMetricsActandtheUniformFederalCrimeReportingActof1988.

5

Inaddition,wereviewedagencypolicies,procedures,andotherdocumentationonprocessesforcollecting,tracking,sharing,andreportingdataoncybercrimeandcyber-enabledcrime.Wealsorevieweddocumentationforsystems(e.g.,databasesandcasemanagementsystems)usedbyagenciestocollect,track,share,andreportdataoncybercrimeandcyber-enabledcrime.Lastly,weinterviewedcognizantagencyofficialsabouttheirprocessesandmechanismsforcollectingandreportingdataoncybercrimeandcyber-enabledcrime,includingthestrengthsandlimitationsofexistingreportingmechanisms.

Toaddressoursecondobjective,wereviewedagencypolicies,procedures,anddocumentation.Further,wereviewedrelevantreportsfromGAOandothers,aswellasotherliterature.Wealsointerviewed

3WemetwiththeFBI’sBaltimoreFieldOfficetounderstandhowFBIfieldpersonnelmaycollectandreportdataoncybercrime.

4WhiletheDepartmentofDefense’sCybercrimeCenterplaysaroleinrespondingtocybercrimeandcyber-enabledcrime,wedidnotincludethecenterinourreviewbecause

itsmissionrelatedtocybercrimefocusesoninternalDepartmentofDefensematters.534U.S.C.§41303.

Page3

GAO-23-106080Cybercrime

cognizantagencyofficialsregardingdifferencesinhowdataaboutcybercrimeandothertypesofcrimearecollectedandreported.

Toaddressourthirdobjective,wereviewedpriorGAOworkandotherrelevantreportsandliterature.Wealsointerviewedcognizantagencyofficialsaboutanychallengesthatexistindefiningsharedmetricsforcybercrimeandcyber-enabledcrime.Weanalyzedagencyresponsestoidentifythenumberofagenciesthatreportedexperiencingthechallenge,aswellasthefactorsthatcontributedtothechallenges.Additionaldetailsaboutourobjectives,scope,andmethodologyareinappendixI.

WeconductedthisperformanceauditfromMay2022toJune2023inaccordancewithgenerallyacceptedgovernmentauditingstandards.Thosestandardsrequirethatweplanandperformtheaudittoobtainsufficient,appropriateevidencetoprovideareasonablebasisforourfindingsandconclusionsbasedonourauditobjectives.Webelievethattheevidenceobtainedprovidesareasonablebasisforourfindingsandconclusionsbasedonourauditobjectives.

Associetyengagesinmorepersonal,business,andgovernmentalactivitiesonline,criminalsarealsoshiftingtheiractivitiesonlineandbecomingmoresophisticatedinexploitingvulnerablepopulationsandthreateningpublicsafetyandeconomicsecurity.Cybercrimeisabroadtermthatcanrefertoavarietyofillegalactivitiesthattargetpotentialvictimsonlineormakeuseoftheinternettocarryoutillicitactivities.Cybercrimecanincludevarioustypesofnetworkintrusionsforillicitgainorothermaliciouspurposes,suchasransomwareattacks.

6

Inaddition,traditionalcriminalactivitiesthatarefacilitatedbytheuseoftheinternet—sometimesreferredtoas“cyber-enabledcrime”—canincludefraud,identitytheft,andthesaleofillegalgoods.

Cybercrimescantargetindividuals,privatesectorcompanies,criticalinfrastructure,andgovernmentagencies.Forexample:

•InFebruary2023,theU.S.MarshalsServicereportedthatithadbeenthevictimofaransomwareattackthatimpactedastand-alonecomputersystemcontainingrecordsaboutongoinginvestigations,employeepersonaldata,andinternalprocesses.Theagencyreported

Background

6Ransomwareisaformofmalicioussoftwaredesignedtorenderanindividual’sororganization’sdataandsystemsunusable.Ransompaymentsarethendemandedinexchangeforrestoringaccesstothelockeddataandsystems.

Page4

GAO-23-106080Cybercrime

thatthesystemdidnotincludepersonaldetailsaboutpeopleenrolledintheFederalWitnessProtectionProgram,whoselivescouldbeindangerifpubliclyexposed.However,theattackersdidexfiltratesensitivefiles,includinginformationaboutinvestigativetargets.

7

•InMay2021,theColonialPipelineCompanywasavictimofaransomwareattackthatresultedinatemporarydisruptioninthedeliveryofgasolineandotherpetroleumproductsacrossmuchofthesoutheasternUnitedStates.Specifically,maliciousactorsreportedlydeployedransomwareagainstthepipelinecompany’sbusinesssystems.Toensurethesafetyofthepipeline,thecompanyproactivelydisconnectedcertainsystemsthatmonitorandcontrolphysicalpipelinefunctionssothattheywouldnotbecompromised.Disconnectingthesesystemsresultedinatemporaryhalttoallpipelineoperations,thoughtheseweresubsequentlyresumed.

