E-crime: a global challenge for law enforcement By Steve Jiggins *, Director Media and Public Relations In releasing the report AFP Commissioner and Chair of the Commissioners' Electronic Crime Steering Committee, Mick Palmer said: "One of the main challenges associated with new technology is the fact that offences can be committed on a global basis with such speed and anonymity, which if left unchecked, threatens the viability of the economic wellbeing of industries and, in our experience, the very existence of smaller nation states." Due to the invasive nature of the new technologies the report identifies the need for law enforcement to work with other community and industry sectors to develop a comprehensive national and regional approach to the issue. "An important platform for the way forward is for law enforcement to develop partnerships within the community and industry which engenders mutual commitment and encourages enhanced cooperation. We cannot go it alone if we are to effectively protect Australasian infrastructure", Commissioner Palmer said. The report will be used by Commissioners as a basis for wide-ranging consultations in the public and private sectors in the development of an Australasian law enforcement strategy. The strategy will be put to Australasian Police Ministers in December this year. Issues discussed in the report include: the global nature of e-crime, gathering and retaining electronic evidence, establishing the identity of criminals, developing tools to counter crime, responding to crime in real time, improving reporting of electronic crime, acquiring, developing and retaining specialist staff and avoiding technology lag. *Steve Jiggins is the Director of Media and Public Relations and was one of two AFP members seconded to assist the working party in the development of its report. Facts on the e-crime environment How many people use computers? About 50 per cent of Australian households had a computer as at February 2000. Nearly two-thirds of all Australian Adults used a computer in the year to February 2000. Australia and New Zealand are leading countries in both the uptake of new technology and the reliance of infrastructure on technology. Growth in internet use Australia has the third highest per capita usage of the internet, after Finland and the USA. Internet service providers have increased by nearly 3,000 per cent from 1995 to 2000. The National Office of Information Economy project that 43 per cent of Australians adults will be using the internet by February 2001. Growth in websites Websites have increased dramatically as follows: Year No. of sites 1993 130 1994 2,738 1995 23,500 1996 252,000 1997 1,120,000 1998 2,410,000 1999 5,040,000 E commerce predicted growth The National Office of Information Economy predicts that e-commerce initiatives in Australia could realise a 2.7 per cent increase in the level of national output and enhance consumption by about $10 billion within the next decade. What is e-crime? Offences where a computer is used as a tool to commit an offence, or as a target of an offence, or the use of a storage device in relation to an offence. E-crime reporting levels About 30 per cent of major corporations in the US reported e-crime incidents in 1999 at a cost of US$125,000 million. About 70 per cent reported incidents in 2000, at a cost of in excess of US$250,000 million. The Australian Computer Emergency Response Team report similar increases with 1,800 cyber incidents reported in Australia in 1999 and 2,200 incidents reported in the first quarter of 2000. The cost of e-crime The estimated cost of the Love Bug virus (or ILOVEYOU worm) affected tens of millions computers and the cost world-wide was as high as $US15 billion or equivalent of A$25 billion. [index] The virtual horizon: meeting the law enforcement challenges Enormous benefits will flow from the utilisation of computer technology. They include the development of electronic commerce, also known as `e-commerce'. A report on e-commerce beyond 2000 produced by the National Office for the Information Economy (NOIE) suggests that e-commerce initiatives in Australia could increase the level of national output by about 2.7 per cent, and enhance consumption by about A$10 billion within the next decade (NOIE 2000b). It has also been predicted that e-commerce will be worth $1.6 trillion to the Asia/Pacific region by 2004 (Gosnell 2000). The computer has become integral to our way of life. However, as our dependency on computer technology increases, so too does our vulnerability. In the rush to go `on-line', steps must be taken to ensure responsible risk management and ongoing trust, confidence and security in the system. The recent intrusion here in Australia to the GST/ABN website demonstrates the risks involved, as well as the adverse publicity and loss of confidence in the system that may follow. Barbara Etter, Director of the ACPR The scoping study was undertaken by a working party chaired by Commander Barbara Etter, Director of the Australasian Centre for Policing Research. This vulnerability was clearly demonstrated recently with the distributed