​Cybercrime: Understanding the Threat - Delivering a Response

The AFP's Commander David McLean is the Manager Cyber within the Australian Federal Police Organised Crime and Cyber portfolio. He started his presentation at Oceania CACS conference defining the adversaries as issue-focussed groups or hacktivists, nation state actors and organised criminals.

The threat environment, he says, is focussed on several key intrusions and attacks including the use of remote access tools, altering holes, malware, ransomware, DDoS and hacktivism.

He says the outlook is focused on increasing numbers, sophistication, specialisation, commercialisation and the destructive capability of attacks.

The government's response, he says, has resulted in the establishment of the ACSC, the Australian Cyber Security Centre, with the closer working of the AFP with other agencies. While some moves were made for agencies to work more closely over a decade ago this was, McLean says, ahead of its time.

Although that initiative was replaced with a more agency-based response methodology, it has since been brought back through the ACSC. There is also increased liaison and cooperation with international agencies, in particular with the United States and United Kingdom, as well as working more closely with Australian state-based law enforcement agencies.

On local cooperation with state-based police forces, McLean says there's no central environment for bringing together the different agencies. This makes it challenging to manage some incidents. However, a national law enforcement strategy was minted in 2013 but that needs to be reviewed in light of the more recently released national cybersecurity strategy.

The AFP's focus is on serious, organised criminality McLean says. "If it's not serious or organised, we're not doing it".

One of the challenges, says McLean, is finding appropriate training for law enforcement personnel. This is complex because there are around 60,000 police officers nationally. And while cybercrime professionals are well trained, there's a need to increase the base level of understanding for officers with a broad level of computer and cybercrime literacy.

He says there's no cohesive understanding of what constitute cybercrime in Australia. For example, while the theft of an iPad is unfortunate, he says, it's not cybercrime.

McLean says there's a strong will to get this right, with a new training program being designed and rolled out to officers. Also, he says there is a great deal of technical expertise within the AFP but they are currently working in different roles. By giving them opportunities in dealing with cybercrime, he feels he could reinvigorate their careers. This is important as the AFP is not able to pay commercial pay rates so creating exciting opportunities within the agency is critical for retaining skills.

The government's cybersecurity strategy has put cybersecurity on the national agenda with promises of funding, a new headquarters and resources for improving the country's cyber-threat response capability.

How all this will all come together is not completely clear, McLean says. But he is confident the right building blocks are being assembled, particularly when it comes to building the skills so we become a cyber smart nation.

McLean says the FP's aim is not to be the biggest cybercrime agency in the world. But he aspires to be a highly competent and motivated agency.

Join the CSO newsletter!

Error: Please check your email address.

Tags hackers#CACScyber criminalsOceania CACSAFP (Australian federal police)#CACS2016cyber crimeACSC(Australian Cyber Security Centre)cyber security

More about Australian Federal PoliceCommanderFederal Police

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts