australian high tech crime centre resourcing cybercrime tuesday, 6 november 2007

Australian High Tech Crime Centre

Resourcing Cybercrime

Tuesday, 6 November 2007


Agenda

1. Background 1. Background

2. Roles & Responsibilities2. Roles & Responsibilities

3. Business Relationships 3. Business Relationships

4. AHTCC Structure4. AHTCC Structure


Into a Virtual Frontier

•AHTCC – a response to combat the new ‘virtual’ horizon Inspired by the National E-crime Strategy 2001-2003 Recognition of e-commerce and e-government growth Strategy focused on shared responsibilities among sectors Operating in a new environment with limited knowledge and

legislation


Introducing the AHTCC

• 2 July 2003 - AHTCC commenced operationo Unique national model – all States & Territories and

Commonwealth agencies to participate. AHTCC manage while State/Commonwealth police services buy-in

o By 2004-05 - 35 full time & 3 p/time staff from all sectors – Board of Management established as well as a High Tech Managers Group

o Established globally unique Joint Banking and Finance Sector Investigations team – 20 May 2005. Secondees and part time staff


Roles & Responsibilities

Knowledge

Coordination

Investigation

Intelligence

Professional Services

AHTCC

Establishment Agreement


Coordination

Between Australian policing jurisdictions

With other public and private sector agencies

With foreign law enforcement


Investigation

Initial assistance and referral

Assistance to the investigations of participant jurisdictions

Conducting investigations into selected matters


Intelligence

Report trends in crime and criminals

Support given to investigations (target identification and development)


Liaison & Professional Services

Advice and assistance in investigations and forensic services

Access to specialised equipment and services

Research and development

Development of policy and advice on law reform


Knowledge

Promoting best practice standards across jurisdictions

Promoting coordinated training across jurisdictions

Providing expert knowledge and advice to jurisdictions


AHTCC Functions

• 3 Objectives

Provide a national coordinated approach to combating serious, complex and multi-jurisdictional technology enabled crimes, especially those beyond the capability of single jurisdictions.

Assist in improving the capacity of all jurisdictions to deal with technology enabled crime.

Support efforts to protect the National Information Infrastructure

(NII).


Approach of the AHTCC

4 pronged attack Prevention Disruption Prosecutions Capacity building

AHTCC approach shaped by: Stakeholder cooperation Offenders’ methods and victim profile for different types of

online crime Available police methodology and infrastructure


Work of the AHTCC

National Information Infrastructure Protection Investigations:

Online Child Sex Abuse (historic) Online Banking investigations Denial of Service attacks investigations – BOTNETS

IT Investment and Innovations Including ‘translating’ electronic evidence & data for court

Prevention activities Capacity building & Awareness raising


Prevention

Rationale: Online crime is voluminous & difficult to prosecute

Leading Examples:

Virtual Global Taskforce – a leading international model for cooperation & tools for technical disruption

ABA-AHTCC website: www.protectfinancialid.org.au

Microsoft BotNet conference – technical exchange


Building Capacity & Awareness

Rationale: Law enforcement ill-equipped to fight online crime Lacking technical skills and equipment, international

cooperation, recognition of extent of crime or criminal methods

Leading Examples: Vietnam High Tech Crime Centre & Conference Training – local and international initiatives

Research partnerships: Australian Institute of Criminology and AusCERT

Media AHTCC website & links


NII Protection

Rationale: NII is a component of Australia’s Critical Infrastructure.

Defined as those physical facilities, supply chains, information technologies and communications networks which, if destroyed, degraded or rendered unavailable for an extended period, would significantly impact on the social or economic well-being of the nation or affect Australia’s ability

to conduct national defence and ensure national security. Increasing terrorist threat

Leading Work Joint Operating Arrangement Private sector information exchange/response CT Cyber Exercises


Investigations

Botnet attacks High-end technical crime with NII disruption potential

Online Banking crimes Phishing & Muling Sectoral liaison Web portal project for phishing & mule recruitment sites

Online Child Sex Abuse


Ops & Intel Teams

AOCCAOCC IntelligenceIntelligence InvestigationsInvestigations

manage assets, information & seized materials

assess Online Crime Reports

review website traffic

enabled & enhanced high tech crimes

Internet Banking Fraud - ’phishing’

provide technical support & advice

develop targets for investigation

provide tactical support to investigations

report on trends


Current Structure

Director

Project Officer Executive Assistant

Co-ordinator Operations

InvestigationsTeam 1

InvestigationsTeam 2

Technical SupportOperations

SupportIntelligence


Current Staff Members

The AHTCC currently has 29 Staff Members which can be broken down into:

10 sworn AFP officers;

13 non-sworn AFP personnel;

6 secondees from government agencies and the private sector.

Defence;

Bank Investigators;

Customs.


AHTCC Staffing Skill Sets

Investigation Skills;

Technical Skills;

Intelligence Skills;

Finance, Policy and Admin Skills.


AHTCCnet

AHTCCnetAHTCCnet

Cyber Trans PyFlag

INCOGCoolminer


AHTCCnet

FBI QuanticoMelbourneSydney

AHTCCnet AFPnet


Future Structure

Kevin Zuccato

Director AHTCCJames McCormack

Coordinator AHTCC

Coordinator Future Technologies

Coordinator

Team 3 Technical Investigations T/L

Team Member

Sys Admin - Contractor

DSD Secondee x 2

ITSA

Defence

Team 1 NII OpsTeam Leader

Team 2 JBFSITTeam Leader

Team Member

Contractor

Bank Secondee

Executive Assistant

NII Relationships & Business Delivery

Project officer

Team Leader Project Officer

2 x Education & Crime Prevention

Project & Program Manager

Industry Liaison Officer

Investigative Asst

6 x Team Members

Investigative Asst

Sys Admin Windows

Linux Software Engineer

Windows Software Engineer

System Programmer

AHTCC IntellTeam Leader

Senior Intell Analyst

Sworn Team Member

Admin & Ops SupportTeam Leader

2 x Admin staff

2 x Intell Analysts

Customs Analyst


New Structure

??


Questionsor

Comments

australian high tech crime centre resourcing cybercrime tuesday, 6 november 2007

Documents

ahtcc structure slide

development slide

national ecrime strategy

high tech managers group

law reform slide

virtual frontier ahtcc

foreign law enforcement

national coordinated