AFP assistant commissioner, Tim Morris
Australian Federal Police (AFP) assistant commissioner, Tim Morris, has taken over as the national manager of high tech crime operations, and he warns that cybercrime is going to get a lot worse before it gets better.
Speaking at CeBIT 2014, Morris told attendees the AFP 'absolutely agrees' that individuals are entitled to privacy in their online lives, but "we don't particularly agree with online anonymity, particularly with illegal activities."
Externally, much of his job entails tracking and producing defence measures against increasingly elaborate cybercrime schemes performed by sophisticated criminal gangs. As well as ensuring that Australia's critical infrastructure is protected, he also works to assist private sector bodies.
One of the peculiarities of the cybercrime world is that relatively few actors are causing the majority of the crime - the opposite to the physical world.
"It is one of the structural peculiarities of the cybercrime world," he said.
What this means is that international law enforcement agencies need to work together because cybercrime has been globalised.
"There have to be risks and consequences for those engaging in crime on the Internet; not just as a deterrent, but it also undermines the internet as a whole and diminishes its utility," he said.
"Even short periods of downtime have a big impact, not just on companies, on the entire economy."
Much of the problem remains centred in the Eastern European states, but large funding from the west has ensured that countries like Romania now have excellent cybercrime units and work well with Australian and US law enforcement agencies.
Read more: Symantec announces roadmap to advanced threat protection
Operation Lino
Morris said Operation Lino, which was a joint effort between Australia, the US and Romania saw the arrest of a criminal gang who had stolen some 500,000 credit cards. They had cracked five retailers through a combination of port scanning on unused IP addresses and hacking their EFTPOS systems.
Morris claims Africa will be the next hotspot for criminal activity, noting that west Africa is already one of the worst offenders - as more of Africa comes online he expects this to get worse.
The huge growth areas the AFP has been focusing on are financial crime, mobile malware and SCADA systems. The AFP will be issuing new guidance for Australian SMEs about how to protect SCADA based systems, which are seeing increased attacks.
Morris also said Australia's financial markets are now starting to be attacked, in what was once called a 'Black Swan' event - no longer.
Some of the key challenges of the post-Snowden, Cloud-based computing world is data sovereignty.
"It has changed the operating environment for the rest of my career," he said.
"The traditional ideas of evidence and jurisdiction are forever challenged in the cyber world."
Much of cyber police work involves metadata - without it, there is little police can work on in a digital world.
In terms of storing metadata, Morris does not believe that the AFP should be the government agency to store citizens metadata.
"I wouldn't like AFP to store the data, its really the wrong look," he said.
Morris prefers an independent agency, or perhaps a partnership with the telcos. But he admits its something the Government has yet to decide on.
Additionally, when these threats are globalised, and data is stored in servers offshore, Mutual Legal Assistance Treaties (MLATs) come into play.
They quite simply were not designed for the digital age. Filing and for information under MLATs is a 'long and convoluted process that can take weeks or months, Morris said.
Cybercrime jurisdiction and international acts need to be completely rethought, he said. "There does need to be some sort of consistent regulatory model."
Unfortunately, Morris said, the international Convention on Cybercrime is stuck in negotiations, with some countries flat out refusing to sign it. Australia is one of the signatories.
The Government has also announced the construction of the Australian Cyber Crime Centre and and is also launching the Australian Cybercrime Online Reporting Network (ACORN) by year end. This is an online portal where citizens can report cybercrime incidents themselves. Morris hopes this will also help the Government produce a more accurate statistical profile of the problem.
Allan Swann is a Senior Editor at IDG Communications Australia. Follow Allan on Twitter @allanswann, and at Google+.