denial-of-service attacks on Yahoo, Ebay and other major Internet players, and the `Love Bug' virus (or ILOVEYOU worm). These two recent incidents also demonstrate the capacity for a single individual to perpetrate major and widespread criminal harm (with a 12-year-old Canadian boy, named `Mafia Boy', the alleged offender in the denial-of-service attacks and a university student from the Philippines a possible offender in the Love Bug incident). The Love Bug has been referred to as a "global pandemic" which "raced around the world at light speed, clogging communications and bringing both commerce and politics to a halt" (Grossman 2000, p.47). Because of its blinding speed, it spread around the world in a `hypersonic' two hours (Grossman 2000, p.48) and reached an estimated 45 million e-mail users (ABC Online 2000). The malicious code struck on May 4, 2000 damaging electronic mail systems across the world, including those of the Pentagon, the CIA and Britain's parliament. Global connectivity means that havoc can occur, in a very short timeframe, throughout the world. The abuse of computer technology may threaten national security, public safety and community well-being and devastate the lives of affected individuals. While computer technology is used in many traditional crimes, the nature and particular e-crimes of electronic crime present new and unique challenges for policing because of characteristics such as: o anonymity; o global reach (including issues of jurisdiction, disparate criminal laws and the potential for large scale victimisation); o the speed at which crimes can be committed; o the potential for deliberate exploitation of sovereignty issues and cross-jurisdictional differences by criminals and organised crime; and o the volatility or transient nature of evidence, including the lack of collateral or forensic evidence such as eyewitnesses, fingerprints or DNA. With the growth of the Internet and electronic commerce, the potential for huge increases in crimes of acquisition, including fraud, is very real. Fraud (including forgery and false pretences) has already been found to be the most expensive crime in Australia, costing the Australian community in monetary terms $3-$3.5 billion per year or 15.3-17.9 per cent of total crime costs (Walker 1997, p.6). As stated by Grabosky, Smith and Dempsey (2000, p.4), "The fundamental principle of criminology is that crime follows opportunity, and opportunities for theft abound in the Digital Age". Organised crime has the potential to exploit gaps in the current policing and law enforcement response in order to conduct illegal business and to successfully launder the proceeds of crime (Australasian Crime Conference 1999, p.5). It has been estimated that US$500 billion is laundered globally each year (California High Technology Crime Advisory Committee (HTCAC) 2000, p.32). High-tech crimes raise new challenges for law enforcement. In investigations involving computer networks, it will be important for technically literate investigators to move at unprecedented speeds to retain and preserve data, and locate suspects. There will also be a need for high level international coordination and cooperation. Australasian Commissioners of Police have recognised that unless law enforcement acts quickly, society could be seriously affected by unchecked electronic crime. The United States has already decided that it is not going to wait for an "electronic Pearl Harbor" (White House 2000a, p.3). President Clinton has sought $2 billion from Congress for financial year 2001 to enable the US to address the issue of cyber-security. The request will accelerate new programs to educate Americans for cyber-security careers, build a system for protecting federal government computers, and create a new Institute for Information Infrastructure Protection (White House 2000b, p.1). Among the high technology budget items for the FBI for 2000 (ie. the current financial year) are increases of US$58 million for a networked information system and US$10 million to hire and train 79 new computer forensic investigators (HTCAC 2000, p.46). The theme of the March 2000 Police Commissioners' Conference was Crime @ the speed of thought. At the conference, Commissioners of Police decided to place the issue of electronic crime firmly on the law enforcement agenda and to urgently develop a strategy to enable timely and effective policing responses to future issues and challenges. To this end, the conference formed a steering committee of four police commissioners and a working party chaired by the Director of the Australasian Centre for Policing Research (ACPR). The core task of the working party was to develop a law enforcement strategy on first priority matters, as well as a detailed and complementary workplan. The steering committee requested the working party to investigate, ie. `scope out' the nature of the problem prior to the development of any strategy. The purpose of this scoping paper is to define the nature of the problem locally and globally, and in the context of social, political and economic imperatives. The paper documents the extensive background