Speech to 3rd Annual eCrime Symposium, University of Canberra

Introduction

Good morning

I’d like to begin by expressing my respect and acknowledging the Traditional Custodians of the land on which this conference takes place.

In September this year, Google marked its 13th birthday—I hope nobody is superstitious. It’s an ideal marker to consider the growth and expansion of the internet.

The latest ABS figures on internet activity in Australia show 10.9 million internet users in Australia at the end of June 2011, growing at a rate of 14.8 percent each year. And 95 per cent of these connections are via broadband[1].

But the growth rate of fixed or wireless home and work internet connections pales in comparison to the new mobile phone market. At the end of June this year, there were 9 million Australians connecting to the internet through their phones—growing at a rate of 18 per cent in just six months[2].

The internet provides us with endless opportunities—we can manage our finances, meet people, watch television shows and movies, order pizza, shop, undertake research, talk to distant friends, access government services and connect to work. The opportunities for a faster, easier life are seemingly limitless—and those that have been with such connectivity immediately feel the impact.

But this environment offers an equal, and arguably greater, world of opportunity for organised criminals in a way we have never seen before.

I’m sure we’ve all heard examples on the volume of data that is downloaded from the internet — in the six months between last December and June this year, Australians downloaded 3,695 Terabytes of data via their mobile phones alone. That equates to 65 million 4-door filing cabinets full of text[3].

But I expect that most of us, when we visualise the volume of data in this way, think in terms of its legitimate use, and not what kind of opportunity it poses to serious criminals.

The nature and scope of cyber crime

Let me start by noting that the term cyber crime is used to cover a wide range of offences, which:

• are directed at computing and telecommunications technologies, or
• where the internet or information and communications technology is integral to the commission of the offence.

Cyber crime can include everything from identity fraud to downloading pirated music or films, and from damaging personal computers through viruses to disrupting critical infrastructure.

It has the potential to directly and indirectly affect every individual, business or organisation who owns, uses, engages with or stores data on a connected platform.

Just to give you a picture of the scale of cybercrime, the recently released Norton Cybercrime Report 2011 reported 431 million adults across 24 countries had been a victim of cybercrime in the past year[4].

Cyber crime is spreading at an unprecedented rate. Norton calculates the financial cost of global cybercrime at $388 billion. This is more than the combined global market for marijuana, cocaine and heroin—$288 billion—and fast approaching the value of all global drug trafficking—$411 billion[5].

Australia is not immune to the growing threat of cyber crime. The Australian Federal Police estimate that the overall risk of cyber crime to the Australian economy is more than a billion dollars a year[6].

What these figures don’t tell us, is the social cost of this type of crime. They don’t tell us about what it means to have your identity taken from you and used to commit crimes. Or about what it means to have to rebuild your life when your information is taken from you by criminals you can not see.

Of particular concern is the growing number of serious and organised fraudulent investment scams, which have brought significant personal losses to their victims here in Australia – including cases where people have lost all of their life savings.

Savings that were supposed to afford them a comfortable retirement without the need for the aged pension.

This type of financial loss can have a profound negative impact on an individual and family’s wellbeing.

It also has wider implications for the community and government services needing to be provided in the future, and the Australian economy suffers as funds that might otherwise be invested here to deliver growth, are diverted overseas—“a triple whammy!”.

Organised crime in the virtual world

In my mind, there are four key challenges that we must face to tackle organised crime in the virtual world:

• the increased connectivity that the Internet provides for like-minded criminals plan and implement crime with low-risk of exposure
• the incredible speed and global reach that the Internet provides for criminals to target their intended victims
• the large volumes of data that are stored on the Internet that become vulnerable to theft and exploitation, and
• the changing buyer / supplier dynamic that evolves through online purchasing.

Ironically, it is probably these four challenges that also create the greatest benefits for legitimate use of the Internet.

Connectivity with low-risk of exposure

Organised crime groups are dynamic and flexible. If they don’t have the knowledge or expertise they need, they can buy it, and they regularly seek out industry professionals and service providers to help or facilitate their criminal activities.

