Interpol digital crime officer national cyber review management, Steve Honiss
In a world filled with cybercriminals unimpeded by national borders, INTERPOL digital crime manager, Steve Honiss, and personnel at the new INTERPOL Global Complex for Innovation (IGCI) in Singapore are tasked with thwarting the efforts of these international gangs.
Honiss is on secondment from New Zealand Police where he managed the National Cybercrime Centre and developed the first New Zealand Police Cyber Operating Strategy.
INTERPOL is a different organisation than the national or state police forces around the world. Unlike its local counterparts, it acts as more of a support network for collaboration and tracking international crime.
It has spent much of its energy and resources pursuing transnational organised crime groups and in the last four to five years begun to focus heavily on cybercrime organisations.
This is not surprising considering the cost of global cybercrime and the impact it has on millions around the world. Trend Micro estimated that in 2014, cybercrime cost an estimated $US456 billion and is expected to rise to over $US2 trillion by 2019.
Honiss made the point that the activities of many of these organisations are not limited to cybercrime. Many of them engage in money laundering, human trafficking, prostitution, extortion and drugs.
In the last several years, Honiss said the Internet had significantly changed the way traditional and indeed new types of crimes had been committed.
“The World Wide Web has made it much easier for organised crime groups to operate and much more difficult for police forces to track and apprehend them.”
“Without possessing much technical skill, anyone could get on to Google, complete a few hours of research and be able to purchase a set of credentials such as stolen credit card details.
“You could then use those credentials to purchase the services of an organised crime group to carry out a DDoS attack against a competitor. “It has become far more achievable to the average person, with no hacking skills, to carry out this sort of activity.
“We talk about it as Crime-as-a-Service. That’s how easy it has become.”
Honiss said that in the face of the evolving and expanding cybercrime market, INTERPOL and its 190 member countries have had to increase scope and capabilities and have done this through partnerships with global IT security firms such as Trend Micro and Kaspersky.
INTERPOL and many of its industry partners could never hope to individually match the resources of transnational criminal organisations. The global policing organisation has joined forces with a number of security vendors including Trend Micro and Kaspersky Labs to build a new centre for tracking cybercrime across the globe.
There are four Directorates housed in the IGCI, two of which are dedicated to cybercrime. The INTERPOL Digital Crime Centre (IDCC) and Cyber Innovation & Outreach.
The IDCC provides investigative support to assist state police agencies with investigations, and includes a Digital Forensic Laboratory, and a cyber intelligence function.
INTERPOL is by no means a powerless organisation, but without assistance from IT security firms, Honiss said it would be an impossible task tracking the amount of cybercrime on the Web.
“Trend Micro and Kaspersky have made significant financial investment into the centre,” he said.
“As part of the agreement, they will bring in experts. We have a malware expert and intelligence people working in there. In the other areas we identify a gap in our capability or see an opportunity for joint collaboration we will identify individuals we know that have been working in the scene or reach out to organisations on specific projects.
“For example, it may be a university where there is an individual that has particular skills or interest and the university is willing to second someone in. We have done a few projects with universities on darknet.
Darknet is a private overlay network where connections are made only between trusted peers using non-standard protocols and ports. The dark web is the most commonly known subsection of the Darknet. Also part of the Deep web, the part of the Web that is not indexed in standard search engines.
“We recently had a professor from The University of Twente in the Netherlands. He spent six months in Singapore working on darknet and virtual currency issues. We worked on some joint research and training development. That is a particular interest of his and it met our need to have very specialist technical skills,” said Honiss.
“He is an absolute world expert on darknet and virtual currencies. It is very useful for us as law enforcement officers to have that deep knowledge and technical perspective.”
He explained that INTERPOL has its own internal training programs but also relies heavily on industry and academic partners to augment this training.
“External partners that are brought in have their own specialist skills. One of the analysts at the IGCI at the moment is a malware expert so he has been training our technical people in malware analysis,” he said.