work undertaken by the working party. This research is fundamental to the development of the Australasian law enforcement strategy on electronic crime. The term `electronic crime' is used to refer to offences where a computer is used as a tool in the commission of the offence, or as a target. It also encompasses the use of a computer as a storage device. However, the emphasis in this report will be on the two earlier categories. Throughout the report, the terms `computer crime', `high tech crime', `digital crime', `e-crime' and `cybercrime' are used interchangeably with `electronic crime'. While the Internet will be a key factor in much of the electronic crime coming to the attention of the police and the media, any law enforcement strategy must encompass the use of other new and emerging technologies in the commission of crime. Consistent with the vision and principles of Directions in Australasian Policing, but in no way meant to be restricted by this document, the mission of the electronic crime project is: To provide a safer and more secure community, both on and off line, and to promote public safety and security, via the prevention and reduction of electronic crime through: o leadership, partnership and consultation; o professionalism and accountability; and o coordination and cooperation in operations and resources. Traditional crimes have been greatly facilitated by technology advances such as mobile telephony, the Internet and encryption (President's Working Group on Unlawful Conduct on the Internet (WGUCI) 2000, p.1). Meanwhile, new criminal opportunities have been created by the development of electronic media. Denial of service (DOS) attacks, viruses, unauthorised entry, information tampering, cyberstalking, spamming, `page-jacking' and computer damage are relatively new types of offending or undesirable behaviour that did not exist in their current form in the pre-computing environment. The development of computers has created fresh opportunities for services theft, software piracy, and other thefts of intellectual property. Because many telecommunications networks, such as the public telephone network and the Internet, are now connected globally, the crime often has an international dimension. It has been suggested that with modern mobile devices such as laptop computers, mobile phones and modems, crimes can now be committed anytime anywhere, with the potential scale of the crime scene and the impact of the offending potentially the entire, network-connected world (Bliss & Harfield 1998). Electronic crime varies in its manifestations, so it is difficult to discuss in terms of aggregate incidence and impact. As a result, definitive information on the present extent and impact of electronic crime in Australia, New Zealand and overseas is not available. A significant amount of this crime is simply not reported. This is in part because of a great reluctance to notify incidents to law enforcement authorities to avoid any potentially adverse impact on consumer confidence, or perhaps because of a lack of confidence in the capacity of law enforcement to deal with such issues in a timely way. Two major surveys on computer crime have been conducted in recent years in Australia: one in 1997 by the Office of Strategic Crime Assessments (OSCA) and Victoria Police, the other in 1999 by the Victoria Police and Deloitte Touche Tohmatsu. These provide an indication of the incidence of computer crime within big business. We are clearly witnessing exponential growth in the uptake of technology and the use of the Internet. It is reasonable to assume that such growth will be accompanied by an increase in the incidence of electronic crime. Despite difficulties in quantification, the financial and economic impacts of electronic crime are likely to be high. As mentioned previously, it has been estimated that the Love Bug virus (more properly known as the ILOVEYOU worm) affected tens of millions computers (Grossman 2000, p.48) and that the cost world-wide of the malicious code was as high as US$15 billion or the equivalent of A$25 billion (Reuters 2000; Sydney Morning Herald 2000). The social costs of crimes like child exploitation and cyberstalking for victims and their families would also be significant. The repercussions may include: medical problems such as depression or other mental health issues, unemployment, truancy, family break down and a deterioration in quality of life and well-being of the general community. On the other hand, the social costs would be significant if Australia was unable to capitalise on the enormous benefits flowing from the growth of electronic commerce. In terms of offenders, it is employees and insiders who pose the greatest threat to organisations. Computer crime is often referred to as an `insider' crime. Statistics attributing computer crime to `insiders' range from 73 per cent to 90 per cent (United Nations (UN) 1999, p.9). Advances in remote data processing will probably mean the threat from external sources will increase. With the increasing connectedness of systems and the adoption of more user-friendly software, the sociological