Silent victims thwart cybercops: Qld Police

Silent victims thwart cybercops: Qld Police

Summary: Police could pursue more online criminals if more victims reported the crimes committed against them, according to one of Australia's highest-profile investigators.

SHARE:
TOPICS: Security
3

Police could pursue more online criminals if more victims reported the crimes committed against them, according to one of Australia's highest-profile investigators.

"Probably less than 1 per cent of computer crimes are reported to police," said Detective Superintendent Brian Hay, head of the Fraud and Corporate Crime Group of the Queensland Police Service.

However, businesses are reluctant to become involved. "The last thing they want is the police taking their file servers away to perform a forensic analysis, to seize and examine the logs to find the intrusions or compromises for offenders in another country that may never even be brought to justice," he said.

Hay believes this reluctance goes back to the internet's historical roots. "It commenced as a science and military tool. They didn't want the coppers involved. Then it's exploited by academic institutions. They didn't want the coppers involved either. The commercial world saw the opportunities to make money from the internet. And they too didn't want the boys and girls in blue being involved," he said. "But when the internet became a place to make money, it wasn't just the commercial environment that piqued its interest. The organised criminal world also saw opportunities. And by the way, they didn't want to talk to the coppers either."

Hay's comments came during his entertaining presentation to the AusCERT information security conference. Entitled "Mythbusters", it ridiculed the fictional police work we see on TV.

"They're immediately accessing 47 different jurisdictional databases, constructed 12 offender suspect profiles, and found out that he's just bought a packet of Cheezels at the Baltimore 7-Eleven store earlier that morning, not yet finished, they do an online access to the local Baltimore council database, retrieve the recorded files for the CCTV footage across the road from the 7-Eleven store, play them back, and from a piece of blurry footage utilise photo-enhancement software to generate clear photo blow-ups that'll run through their special facial recognition systems and then, within 2.5 seconds, their suspect's criminal mugshot appears from nowhere. Magic," he said.

Hay said it's a myth that the police know how to investigate all computer crimes, that police share information with other law enforcement agencies, and that police will hunt down overseas offenders and bring them to account. "Reality? Generally speaking, our skill levels and knowledge are behind that of the criminals ... We do lack effective and efficient sharing mechanisms commensurate with the speed of the cyber environment," he said. "Australia is a victim country, and we do not have the necessary international treaties and legal frameworks in place to facilitate many overseas prosecutions."

Other myths busted included the idea that crimes are always solved in 43 minutes plus commercials without any paperwork, that detectives can "saunter into any premises without [a] warrant", and that warrants can be obtained in seconds rather than hours.

"You know when they're really onto something because out comes the trusty pen, which is used to infect the crime scene and cross-contaminate the evidence. That pen seems to have several uses except one: taking notes," Hay said. "Complicated crime scenes can take days to process. Detectives do not handle crime scene evidence, and extensive notes are taken."

Topic: Security

About

Stilgherrian is a freelance journalist, commentator and podcaster interested in big-picture internet issues, especially security, cybercrime and hoovering up bulldust.

He studied computing science and linguistics before a wide-ranging media career and a stint at running an IT business. He can write iptables firewall rules, set a rabbit trap, clear a jam in an IBM model 026 card punch and mix a mean whiskey sour.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • Two problems:

    First, the time. If I'm a business owner, I may not neccessarily mind a few days so the police can investigate. A week, maybe. But the fact is that I have seen business cases take months and months of investigation, and they will keep your server/pc/whatever for that entire length of time without returning your possessions. fun fun.

    Secondly, the fact that they HAVE to take the original storage devices, and everything that they are in. For instance, if something happens that is traceable via your pc, they will take the pc. They won't just take the hard drives, they won't just make a copy of the data and bring it back to you, they will take your entire system. For a business, the theft/damage would often have to equate to multiple hundreds of thousands of dollars for them to be interested in this route - and I would wager that a lot of cyber criminals know and understand this to be the case.
    BaneAu
  • Perhaps the police should have a look at their own procedures then? As they mention in the article, if a crime is reports the police will take away the victims computers as evidence. That's hardly an incentive to report these crimes. It's time the police stopped being so inefficient and corrupt in these matters.
    m00nh34d
  • I have dealt with police regarding Cyber-crime on three different occasions.

    1. I was approached to attempt to hack into kiddie-porn files that were encrypted under PGP. Sorry, PGP very deliberately does not have back-door access. I'll need the original hard drive to see if I can reconstruct the evidence from any temporary files that may have persisted after viewing. "Oh no. We don't have the hard drive but we have a CD image of the drive." Sorry again. That is useless because it won't have copied "blank" sectors.

    2. Someone sent me an 'innocent' picture file. Half an hour later I got an email receipt from PayPal for $300 web hosting. There are two factors of embarrassment here:
    a) I fell for it when I should have known better;
    b) Do I really want to talk to the police about being scammed via a GAY dating site and put up with all the smirking and behind-my-back innuendo?

    3. A now ex-relative had a computer in his bedroom because there was nowhere suitable to set it up in a parental-watch location. As he spent all his time on Warcraft and such crap, the computer was regularly scanned for inappropriate material, and none was found. [Actual events deleted because of legality.] He's been busted anyway and the police HAD to be called. I had already started data-recovery because the incriminating material was deleting itself. So when the police turned up to seize the computer, I gave them detailed instructions of what I was doing, where I was up to, and what had to be connected where to ensure that no other data was lost. Of course, police forensics knew more than I did and they lost any and all evidential data. It took many months of legal wrangling to get the machine back, and had there been any business involved $thousands would have been lost. I was being punished for HIS misuse of MY property----just like "AFACT" vs iiNet !!!

    Let's face it. The only reason that people even bother to report a Break and Enter is so they can submit their insurance claim. There's certainly no expectation that your goods will be recovered.
    Treknology