Cybercrime Prosecutors Need Guidance

Australian High Tech Crime Center director Kevin Zuccato is glad to admit there is a lot to learn in prosecuting cyber miscreants.

While Zuccato believes there have been more ingenious and sophisticated methods of attack over the past few years, the main challenge is still finding and catching the criminals.

Zuccato said the AusCert 2006 figure, showing 19 percent of respondents who reported computer crime to Australian law enforcement agencies said it resulted in charges being laid, meant that the Federal Police still face massive challenges in following and identifying attackers, then building a business case using evidence gained in a virtual world.

“What we really need to do is develop relationships in the private sector as well; when you look at critical national infrastructure in the world, 90 percent is owned by the private sector, so there is just as much responsibility to protect both public and private sectors,” Zuccato said Monday at the AusCert 2006 conference on Queensland’s Gold Coast.

“We [AHTCC] are the only people in the world from law enforcement to have a relationship with the private sector, particularly with the banks. Law enforcement [agencies] need to grasp change in law enforcement to apply to the virtual world.”

He said the issue for policing in this parallel world is looking at what can be done physically to beat the attackers before crimes are committed because people no longer need to “set foot in the country.”

“I’m glad to admit there is a lot for us to learn.”

Zuccato outlined a joint investigation this year as an example of the first successful arrest of a botnet designer in Australia on March 23, which he alleges netted “tens of thousands” of enslaved computers designed to launch denial-of-service (DoS) attacks.

The task force between Australia and Belgium was initiated after a spate of DoS attacks on IRC servers in Australia and Belgium and was traced back to a person living in Melbourne.

Zuccato said the investigators had to build the case against those responsible by using traditional policing techniques, tweaked for online criminals.

“The tracking was built around the Australian telecommunications interception act but using traditional techniques with a twist,” Zuccato said.

“Again, the main challenge was following and identifying the alleged attacker, then building a case using evidence existing only in a virtual world.”

Alastair MacGibbon, eBay Australia’s director of trust and safety, said in his experience there is no distinction between the online and offline world, but traditional policing skills need to be changed.

MacGibbon said unique issues in the online world for catching criminals would be jurisdiction, the “inability for some to understand intercepted ones and zeros,” and flaky evidence.

-Michael Crawford, Computerworld Today

For related news coverage, read New Cybercrime Bill Called Inadequate.

Keep checking in at our CSO Security Feed page for updated news coverage.