profile of the computer offender may change (UN 1999, p.9). The spread of computer culture and `IT-literacy' in society can be expected to raise the IT skills and capability of young criminals in particular, and raise the awareness of all criminals to the possibilities for committing `cybercrime' (National Criminal Intelligence Service (NCIS) 1999, p.20). In relation to victims, the growing use and commercialisation of the Internet since the mid-1990s has broadened the target profile significantly: commercial entities (industrial espionage), credit card companies (fraud) and everyday users (fraud, harassment) have become victims too. In future, likely targets are audio and video copyright owners, corporate rivals, home shoppers, and new Internet infrastructure firms (NCIS 1999, p.20). The information age is confronting and challenging police practitioners and other law enforcers who are required to investigate offences where IT devices or networks are the tool or the target of crime, or the repository of evidence about crime. Skills required by investigative police and others are outlined in this paper. Internal capability issues examined include: o training; o forensic computing capability; o skills acquisition, development and retention; and o information and intelligence exchange. Comparing the current state of training with Thompson's (1990) three-tiered framework discloses a significant shortfall. The level of training is also inconsistent between jurisdictions and coverage appears to be patchy. Much needs to be done to facilitate the exchange of information and intelligence between policing and the community, as well as the private sector, in order to prevent and respond to electronic crime. The `brain drain' issue also presents a significant challenge for policing. The need for a national forensic computing capability is recognised. At the same time, the importance of individual law enforcement agencies maintaining and developing an appropriate response capacity is stressed. Fighting electronic crime will be an expensive endeavour and there are clear benefits in the strategic sharing of scarce resources. Various models for such a facility include: o developing a stand-alone facility, possibly utilising the National Common Police Service model; o developing a centre of excellence within an existing police or law enforcement agency; o developing a coordinated network of a number of centres of excellence, within various agencies (possibly a `virtual' capability); or o coordinating the outsourcing of all or some functions to the private sector. With any of these models, issues of governance and control need to be carefully considered, as do role and functions. Matters to be determined include: whether the unit will itself be operational or will provide operational support, and the role such a centre might play, if any, in relation to training, and research and development. One role that may be important is the provision of early alert mechanisms for government, the private sector and the community. The establishment of a national clearing house to facilitate the exchange of intelligence and the coordination of operations, locally and globally, is emerging as essential to law enforcement in the electronic environment. These roles may be beyond the capacity, however, of a national forensic computing capability. This paper outlines the current capabilities of agencies including the Defence Signals Directorate (DSD), the Australian Broadcasting Authority (ABA), the Australian Securities and Investments Commission (ASIC), the National Crime Authority (NCA), the Australian Customs Service (ACS) and the Australian Security Intelligence Organization (ASIO). It has only been possible to include information on some defence and intelligence agencies which is in the public domain. Vital to the law enforcement response to electronic crime is the leadership of the private sector, which has a critical role in ensuring a safe and secure on-line environment. In particular, the private sector should take the lead in areas such as the design of new technologies to protect children on-line, self-regulatory consumer protection initiatives, and coordination and cooperation with law enforcement (WGUCI 2000). There is scope to increase the current role of the private sector for the benefit of all parties. In Australasia, developments in the electronic environment have been recognised as so great as to present a challenge to our law enforcement agencies that defies its capacity to control alone (Grabosky 1999). Computer and telecommunications security is a matter of concern for many organisations. Both public and private sectors must be encouraged to identify areas of vulnerability and to implement security measures to protect against threats to confidentiality and integrity, and safeguard availability of systems and data. Exposure to breaches of security must be reduced to an acceptable level by instituting threat prevention, threat detection, and an appropriate response to security violations. Security measures to prevent electronic crime vary widely. Encryption is a method of increasing