These days, finding specialist services and facilitators is made easier through the online environment.

The use of social networking sites isn’t just limited to teenagers wanting to discuss the latest Twilight instalment, these advances in technology have also created places for criminals to meet, recruit, discuss and commit crimes. Organised criminals can connect with like-minded individuals —sharing ideas and making illicit plans— without being in the same neighbourhood, city or even country. This greatly reduces the risk usually attached with these engagements and allows criminal syndicates to recruit members that are located in multiple locations, anywhere in the world.

For example, we have seen an increase in ‘strategic child sex offending’[7]. That is, offenders have become more sophisticated in their networking activities and are able to access more information about offending techniques and possible victims[8].

In 2010, the United Nations Office on Drug and Crime also noted that the growth of the Internet has reduced the risk of detection for those individuals responsible for the production and acquisition of child pornography and created potential for increased demand[9].

Speed and reach

A criminal operating from Africa wanting to target consumers in Australia would have once had to produce a letter, address an envelope, purchase and attach a stamp, and send the letter by post – which could have taken several weeks. Now, the same criminal can generate around 10 000 emails per minute at relatively no cost.  These emails can be extremely targeted, and details of the intended victims are often derived from the sale or theft of personal information.

In addition, traditional crimes that were once committed on a local level are now being committed on a global scale using technology.  These crimes include everything from money laundering and identity theft to child exploitation and drug trafficking. For example, during the riots in the United Kingdom in August, social networking technology including Twitter and Blackberry Messenger were used by rioters to coordinate their violent and disruptive activities and communicate with each other[10].

Data volume and access

Companies are also being increasingly targeted as criminals are attracted to large volumes of data stored in single systems. To see this, we only need to look at the Sony Playstation incident earlier this year, where the details of over 77 million customers from around the world were compromised, including personal data and credit card information[11].

And in 2008, the US Department of Justice filed charges against eleven individuals over the theft and sale of approximately 40 million credit and debit card numbers from major retailers in the US. The criminals abused wireless networks by using the method of ‘wardriving’—they drove around in a car with a laptop looking to access weak wireless networks to hack into the data systems[12].

Changing buyer/ supplier dynamics

Like many legitimate businesses, it is not unreasonable to think that illegitimate businesses are taking advantage of the changing business dynamics by developing an online presence to directly reach and target consumers.

In the same way that Mr Gerry Harvey described the expansion of the online retailer in late 2010, saying that ‘local retailers were at an “unfair disadvantage” in competing against goods bought from overseas... and had difficulties competing against foreign online stores’[13], the traditional consumer and supplier relationship dynamic with illicit goods is also changing.

For example, we are seeing an increasing number of Australian users sourcing drug analogues and other synthetic drugs online. This change means that the consumer of the drug is developing a relationship direct with the manufacturer. Usually this means the individual is purchasing amounts for personal use and therefore much smaller quantities than would traditionally be moved across borders.

This creates a challenge for law enforcement which must now be on the look-out for increasingly smaller and more frequent drug packages being delivered via the postal stream. The Australian Crime Commission’s most recent Illicit Drug Data Report illustrates this dynamic, with a marked increase in the number of arrests for most drug types, coupled with a reduction in the overall weight of seized illicit drugs. 

A continuation of these ‘scatter imports’ is forcing agencies such as Customs and Border Protection to rethink their detection methods and, I am pleased to report, they are doing this remarkably well.

With all of these challenges, what does this mean for law enforcement?

Our response

We have to ask – have our law enforcement efforts kept pace with the partnership phenomenon of virtual organised crime?  Do we network, share ideas and methodologies, and constantly look for new and innovative ways to prevent and disrupt crime, in the same way the criminals seek to perpetrate them?

Law enforcement is faced with unique challenges, complicated by the anonymity of the Internet, the difficulties in gathering evidence, cross-jurisdictional issues and confused reporting. 

We know that victims are reluctant to report online fraud to the authorities and sometimes don’t even know that they are a victim.

