Steve Santorelli became a police officer in 1994, working in London, UK. He worked his way up through various detective grades and branches until he joined Scotland Yards Computer Crime Unit in 2000.
He then left law enforcement to join the Microsoft Internet Crimes Investigation Team, based in Redmond, Wash. He spent the next two years investigating botnet cases which were then referred out to law enforcement officers around the world for further work and arrests.During the following five years he specialized in malware and botnet cases and reached the rank of Detective Sergeant. Santorelli received several awards and commendations from various international law enforcement agencies and judges. He was also an associate instructor for the CISSP certification.
During this time he also developed the International Botnet Task Force, a unique group of industry and law enforcement from 35 countries, dedicated to working together to combat botnets and ruin the lives of botherders. He was also the lead investigator on the Zotob case.
He left Microsoft in 2007 to join Team Cymru, a small group of researchers who work to discover who is behind Internet crime and why they carry out their activities. Still actively involved in investigations, he is the director of analysis and outreach, enabling him to use Team Cymru's unique position and insight to improve lives around the world. He runs a series of conferences around the world each year where infosec and law enforcement specialists share case studies they have work recently.
You were a detective sergeant with the Scotland Yard Computer Crime Unit when cybercrime was just starting to make its way into the minds of the public, legislators and industry, what was it like being on the bleeding edge of a new law enforcement challenge?
Hot and frustrating. Hot because we were working under the auspices of the Fraud Squad in standard police offices, with HVAC systems that simply could not cope with all the computers we had running in our labs. I think we would have had to arrest ourselves under health and safety legislation if we tried to do that today. Frustrating because hardly anyone wanted to report any cybercrime and, when they did and we managed to make an arrest, the far harder part of the case was to persuade the authorities to take the case to a jury.
"Until we catch up, we're always going to be one massive step behind them, and I don't relish that job security."
Law enforcement worldwide are still, to this day, working a 19th century process that simply doesn't map to a 21st century criminal evolution. Things have improved, especially when it comes to having geeky cops who have grown up with this technology and care passionately about the Internet, but we still have a long way to go, overall, in how we disrupt and deter criminals.
Sign up for Computerworld eNewsletters.