the security of electronic communications and data. There are also technologies which prevent computer-related crime through target hardening. For example, some electronic crime depends upon unauthorised access to information systems. Access control and authentication reduce the incidence of this type of offence. Apart from technologies to detect viruses and prevent malicious damage to computer systems, security can be incorporated into computer systems when software, hardware and business processes are designed and built. The growing private sector electronic security industry is incorporating these protective measures into the electronic environment. Earlier this year, Standards Australia made available an updated version of the joint Australia and New Zealand Standard AS/NZS 4444, which is a standard for information security management. Standards Australia is also introducing a third party certification scheme, which will allow organisations to be certified as meeting the code of practice outlined in this standard. This initiative, and compliance with it, should assist in preventing the incidence of electronic crime. The issue of prevention is discussed in this paper and examples given of current e-crime prevention initiatives within policing, such as the NSW Police Child Exploitation Unit and the Victoria Police Computer Crime Investigation Squad. The capability of partner agencies in the area of prevention is examined. The nature of the current and future environment is assessed with a view to identifying current trends, emerging issues and problems in the technology environment. Various sources deal with emerging issues, including the Californian High Technology Crime Advisory Committee (HTCAC 2000), OSCA (1997) and an environmental scan of technological issues conducted by the ACPR (Rees 2000). Some of the issues highlighted in the ACPR report (Rees 2000): o increased miniaturisation and convergence of technologies; o increasing global connectivity; o improved cryptographic methods; o the potential for low value/high volume fraud; o the potential difficulties posed by encryption; o an increase in the number and availability of tools for overcoming the variety of systems designed to assure the confidentiality, integrity and availability of data and systems; o the potential impact of smartcards, e-cash and stored wealth in digital form; o the potential impact of global positioning systems and robotics; and o increased availability of information to the public, including the means of making weapons of mass destruction. Other key aspects to consider in the future environment include: o the reducing cost of technology; o the reducing cost of the Internet; o rapidly increasing storage capacity; o rapidly expanding bandwidth; o increasing technical complexity; and o increasing awareness of electronic evidence. The international context is examined and due regard paid to important initiatives being coordinated by the United Nations, G8, the Organisation for Economic Cooperation and Development (OECD), Interpol, and the Council of Europe to identify international best practice and ensure that any Australasian strategy links with key initiatives elsewhere. The global reach of electronic crime is such that Australasian policing cannot afford to work in isolation on this critical issue. Strategies in the UK, US, the Netherlands, Japan and Hong Kong are examined and the major findings of the US Electronic Frontier report are also provided (WGUCI 2000). The President's Working Group, which prepared the Electronic Frontier report, considered: o the extent to which existing federal laws were sufficient to address unlawful conduct involving the use of the Internet; o the extent to which new tools, capabilities, or legal authorities may be needed for effective investigation and prosecution of such conduct; and o the potential for using education and empowerment tools to minimise the risks from such conduct. Consistent with the Administration's overall policy, including support for industry self-regulation where possible, support for technology-neutral laws and regulations, and an appreciation of the Internet as an important medium for commerce and free speech, the President's Working Group recommends a three-part approach to the issue of electronic crime: o any regulation of unlawful conduct involving the use of the Internet should be analysed through a policy framework which ensures that on-line conduct is treated in a technology-neutral manner, and in a manner that takes account of other important societal interests, such as privacy and protection of civil liberties; o law enforcement needs and challenges posed by the Internet should be recognised as significant, particularly in the areas of resources, training and the need for new investigative tools and capabilities, coordination with and among federal, state, and local law enforcement agencies, and coordination with and among international counterparts; and o there should be continued support for private sector leadership and the development of methods, such as `cyberethics' curricula, appropriate technological tools, and