Defence willing to relax rules, offer more cash to recruit cyber experts

Australia's law enforcement chiefs are willing to relax physical requirements for employees and offer increased salaries in an effort to recruit more cyber security specialists.

Addressing the 2015 Cyber Security Summit sponsored by Informa and Australian Defence Magazine yesterday, Australian Army modernisation chief Major-General Fergus McLachlan said he recognised the need to embrace a "non-linear recruiting model" in order to draw cyber expertise into the organisation.

He conceded this may require waiving the usual physical entry standards. The Army may also need to adjust renumeration and introduce a new trade qualification to existing Army officers.

“We’ll need cyber soldiers who can defend our systems at the tactical level as well as forward in the operating environment," McLachlan said.

"They will have the skills to identify the threats within that environment and the means to protect the networks providing commanding control to commanders. This includes insider threats and anomalies."

His view was echoed by Defence head of joint capability Peter Quinn, who said his agency would consider new and innovative employment strategies as necessary.

A similar approach was spearheaded in the UK in May 2013 when the UK Government created a “joint cyber reserve” which selected candidates based primarily on their existing technical knowledge, skills, experience and aptitude for posts in 'joint forces cyber group' sub-units.

Quinn was, however, keen to avoid to being seen as poaching specialists from the private sector.

“There will be a requirement on the ADF to work closely with the commercial sector,” he said.

Earlier this week, AFP cyber crime boss David McLean told ABC's 730 his agency was looking to lure hackers into the force to become white hats.

“We as an organisation have a current and an increasing demand for higher-level skills to help support us and our cyber crime operations,” he told the program.

“There's not a large workforce - or not a large available workforce out there, in our experience. Getting suitably skilled and qualified and experienced people to support us in our work is quite difficult.”

ACORN 'already paying for itself'

The federal government’s flagship $2m ACORN online crime reporting system is beginning to pay for itself as take-up of the website grows, according to the Australian Crime Commission.

ACORN was launched in November to enable the public to report cases of cybercrime.

The criminal intelligence agency said ACORN was now allowing investigations to be formed based on patterns of complaints.

It said where a $50 fraud without a suspect was traditionally unlikely to be followed up by law enforcement, ACORN could highlight a pattern of similar frauds and justify active investigation.

Edith Cowan University security research director Professor Craig Valli cited the example of a growing pattern of fraudulent sales of GoPro cameras in Western Australia towards Christmas last year.

Consumers were stung for about $300 a pop. Further digging unearthed some 73 similar cases across the state.

Valli revealed ACORN had led police to locate a suspect who has since been arrested and jailed.

“Instead of a single fraud traditionally reported - which would have had the police assessing whether to investigate a mere $300 fraud - ACORN’s reporting gave this a priority of fraud closer to $22,000," Valli said.

The rate of public responses to the platform has risen steadily since its launch, the ACC said. Responses rose 12 percent in May from April alone to 4317 submissions.

Of those reports, 55 percent related to online scams or fraud, and 20 percent concerned online purchases or sales, the agency said.

In April, 1966 submissions were complaints about scams, including donation scams/requests for money and requests for personal data.

Just over 400 reports referred to the federal police concerned malware or ransomware. Around 25 percent of overall submissions went to Victoria Police, 23 percent went to Queensland and 20 percent to the NSW police force.

The Australian Crime Commission indicated losses nominated by the submissions came in at around $96 million, bur cautioned that the figure had not been independently checked.