The Internet is used by international insurgents, jihadists, and terrorist organizations as a tool for radicalization and recruitment, a method of propaganda distribution, a means of communication, and ground for training. Although there are no known reported incidents of cyberattacks on critical infrastructure as acts of terror, this could potentially become a tactic in the future. There are several methods for countering terrorist and insurgent information operations on the Internet. The federal government has organizations that conduct strategic communications, counterpropaganda, and public diplomacy activities. The National Framework for Strategic Communication guides how interagency components are to integrate their activities. However, these organizations may be stovepiped within agencies, and competing agendas may be at stake. This report does not discuss technical and Internet architecture design solutions. Some may interpret the law to prevent federal agencies from conducting "propaganda" activities that may potentially reach domestic audiences. Others may wish to dismantle all websites that are seen to have malicious content or to facilitate acts of terror, while some may have a competing interest in keeping a site running and monitoring it for intelligence value. Key issues for Congress: Although the Comprehensive National Cybersecurity Initiative addresses a federal cybersecurity strategy and departmental ...

Twenty-first century criminals increasingly rely on the Internet and advanced technologies to further their criminal operations. These criminals can easily leverage the Internet to carry out traditional crimes such as distributing illicit drugs and sex trafficking. In addition, they exploit the digital world to facilitate crimes that are often technology driven, including identity theft, payment card fraud, and intellectual property theft. Cybercrimes have economic, public health, and national security implications, among others. For over three decades, Congress has been concerned about cybercrime and its related threats. Today, these concerns often arise among a larger discussion surrounding the federal government's role in ensuring U.S. cyber security. Conceptualizing cybercrime involves a number of key elements and questions that include where do the criminal acts exist in the real and digital worlds (and what technologies are involved in carrying out the crimes), why are malicious activities initiated, and who is involved in carrying out the malicious acts? The U.S. government does not appear to have an official definition of cybercrime that distinguishes it from crimes committed in what is considered the real world. Similarly, there is not a definition of cybercrime that distinguishes it from other forms of cyber threats, and the term is often used interchangeably with other Internet- or technology-linked malicious acts. Federal law enforcement agencies often define cybercrime based on their jurisdiction and the crimes they are charged with investigating. And, just as there is no overarching definition for cybercrime, there is no single agency that has been designated as the lead investigative agency for combating cybercrime. The United States does not have a national strategy exclusively focused on combating cybercrime. Rather, there are other, broader strategies that have cybercrime components. Policymakers may question whether there should be a distinct strategy for combating cybercrime or whether efforts to control these crimes are best addressed through more wide-ranging strategies such as those targeting cyber security or transnational organized crime. Congress may also question whether these broader strategies provide specific cybercrime-related objectives and clear means to achieve these goals. Comprehensive data on cybercrime incidents and their impact are not available, and without exact numbers on the current scope and prevalence of cybercrime, it is difficult to evaluate the magnitude of the threats posed by cyber criminals. There are a number of issues that have prevented the accurate measurement and tracking of cybercrime. For one, the lack of a clear sense of what constitutes cybercrime presents a barrier to tracking inclusive cybercrime data. Additionally, much of the available data on cybercrime is self-reported, and individuals or organizations may not realize a cybercrime has taken place or may elect-for a host of reasons-not to report it. Policymakers may debate whether to direct a thorough evaluation of the threats posed by cyber criminals.