media and other outreach efforts, which educate and empower Internet users to prevent and minimise the risks of unlawful activity. The working group found that the Internet presented new and significant investigatory challenges, which were neither trivial nor theoretical, for law enforcement at all levels. These challenges included the need for: o real-time tracing of Internet communications across traditional jurisdictional boundaries; o the capacity to track down sophisticated users who commit unlawful acts on the Internet while hiding their identities; o `hand-in-glove' coordination among various law enforcement agencies; and o trained and well-equipped personnel at federal, state, local and global levels to gather evidence, investigate and prosecute these cases. Initiatives in the United States include: o key legislation, including the ability to retain and preserve data; o National Infrastructure Protection Center (NIPC); o National Infrastructure Protection and Computer Intrusion Squads/Teams; o NIPC Outreach/InfraGard; o National Cybercrime Training Partnership (NCTP); o Computer Analysis Response Team (CART); o Internet Fraud Complaint Center (IFCC); and o Law Net. Relevant initiatives in the national context such as NOIE, the Action Group into the law enforcement implications of Electronic Commerce (AGEC), the NII and the Australasian Computer Crime Program (ACCP) are also covered. The need to build upon, complement and leverage off these key initiatives and existing capabilities is recognised. The inter-relationship of the Commissioners' Conference strategy on electronic crime and efforts to protect the NII will be particularly important. The legislative environment in national, Australasian and international contexts is examined in relation to substantive criminal law and procedural issues relating to the investigation of computer crime. The telecommunications regulatory regimes in Australia and New Zealand are also examined. Key procedural issues identified as requiring urgent and further attention are: o computer search and seizure (including computer network and extra-territorial searches); o undercover computer investigations (including covert data collection and immunity from prosecution issues); o obligations of system owners (including the ability to get around encryption); o computer communications interception and monitoring (including data communications interception, and call tracing and network monitoring); and o data retention and preservation. Some of the principal problems affecting international cooperation in the area of computer crime are identified as follows: o lack of global consensus on what types of conduct should constitute computer-related crime; o lack of global consensus on the legal definition of criminal conduct; o lack of expertise in this field on the part of police, prosecutors and the courts; o inadequacy of legal powers to investigate and gain access to computer systems, including the inapplicability of seizure powers to intangibles such as computerised data; o lack of harmonisation between the different national procedural laws concerning the investigation of computer-related crimes; o transnational character of many computer crimes; and o lack of extradition and mutual assistance treaties and of synchronised law enforcement mechanisms that would permit international cooperation, or the inability of existing treaties to take into account the dynamics and special requirements of computer crime investigation. International harmonisation of the legal categories and definitions of computer crime has been proposed by the United Nations, OECD and the Council of Europe (UN 1999, p.22). In the international context, the issue of jurisdiction is central, as demonstrated by the recent consideration of the issue by the Model Criminal Code Officers Committee (MCCOC 2000). Innovative ways of dealing with this complex issue may well be required. The concept of privacy is canvassed from a national and international perspective. While privacy concerns are a significant aspect, the issues it raises are not insurmountable and should be able to be worked through. However, privacy is an issue which needs to be monitored carefully. As indicated previously, this scoping paper is to be used as a basis for analysis with a view to identifying key emerging issues, gaps in current law enforcement response capacities, particular threats and vulnerabilities, and first priority matters to be addressed. It will help to identify aspects of international best practice and key international initiatives which should be followed up. Recent reports and statements from the US, in particular, the Electronic Frontier report (WGUCI 2000), US Attorney-General Janet Reno's 10-step Law Net strategy (Reno 2000) and initiatives such as the NIPC and InfraGard are also instructive. Important Australian documents such as the Strategic Framework for the National Information Economy, prepared by NOIE, provide critical and relevant frameworks for action. However, greater emphasis on law enforcement and security issues is required in such documentation. Recognition