Building up Specialized Cybercrime Units

and Responsibilities for Managers

Virgil SPIRIDON

ROMANIAN NATIONAL POLICE

Head of National Cybercrime Unit

SCOPE for fighting cybercrime

Freedom of communication

Safe business environment

Protection of the critical infrastructure

Protection of the privacy

Security of the children

Purpose : To help public authorities create or further

strengthen specialised cybercrime units as a key element of

the response to cybercrime.

Means : * In June 2011, the Council of Europe and the

European Union Cybercrime Task Force (EUCTF) sent out a

common questionnaire to high-tech crime units in Europe

and other regions of the world.

* July-September 2011, replies were analysed to

set up a draft version of the study.

* In September 13-15, 2011 the study was

evaluated and discussed on the meeting from Montenegro

* September-November 2011, the study was finalized

PRESENTATION OF THE STUDY

1. Introduction

2. The purpose of specialised units

3. Types of specialised units

4. Institutional set up and organisation

5. Functions and responsibilities

6. Steps towards the creation of a specialised unit

7. Practical experience and statistics

8. Assessment and conclusions

9. Appendix: Profiles of specialised units

SPECIALIZED UNITS

There is no single solution that will be appropriate for all countries and it is

vital that the development of cybercrime units evolve in accordance with

the needs of each country based upon:

- legislation,

- reliance on IT,

- prevalence of different types of criminal activity and

- other matters.

• Evolution of ICT and Internet in particular

• Increase of cybercrime in all regions of the world

• Evolution of an ‘underground economy

• Involvement of computer in most types of crime nowadays

Need for specialist skills and

specialised services

TYPES OF SPECIALIZED UNITS

TYPES OF SPECIALIZED UNITS

• From the analysis of the current types of cybercrime units it appears that a cybercrime unit should be structured in three sections:

- investigation - data and information analysis - computer forensics • One unit at the central level coordinating a number of field

offices seems to be an efficient formula. • However, the units should remain flexible enough to respond

to the evolution of cybercrime and technology and to changes in the environment in which it operates.

Cybercrime Unit (offences against + by means of computers) e.g. France,

Cyprus, Czech Republic, Mauritius, Romania, Spain

• High tech Crime Unit (against + technical support) e.g. Austria, Belgium,

Ireland, Luxembourg

• Computer forensic Unit (forensics + technical support) e.g. Brazil

• Central Unit (intelligence + support) e.g. UK

• Crime-specific units-e.g.-UK-CEOP

• Specialised prosecution units-e.g. Romania, Belgium and Serbia

TYPES OF SPECIALIZED UNITS

SPECIALIZED UNITS

• Specialised cybercrime units cannot be effective in isolation

• The creation or strengthening of specialised cybercrime units should be part of an effective cybercrime strategy in which the police unit on national level can be a driving force

• The cybercrime strategy should cover measures such as:

-cybercrime prevention

-cybercrime reporting systems

-legislation harmonised with international standards such as the Budapest Convention

-institutional development and training of personnel

-public-private partnerships and cooperation (service providers, ICT companies, financial sector and credit card companies, and others)

-international cooperation

• Regulations : national and internal

• The organisational setting e.g. organised crime department, criminal police department, financial police

department, IT department

Premises

Internal organisation and structure

INSTITUTIONAL SET UP AND ORGANISATION

1. Assessing needs and making a decision

2. Legal basis

3. Manager of the unit

4. Staffing the unit

5. Training programme

6. Equipment and other resources

7. Independence of and knowledge about unit

8. Action plan / évaluation mechanisms

STEPS TOWARDS THE CREATION OF THE

SPECIALISATION UNITS

Strategic responsabilities

– Drafting national legislation on cybercrime

– Contributing to national strategy on cybercrime

– Prevention

– National systems for reporting criminal activities

– Cooperation at national and international level

– Intelligence analysis and dissemination

– Defining guidelines for investigations

– Delivering training programmes

– Assessment and analyses of cybercrime phenomena

FUNCTIONS AND RESPONSABILITIES

Tactical responsabilities

– Coordinating and conducting investigations

– Collection, examination and analysis of digital evidence within the

forensic science framework of the country

– Specialised support to other non cybercrime police units

– Practical interagency cooperation

– The private sector

– International cooperation

– Sometimes big differences between countries

FUNCTIONS AND RESPONSABILITIES

QUALITIES AND RESPONSIBILITIES FOR

MANAGERS

• IT Background

• Reputation

• Communication skills and language skills

• Knowledge of operational/tactics/legislation/computer

forensic

• Knowledge of European/international situation

• Open to new evolutions

• Strategic abilities

THANK YOU!