Before many of delegates arrived on the Gold Coast for this year's AusCERT security conference, around 40 of Australia's chief electronic crimes police gathered to thrash out better ways to fight crime.
The closed-door workshop was established by the Queensland Police Service around 2008 as a means for the seven state and territory police forces and the Australian Federal Police to liaise with law enforcement in New Zealand and abroad.
It was founded on what was described as a “perceived lack of communications between police jurisdictions” to assist in developing common approaches to tackling cybercrime. The nation's state police forces investigate similar e-crime offenses and suffer from the same problems of resourcing.
|Complete coverage of AusCERT 2012|
The workshop enabled seasoned officers to hear the latest developments in cybercrime from overseas experts attending the main conference. This year, for example, credit card fraud will be front of mind for police as Australia lags behind other western countries by retaining vulnerable magnetic stripe cards.
Other trends have tended to emerge from Europe and were presented at previous workshops by international law enforcement or private sector figures. For others, the workshop was an opportunity to put names to faces and discuss often difficult electronic crimes investigations over a beer.
Online crime and fraud events were run throughout the year, but opportunities for all state police to meet were uncommon, so most made a concerted effort to attend the workshop. For Jason Blake, the newly-minted head of the Northern Territory Police major fraud unit, it was an opportunity to meet seasoned cops across the states.
“These things are great to be able to bounce ideas off industry professionals, find out who's doing what and putting faces to names,” Blake said. For the territory's office of four, it offered an opportunity to bend the ears of those within the country's larger and specialist e-crimes units.
The state police units vary in size and resources. Some of the larger units, like NSW and Victoria, have dedicated e-crimes units that can also afford to be proactive in educating the public about information security threats.
Smaller units, like the territory and Tasmania, run combined fraud and e-crime departments, but they still investigate serious cases. The territory has on its books around 20 “serious and protracted” fraud investigations, including one that involves more than 30 victims of a single offender.
South Australia Police e-crimes detective sergeant Paul Featherstone attended in 2010. “It's an opportunity for us to talk in a police-only environment, so we can discuss in general terms investigations that we are working on, or the legal aspects surrounding [police] work,” he said.
Police attending the workshop are also privileged to hear more candid versions of presentations that would be given at the general conference two days later.
This has previously included talks from members of the US Secret Service, the FBI and other top law enforcement agencies and information security groups. These talks give police an insight into cybercrime trends around the world, including emerging crime groups, avenues of fraud, and ways to improve investigations that cross international boundaries.
Security professionals in the private sector were valuable contacts for police, and AusCERT offered a chance to meet many of them in person. Multiple senior e-crime officers told SC Magazine how such contacts have been instrumental in difficult investigations.
“The ability to pick up the phone and call Joe who's in another country can be critical,” one detective said, on the condition of anonymity.
Votes for change
Since the inception of the workshop, state and federal police have passed multiple resolutions to help improve the operations of law enforcement in Australia and New Zealand. A poll was taken among officers at the workshop on issues such as resourcing, technologies and training that were identified by the majority as necessary to bolster policing efforts.
The collective vote of “frontline troops” could be passed up to senior e-crimes managers under the Australia New Zealand Policing Advisory Agency (ANZPAA), a joint initiative founded in 2007, comprising police ministers and commissioners from both sides of the Tasman, who provide policy advice to improve cross-jurisdictional policing initiatives.
This year ANZPAA will hold its own closed-door meeting at AusCERT, separate to the workshop.
The resolutions already passed from state police to the agency are still works in progress. Notable of these is a nation-wide effort to introduce common technical training standards across a wide range of police work, including forensics, first responders and specific high-tech crime units.
ANZPAA has adopted elements of the Police Practice Standards Model, governed by the Australasian Police Professional Standards Council, which will form the basis of a standard police education and training framework across Australia and New Zealand based on common practice standards for police officers.
Police training was previously in-house and tied to rank, combined with formal qualifications. There were no specific guidelines for training or consistency between jurisdictions meaning each agency implemented schemes that were individually seen as appropriate.
This training revamp could be seen as preparation for a cyber “doomsday event” in a particular state, according to one senior officer (who wished to remain anonymous. “If a police jurisdiction didn't have the numbers in their state to handle a large event, then they could reach out to other states for assistance,” he said. “It means they could call on the rest of us including the feds to respond quickly.”
The problems of poor communication between state police forces on which the workshop was created to address still prevail.
“The workshop is brilliant and there should be more of them,” said Duncan Taylor, the former chief technology crime investigations manager of Western Australia Police; now senior manager of forensics at PricewaterhouseCoopers.
“But resources are stretched and I'd say it would be the same today as it ever was.”
Indeed some state police agencies said they lacked the resources and had to send fewer e-crimes officers to the workshops this year. While many were busy with an apparent uptick in investigations, it was understood budget cuts and an organisational restructure had prevented WA Police from sending any of its e-crime investigators to the Queensland conference.
“The events aren't particularly well appreciated by the managers of the police agencies,” Taylor said.
“They may not understand that e-crime requires real-time responses, which come from those personal networks built at the conferences.”
Articulating those soft benefits in a business case was difficult, Taylor said, but essential. He said almost all of his Australian and international contacts, which he relied on during his six years running the WA Police e-crimes squad, were made at industry conferences.
“It's a shame it takes private industry events to do that, but in the end they are very important.”