•InDecemberof2020,thecybersecurityfirmFireEyediscoveredthataSolarWindsproductknownasOrionwascompromisedandbeingleveragedbyathreatactorforaccesstoSolarWinds’customersystems.AccordingtotheSolarWindsChiefExecutiveOfficer,hackersbreachedthecompany’snetworkasearlyas2019.TheyinsertedmaliciouscodeintoOrion—aproductwidelyusedinboththefederalgovernmentandprivatesectortomonitornetworkactivityandmanagedevices.Thethreatactor,theForeignIntelligenceServiceoftheRussianFederation,usedOriontobreachseveralfederalagencynetworks.Theinitialbreachopenedabackdoortoagencysystemsthatenabledthethreatactortodeliveradditionalmaliciouscode.Thisallowedthemtomovelaterally,gatheringinformationandcompromisingdata.

•Between2017and2021,theFBI’sInternetCrimeComplaintCenter(IC3)receivedanaverageof552,000complaintsperyear.Theseincludecomplaintsofextortion,identitytheft,personaldatabreach,nonpaymentornondelivery,andphishing.

8

Inits2021annualreport,IC3estimatedatotallossof$18.7billionoverthisperiodresultingfromtheseincidents.

9

7Exfiltrationistheunauthorizedtransferofinformationfromaninformationsystem.

8Phishingisatechniqueforattemptingtoacquiresensitivedata,suchasbankaccountnumbers,throughafraudulentsolicitationinemailoronawebsiteinwhichtheperpetratormasqueradesasalegitimatebusinessorreputableperson.

9FederalBureauofInvestigation,InternetCrimeReport2021,accessedMarch17,2023,

/Media/PDF/AnnualReport/2021_IC3Report.pdf.

Page5

GAO-23-106080Cybercrime

•State,local,tribal,andterritorial(SLTT)governmentorganizations,includingschools,havebeenparticularlytargetedbyransomwareattacks.Theseattackscanhavedevastatingimpactsonvitalgovernmentoperationsandservices.AccordingtotheMulti-StateInformationSharingandAnalysisCenter—anindependent,nonprofitorganization—SLTTorganizationsexperiencedapproximately2,800ransomwareincidentsfromJanuary2017throughMarch2021.

FederalAgency

ResponsibilitiesCybercrime

RolesandRelatedto

Anumberofagenciesacrossthefederalgovernmenthavevariousrolesandresponsibilitiesrelatedtocybercrime,includinginformationgathering,investigation,andprosecution(seetable1).

Table1:Cybercrime-RelatedResponsibilitiesofSelectedAgencies

Agency

Responsibilities

DepartmentofJustice(DOJ)

ProsecutingcybercrimeviaU.S.Attorneys’Offices,ComputerCrimeandIntellectualPropertySection,and—incasesthatinvolvenation-stateactors—theNationalSecurityDivision.

BureauofJusticeStatistics(StatisticalagencyofDOJ)

Collecting,analyzing,publishing,anddisseminatinginformationoncrime,criminaloffenders,victimsofcrime,andtheoperationofjusticesystemsatalllevelsofgovernment.

Providingfinancialandtechnicalsupporttostate,local,andtribalgovernmentstoimproveboththeirstatisticalcapabilitiesandthequalityandutilityoftheircriminalhistoryrecords.

AdministeringtheNationalCrimeVictimizationSurvey.

FederalBureauofInvestigation(ComponentofDOJ)

Investigatingcyberthreatsandcomputerintrusions.

Generating,viatheCriminalJusticeInformationServicesUniformCrimeReportingprogram,statisticsforusebylawenforcement,includingforcyber-relatedcrimes.

Collectinganddisseminating,viatheInternetCrimeComplaintCenter,reportsfromthepubliconsuspectedinternet-facilitatedcriminalactivity.

BureauofAlcohol,Tobacco,Firearms,andExplosives(ComponentofDOJ)

Enforcinglawsrelatedtotheillegaluseandtraffickingoffirearms,theillegaluseandstorageofexplosives,actsofarsonandbombings,actsofterrorism,andtheillegaldiversionofalcoholandtobaccoproducts.Thiscanincludeinvestigationsofinternet-facilitatedcrimesintheseareas.

DrugEnforcement

Administration

(ComponentofDOJ)

EnforcingthecontrolledsubstanceslawsandregulationsoftheUnitedStates,includinginvestigatingillegaldrugtrafficking.Thiscanincludeinvestigationsofinternet-relatedcrimessuchastheuseofthe“darkweb”aorcryptocurrencytofacilitateorfinancesuchactivities.

U.S.SecretService

(ComponentofDepartmentofHomelandSecurity[DHS])

ProtectingU.S.financialinfrastructureandpaymentsystemsbyinvestigatingcyber-enabledfinancialcrimes(e.g.,wirefraud,creditordebitcardfraud,bankfraud,identitytheft,andmoneylaundering)andcyberattacks(e.g.,intrusions).

HomelandSecurity

Investigations

(ComponentofDHS)

Investigatingtransnationalcrimeandthreats,specificallythosecriminalorganizationsthatexploittheglobalinfrastructurethroughwhichinternationaltrade,travel,andfinancemove.Theseincludecyber-relatedcrimessuchasnetworkintrusions,toincludeexfiltrationofexport-controlleddataandintellectualproperty,financialfraud,launderingofcryptocurrency,darkwebnarcoticstraffickingandonlinechildsexualexploitation.

