Why does APNIC work with Law Enforcement Agencies?

By on 6 Nov 2017

Categories: Community Development

Tags: , , , ,

Blog home

Craig Ng presenting at ISCR 2017 in Seoul, Republic of Korea.

Network security is the biggest challenge in the delivery of Internet related services, according to the majority of 2016 APNIC Survey respondents.

Many respondents felt that APNIC has a role to play in conducting awareness programs, recommending best practices, running advanced training courses about security-related issues, and facilitating collaboration and sharing of information to help mitigate the associated risks with many security issues.

APNIC actively engages with Law Enforcement Agencies (LEAs) in the Asia Pacific region (and further abroad), on matters relating to Internet security issues to help make the Internet a more stable, secure, and open platform.

Network security was the greatest challenge indicated by respondents in the 2016 APNIC Survey.

This activity has grown over the years, from participating in forums of common interest, including the ICANN GAC Public Safety Working Group — which Paul Wilson wrote about recently — to being invited by the law enforcement community and other public safety officers to conduct training and participate in discussions related to Internet security.

In the past two months, I’ve been invited to participate in such discussions in the Republic of Korea and Europe, and this week will be attending a training in Fiji.

International Symposium on Cybercrime Response

The International Symposium on Cybercrime Response (ISCR) is a cybercrime-related conference held annually in Seoul, Republic of Korea. The event has grown from largely a national event to a well-attended global event, which they co-organize now with the INTERPOL Global Complex for Innovation (IGCI), as part of the INTERPOL Digital Forensics Experts Group Meeting.

APNIC was one of the first non-LEAs to be invited to participate at the ISCR in 2013 and have continued to participate at each of its conferences since.

At the recent conference, I gave a presentation about how APNIC works with various LEAs to help them better understand how the Internet registry system operates and what useful publicly available information can be found in the APNIC Whois Database.

Europol-INTERPOL Cybercrime Conference

Since 2014, APNIC has been invited to attend this conference, joining heads of law enforcement units from Europe, Asia and Oceania, as well as other key Internet partners to discuss trends in cybercrime and work towards developing a coordinated law enforcement response.

Many cybercrimes involve multiple actors across multiple jurisdictions. The current formal process for LEAs to collect evidence from another jurisdiction – Mutual Legal Assistance Treaty – is slow, which compromises investigations and prosecutions.

One of Europol and INTERPOL’s aims is to develop a legal framework for sharing real-time forensic information between LEAs regionally and internationally in an effort to speed up this cross-jurisdictional information-sharing process.

In addition to sharing expertise and best practice in cybercrime investigations, the three-day meeting provided an opportunity to develop regional action plans and identify potential areas for operational activity to target cybercriminals.

INTERPOL Cybercrime Investigation Training for Pacific Region

APNIC has been invited by many LEAs and conferences to run advanced training courses about cybersecurity related issues, including how law enforcement officers can use the APNIC Whois Database to investigate cybercrimes.

This week, I will be travelling to Fiji with APNIC Security Specialist, Jamie Gillespie, to conduct training for LEAs from a number of Pacific Island economies including Nauru, Samoa, Tonga, Vanuatu and Fiji. This training is being delivered in collaboration with INTERPOL, the Hong Kong Police Force, and Meiya-Pico (a digital forensics service provider based in China), and will provide attendees with best practices on how to deal with emerging cyber risks.

LEAs are a part of the APNIC community

APNIC considers LEAs important members of the Internet community, and is committed to fostering and growing relationships with LEAs to continue to:

  1. Address Members’ cybersecurity concerns by collaborating and coordinating with LEAs to improve and maintain Internet security.
  2. Inform LEAs about the role of Internet registries and the use of whois – not just to find contact details – but also to analyze routing information, reverse DNS, and partnerships.

I’m grateful the law enforcement community also embraces APNIC as part of their community in fighting cybercrime and welcome the law enforcement community’s participation in the policy development process as well, to make sure the voices campaigning for a safer and more secure Internet are heard and addressed.

Read: LEA stakeholders enter the whois discussion

 

Rate this article

The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.

Leave a Reply

Your email address will not be published. Required fields are marked *

Top