Organisations are also nervous to on-report and publicise fraud, due to the risk of damage to their brand.

We can no longer work in isolation to tackle the crimes - we need to look beyond our traditional borders and coordinate our activities more than ever before. If I may quote the Attorney-General, Robert McClelland who recently wrote in The Age newspaper:

‘The global nature of cybercrime means no nation alone can effectively combat it. International co-operation and engagement are essential to an effective response. Keeping ahead of the game is the key to reducing the risk’[14].

It is critical that we work with agencies from around the world to detect, track, arrest and prosecute cyber offenders.

Over the past two years, the Australian Crime Commission has deliberately restructured to be better able to respond to the changing nature of organised crime.

In July 2010, we launched the National Criminal Intelligence Fusion Capability, which is a key component of the Commonwealth Organised Crime Strategic Framework.

Fusion brings together expertise, data, and technology across government agencies and law enforcement. It is about integrating, or ‘fusing’ information and intelligence nationally, to deliver a real-time picture of the threat posed by serious organised crime.

Fusion provides an environment where people, with a variety of skills and access to their own agencies’ data holdings, can collaborate and provide a greatly enhanced picture of the targets, risks, threats and vulnerabilities associated with organised crime.

Fusion is already delivering significant results, both in terms of providing an enhanced picture of known targets, as well as—as at 31 August—identified 59 previously unknown targets across a range of crime types.

These are just some of the early results we are seeing. The benefits of Fusion will no doubt be further realised as we strengthen our partnerships both nationally and internationally.

However, it is not enough to collaborate within law enforcement and government alone—we need to build networks across industry and communities to respond to the threat of cyber crime.  This will allow us to not only combat it while it is occurring but also, and perhaps more importantly, to develop strategies to prevent crimes being committed in the future.

In September this year, the ACC Board warned Australians to protect themselves against the growing threat of serious and organised fraudulent investment scams, which I touched on earlier. These scams target the retirement savings of Australians using highly sophisticated websites and manipulation of search data to trick investors into thinking the investment offers are legitimate.

Based on initial indications, more than 2400 Australian have lost in excess of $93 million to these scams, but it believed there is a high level of underreporting and these figures are expected to grow significantly.

Those victims, on average, lost approximately $130 000, with losses ranging from $35 000 to more than $4 million—in some cases, all of their entire retirement funds  and now need to consider working longer years, or being reliant on Government funding for their retirement.

Many of these scams are based off-shore which presents Australian law enforcement agencies with a challenge in how to identify, disrupt and prosecute the offenders. Added to that are the differences in record keeping, archiving and reporting requirements in various countries—some that differ so greatly that documents can be legitimately destroyed before law enforcement can get access to them.

To tackle this growing threat, the ACC Board has established a multi-agency task force that aims to disrupt fraudulent cyber-enabled investment scams and harden the Australian environment against this type of organised criminality.

Led by the ACC, the task force comprises of law enforcement, regulatory and service delivery agencies across federal, state and territory government. The task force has also been engaging with a range of industry sectors, including banking, superannuation, financial advisory, Internet service providers and community organisations to raise awareness and increase hostility to these frauds.

I believe this task force will provide us with a model for combating cyber facilitated crime in the future.

Conclusion

In closing, I note that in the short time I have been speaking to you, Norton estimates that over 20 000 people would have fallen victim to cybercrime[15].

The problem seems immense in size and we only have to look at the trends in mobile technology and cloud computing to realise that it is an ever-evolving and rapidly changing force. However, we should not be discouraged in thinking that the problem is too big.

There is certainly evidence of partnerships across government and industry like never before. These partnerships are creating opportunities to share information and strengthen the law enforcement and prevention response to organised crime.

However, this is genuinely a complex undertaking. The sharing of information relating to law enforcement methodologies is extremely sensitive and—while we must strive for maximum efficiencies and impact through the use of technology—we have to balance this with the need to protect information from the criminals.

There is no doubt that we must continue to evolve and work together so we can maintain our capacity to meet the challenges posed by organised crime.

Thank you