CybersecurityandInfrastructureSecurityAgency(ComponentofDHS)

Leadingthenationalefforttounderstand,manage,andreducerisktocyberandphysicalinfrastructure.Thisincludescollectingcyberincidentreportsfromcriticalinfrastructureentitiesandotherstakeholders.b

Page6

GAO-23-106080Cybercrime

Agency

Responsibilities

InternalRevenueService

CriminalInvestigationDivision(ComponentoftheDepartmentoftheTreasury)

InvestigatingpotentialcriminalviolationsoftheInternalRevenueCodeandrelatedfinancialcrimes,includingcyber-relatedviolations.

FinancialCrimesEnforcementNetwork

(ComponentoftheDepartmentoftheTreasury)

SafeguardingtheU.S.financialsystemfromillicituseandcombatingmoneylaunderinganditsrelatedcrimes(includingterrorism).

Promotingnationalsecuritythroughthestrategicuseoffinancialauthoritiesandthecollection,analysis,anddisseminationoffinancialintelligence.

CollectingSuspiciousActivityReportsfromfinancialinstitutionsthatidentifysuspectedcasesofmoneylaunderingorfraud,includingthoseinvolvingcybereventsorcyber-enabledcrime.

U.S.PostalInspectionService(ComponentoftheU.S.PostalService)

EnforcingfederallawscoveringcrimesthatincludefraudulentuseoftheU.S.Mailandthepostalsystem,andinvestigatinganycrimewithanexustothemail.Thesecrimesincludemailtheft,mailfraud,financialfraud,identitytheft,robberiesandburglariesofpostalfacilities,assaultsandthreatsonpostalemployees,investigationsofdangerousandprohibitedmails,narcotics,andcybercrime.

Source:GAOsummaryofagencyinformation.|GAO-23-106080

aThedarkwebisahiddenpartoftheinternetthatuserscanaccesswithspecializedsoftwaretocommunicateanonymouslyandengageinillegalactivitywithlittleriskofdetection.

bCriticalinfrastructureincludestheassets,systems,facilities,networks,andotherelementsthatsocietyreliesupontomaintainnationalsecurity,economicvitality,andpublichealthandsafety.Thisincludesenergy,watersystems,commercialfacilities,transportationinfrastructure,andinformationandcommunicationsnetworks.IntheU.S.,thisphysicalandcyberinfrastructureistypicallyownedandoperatedbytheprivatesector,thoughsomeisownedbyfederal,state,orlocalgovernments.

TheBetterCybercrime

MetricsActIsIntendedtoImproveDataandReportingonCybercrime

Variousorganizationsandresearchershavereportedlimitationsindataaboutcybercrimeandcyber-enabledcrime.Thisincludestheunderreportingofcybercrime,

10

difficultiesobtainingandusingdigital

10CassandraDodgeandGeorgeBurruss,“Policingcybercrime:Respondingtothegrowingproblemandconsideringfuturesolutions,”TheHumanFactorofCybercrime(Routledge,2019).

Page7

GAO-23-106080Cybercrime

evidence,

11

gapsintheclassificationofcrimessuchascybercrime,

12

andthelackofcomprehensivereporting.

13

TheBetterCybercrimeMetricsAct,enactedinMay2022,isintendedtoaddressdeficienciesinthereportingofcybercrimedataandestablishreportingmechanismsforcybercrime.

14

Inpassingthelaw,Congressfoundthat

•publicpollingindicatesthatcybercrimecouldbethemostcommoncrimeintheUnitedStates;

•theUnitedStateslackscomprehensivecybercrimedataandmonitoring,leavingthecountrylesspreparedtocombatcybercrimethatthreatensnationalandeconomicsecurity;and

•thepeopleoftheUnitedStateshavefacedaheightenedriskofcybercrimeduringtheCOVID–19pandemic.

TheactrequiresDOJto,amongotherthings,enterintoanagreementwiththeNationalAcademyofSciencestodevelopataxonomyforcategorizingdifferenttypesofcybercrimeandcyber-enabledcrimewithin90daysoftheact’senactment.Also,theyaretodelivertoCongressareportdetailingandsummarizingthetaxonomywithin1yearofenteringintothisagreement.Inaddition,theactrequiresDOJ,within2yearsoftheenactmentoftheact,toestablishacategoryintheNationalIncident-BasedReportingSystem(NIBRS),oranysuccessorsystem,forthecollectionofcybercrimeandcyber-enabledcrimereportsfromfederal,

11WilliamA.CarterandJenniferC.Daskal(authors)andWilliamCrumpler(contributor)“Low-HangingFruit:Evidence-BasedSolutionstotheDigitalEvidenceChallenge”(CenterforStrategicandInternationalStudies:July2018).

12NationalAcademiesofSciences,Engineering,andMedicine,ModernizingCrimeStatistics:Report1:DefiningandClassifyingCrime(Washington,D.C.:TheNationalAcademiesPress,2016)./10.17226/23492;NationalAcademiesofSciences,Engineering,andMedicine,ModernizingCri