Australian High Tech Crime Centre Resourcing Cybercrime Tuesday, 6 November 2007

Australian High Tech Crime Centre Agenda 1. Background 2. Roles & Responsibilities 3. Business Relationships 4. AHTCC Structure

Australian High Tech Crime Centre Into a Virtual Frontier AHTCC – a response to combat the new ‘virtual’ horizon  Inspired by the National E-crime Strategy  Recognition of e-commerce and e-government growth  Strategy focused on shared responsibilities among sectors  Operating in a new environment with limited knowledge and legislation

Australian High Tech Crime Centre Introducing the AHTCC 2 July AHTCC commenced operation o Unique national model – all States & Territories and Commonwealth agencies to participate. AHTCC manage while State/Commonwealth police services buy-in o By full time & 3 p/time staff from all sectors – Board of Management established as well as a High Tech Managers Group o Established globally unique Joint Banking and Finance Sector Investigations team – 20 May Secondees and part time staff

Australian High Tech Crime Centre Roles & Responsibilities Knowledge Coordination Investigation Intelligence Professional Services AHTCC Establishment Agreement

Australian High Tech Crime Centre Coordination  Between Australian policing jurisdictions  With other public and private sector agencies  With foreign law enforcement

Australian High Tech Crime Centre Investigation  Initial assistance and referral  Assistance to the investigations of participant jurisdictions  Conducting investigations into selected matters

Australian High Tech Crime Centre Intelligence  Report trends in crime and criminals  Support given to investigations (target identification and development)

Australian High Tech Crime Centre Liaison & Professional Services  Advice and assistance in investigations and forensic services  Access to specialised equipment and services  Research and development  Development of policy and advice on law reform

Australian High Tech Crime Centre Knowledge  Promoting best practice standards across jurisdictions  Promoting coordinated training across jurisdictions  Providing expert knowledge and advice to jurisdictions

Australian High Tech Crime Centre AHTCC Functions 3 Objectives  Provide a national coordinated approach to combating serious, complex and multi-jurisdictional technology enabled crimes, especially those beyond the capability of single jurisdictions.  Assist in improving the capacity of all jurisdictions to deal with technology enabled crime.  Support efforts to protect the National Information Infrastructure (NII).National Information Infrastructure

Australian High Tech Crime Centre Approach of the AHTCC  4 pronged attack  Prevention  Disruption  Prosecutions  Capacity building  AHTCC approach shaped by:  Stakeholder cooperation  Offenders’ methods and victim profile for different types of online crime  Available police methodology and infrastructure

Australian High Tech Crime Centre Work of the AHTCC  National Information Infrastructure Protection  Investigations:  Online Child Sex Abuse (historic)  Online Banking investigations  Denial of Service attacks investigations – BOTNETS  IT Investment and Innovations  Including ‘translating’ electronic evidence & data for court  Prevention activities  Capacity building & Awareness raising

Australian High Tech Crime Centre Prevention Rationale :  Online crime is voluminous & difficult to prosecute Leading Examples:  Virtual Global Taskforce – a leading international model for cooperation & tools for technical disruption  ABA-AHTCC website:  Microsoft BotNet conference – technical exchange

Australian High Tech Crime Centre Building Capacity & Awareness  Rationale:  Law enforcement ill-equipped to fight online crime  Lacking technical skills and equipment, international cooperation, recognition of extent of crime or criminal methods  Leading Examples:  Vietnam High Tech Crime Centre & Conference  Training – local and international initiatives  Research partnerships : Australian Institute of Criminology and AusCERT  Media  AHTCC website & links

Australian High Tech Crime Centre NII Protection  Rationale:  NII is a component of Australia’s Critical Infrastructure. Defined as those physical facilities, supply chains, information technologies and communications networks which, if destroyed, degraded or rendered unavailable for an extended period, would significantly impact on the social or economic well-being of the nation or affect Australia’s ability to conduct national defence and ensure national security.  Increasing terrorist threat  Leading Work  Joint Operating Arrangement  Private sector information exchange/response  CT Cyber Exercises

Australian High Tech Crime Centre Investigations  Botnet attacks  High-end technical crime with NII disruption potential  Online Banking crimes  Phishing & Muling  Sectoral liaison  Web portal project for phishing & mule recruitment sites  Online Child Sex Abuse

Australian High Tech Crime Centre Ops & Intel Teams AOCC Intelligence Investigations  manage assets, information & seized materials  assess Online Crime Reports  review website trafficwebsite  enabled & enhanced high tech crimes  Internet Banking Fraud - ’phishing’  provide technical support & advice  develop targets for investigation  provide tactical support to investigations  report on trends

Australian High Tech Crime Centre Current Structure Director Co-ordinator Operations Investigations Team 1 Investigations Team 2 Technical Support Intelligence Operations Support Project Officer Executive Assistant

Australian High Tech Crime Centre Current Staff Members The AHTCC currently has 29 Staff Members which can be broken down into:  10 sworn AFP officers;  13 non-sworn AFP personnel;  6 secondees from government agencies and the private sector.  Defence;  Bank Investigators;  Customs.

Australian High Tech Crime Centre AHTCC Staffing Skill Sets  Investigation Skills;  Technical Skills;  Intelligence Skills;  Finance, Policy and Admin Skills.

Australian High Tech Crime Centre AHTCCnet Cyber TransPyFlag INCOG Coolminer

Australian High Tech Crime Centre AHTCCnet FBI QuanticoMelbourneSydney AHTCCnet AFPnet

Australian High Tech Crime Centre Future Structure Kevin Zuccato Director AHTCC James McCormack Coordinator AHTCC Team 1 NII Ops Team Leader 6 x Team Members Investigative Asst Team 2 JBFSIT Team Leader Team Member Contractor Bank Secondee NII Relationships & Business Delivery Team Leader Project Officer 2 x Education & Crime Prevention Project & Program Manager Industry Liaison Officer Investigative Asst AHTCC Intell Team Leader Senior Intell Analyst Sworn Team Member 2 x Intell Analysts Customs Analyst Admin & Ops Support Team Leader 2 x Admin staff Coordinator Future Technologies Team 3 Technical Investigations T/L Team Member Sys Admin - Contractor DSD Secondee x 2 ITSA Defence Sys Admin Windows Linux Software Engineer Windows Software Engineer System Programmer Coordinator Executive Assistant Project officer

Australian High Tech Crime Centre New Structure ? ?

Australian High Tech Crime Centre Questions or Comments