In this interview, TechTarget Australia's Patrick Gray interviews Australian Federal Police Agent Nigel Phair about his new book: Cybercrime: The Reality of the Threat. Until recently, Phair was the Team Leader of Investigations at the Australian High Tech Crime Centre (AHTCC) in Canberra.
Nigel Phair (NP): I wrote the book to basically get some of my ideas of the broader cyber crime environment out in the public domain. The focus of the book was to get people that really don't have much knowledge in this space to become more skilled in how they operate in the online environment ... I find your chief security officers and a lot of those people with a C in front of their title don't know much about technology.
Patrick Gray (PG): So it's really designed to bring people up to speed with the latest crime trends in general?
NP: It's about the cyber crime environment and how it impacts society in general.
PG: If I were to pick up this book right now and flick through it what would I find the most surprising chapter or surprising themes to emerge?
NP: The themes I don't think are particularly (surprising). End user compromise is real biggie. The fact that people get online and behave in a different manner than they do in the offline environment and pay the price accordingly.
PG: There's a theory called the greater Internet idiot theory: You take a normal person and give them anonymity and an audience and all of a sudden they become complete idiots. Is that something that you're saying applies to criminal types as well? Would you say that people are more likely to engage in criminal activity on the Internet because of the anonymity that it affords them?
NP: Well people definitely behave in a different way and criminal activity is just one of the things that they do online as well as many other things. But I suppose the real issue is that they become victim to criminal activity which in the real world they wouldn't become victim to.
PG: From a law enforcement perspective, do you think that authorities are on top of this threat or do you think it's actually getting quite worse?
NP: I wouldn't say it's getting worse but it's really difficult to get on top of such a dynamic threat. From a law enforcement perspective, your police at all levels have got a wide range of issues confronting them and technology is just one of them. One issue is obviously investigating cyber crime itself; the other issue is how technology relates to all other crimes. Investigators across the complete divide really need to understand how technology works and their avenues of enquiry may include the Internet or some sort of digital device.
PG: Pulling together a prosecution brief to charge someone with an offence committed over the Internet is quite challenging, isn't it?
NP: Well, essentially you're trying to prosecute someone or something on something that is completely borderless. The Internet is obviously a complete borderless world yet you're using state jurisdiction or state legislation to do that. Now there are some mechanisms like extradition and mutual legal assistance but they're very cumbersome and slow and really not geared up for this type of environment.
PG: And it's also quite difficult to find evidence that's real smoking gun stuff isn't it? Log data can be modified - it's circumstantial; it's not really going to help you in court is it?
NP: Log data is just one sort of piece of a very big pie and a lot of people think that because they've got log data and do a quick 'who is' check that they have sort of 'got' the person. But good criminals use proxy boxes all over the world particularly in those jurisdictions where there is good fast broadband. Obviously they anonymise themselves and their activities so it's very difficult to locate these people let alone find evidence of an offence.
This interview originally ran on ITRadio.com.au's Risky Business podcast, which can be downloaded here.