Meeting the growing demand for cybersecurity professionals has required organizations and government departments to broaden their range of potential candidates, many of whom have no background in information technology.
This has certainly been the case among Pacific economies, with many being recruited into cyber investigation roles in law enforcement.
While cybersecurity shares many of the investigative values and techniques with traditional law enforcement, the tools of the trade are slightly more unique and require some technical know-how. This is where the Cyber Safety Pasifika (CSP) program is hoping to assist, by: training law enforcement officers and investigators in cybercrime investigation and procedures; teaching them how cybercrime works; and, taking their trained skills as investigators and aligning it with how to solve cybercrimes.
Established by the Australian Federal Police (AFP) and the Pacific Islands Chiefs of Police in 2011 as a public education/awareness program, CSP has expanded its remit to strengthen legislative frameworks and develop technical capacity to perform cybercrime investigations among 17 Pacific Island Law Officers Network (PILON) economies.
Having worked closely with many of these economies over the years, providing network security trainings and assisting with the development of National Computer Emergency Response Teams (CERTs) in Tonga, Vanuatu, and Papua New Guinea, APNIC was invited to assist in developing and presenting a series of face-to-face workshops for law enforcement officers and investigators last year.
APNIC’s engagement was supported and coordinated by the APNIC Foundation with funding from the Australian Department of Foreign Affairs and its Cyber Cooperation Program.
.@AusFedPolice #SIPDP and AFP Pacific Policing Development Program – Regional host Cyber Pasifika Tier 1 training program at #RSIPF academy. Important skills for many Pacific policing agencies@AusHCSols #australianaid 🇦🇺🇸🇧 pic.twitter.com/Crm4vhYDWF
— John Tanti (@CmdrSIPDP) November 26, 2018
The workshops — there are currently two, an introductory and intermediate version — include tutorials and presentations from investigators and technical staff from the Australian Federal Police, vendors, software companies and other international law enforcement agencies providing an introduction to the Internet and cybercrime as well as investigative tools.
For the introductory (Tier 1) course, we don’t just talk about IP addresses and the DNS: we look at what Whois is and how it can be used as an investigative tool; how different DNS records work on the Internet; and, how to find people behind IP addresses and domain names through different service providers. We also look at things like routing (how different operators connect via BGP), and what Internet Exchange Points (IXPs) are and how they differ to regular transit connections.
In the intermediate (Tier 2) course we discuss cybercrime artefacts on the Internet, including where IP addresses, domain names, email addresses are left behind, and what log files look like and how they can aid an investigation. We also touch on some of the updated privacy regulations and how that impacts on some of these intelligence services such as Whois and the DNS, and then how to work with organizations to acquire the information through proper legal channels.
Having been involved in four workshops thus far — the most recent of which was held in Fiji this month — it’s been great to see numerous attendees progress through the different courses but, probably most importantly, making connections with one another. Some of these economies are very small and under-resourced, so they need to work as a community — as the old adage goes, ‘many hands make light work’.
Looking forward, Pacific economies will be encouraged to send new personnel to future training, including an advanced (Tier 3) course run by the AFP in Australia for attendees showing the most aptitude and interest. There are also plans for the Tier 1 training to be embedded into recruit courses of various Pacific Island police services.
Visit the Cyber Safety Pasifika website to learn more about the program.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.