of the relevant policy framework, including social, political and economic imperatives, is recognised as essential. Any resultant law enforcement strategy must facilitate electronic commerce and economic growth. It must assist Australasia in maintaining its competitive position in the international marketplace, by ensuring consumer confidence and protection, and a stable national and international environment conducive to investment and engagement in electronic commerce. There is certainly scope for growth in the use of the Internet for electronic commerce (NOIE 2000a, p.6). It is reported that only 6 per cent of the total adult Australian population or 13 per cent of Australian adults accessing the Internet actually order or purchase goods or services via that medium (NOIE 2000a, p.6). Recently, it has been reported that converting e-mail users into e-tail shoppers on the Internet is the key to taking e-commerce in Australia to the next stage of development (Van Dijk 2000a). In developing a sound strategy, there is a clear need to avoid duplication of effort and to build upon, and leverage off, the important work already undertaken by such bodies as AGEC, the ACCP, the ABCI's National Fraud Desk (NFD), the NII initiative, and key multilateral organisations. Grabosky states that the most strategically advantageous approaches to computer crime will be concerned with the reduction of opportunities (eg. through the use of technologies) and the enhancement of guardianship (or `minding one's own store'). Clearly, while an adequate law enforcement response capacity must be maintained, the main thrust of any law enforcement strategy for dealing with electronic crime must be one of prevention. There will therefore be a clear role for well developed social controls (such as the development of `cyber' ethics), responsible risk management by big business and well established information security systems and procedures. In summary, the scoping paper outlines the importance of issues fundamental to strategy development, including: o prevention; o promoting of private sector leadership; o effective strategic partnerships between policing and the private sector on a range of issues, including the development of a regulatory framework, skills acquisition and development, and the reporting of crime; o the capacity and capability within policing to respond effectively to instances of electronic crime, including the establishment of a national computing forensic capability; o the timely exchange of tactical and strategic intelligence and information between law enforcement and the wider community and early alert/warning mechanisms; o ongoing law reform at jurisdictional, national and international levels; o monitoring of the privacy issue; o the development of good cybercitizens; and o the fostering of an unprecedented level of Australasian and international coordination and cooperation. The strategy will have to target a wide range of offenders from the recreational hacker (who may well be a juvenile), to those interested in financial gain, paedophilia, organised crime, terrorism and the theft of foreign intelligence. It must deal with the large scale victimisation made possible by global connectivity and the speed of transactions or transmissions. To ensure a comprehensive and coordinated approach to this complex and multidimensional situation, it will be essential to engage our key law enforcement partners, including the NCA, ACS, ASIC, ACCC, AUSTRAC and the Commonwealth Attorney-General's Department, in developing the strategy and implementing the proposed workplan. It may also be necessary to liaise more closely with defence and intelligence agencies to determine what assistance may be able to be provided to law enforcement, as permitted by relevant legislation. It will also be necessary to consult widely and market the value of any strategy to various sectors identified in the project's terms of reference. It has not been possible to clearly define the nature of the electronic crime problem due to its dynamic and evolving nature and the difficulties in detecting some criminal behaviour, significant under-reporting (particularly by big business) and the lack of any meaningful statistics on the nature and incidence of electronic crime, particularly within the community. Any future strategy must include measures to address this lack of information. With the growth of the Internet and electronic commerce, the potential for huge increases in crimes of acquisition, including fraud, is very real. Organised crime has the potential to exploit gaps in the current policing and law enforcement response in order to conduct illegal business and to successfully launder the proceeds of crime. Electronic crime presents as one of the most significant challenges law enforcement has ever faced. As indicated in the report, the challenges of the digital age are numerous and diverse and include: o bridging multijurisdictional boundaries; o retaining and preserving evidence; o acquiring appropriate powers; o decoding encryption; o proving identity; o knowing where to look for evidence; o tackling the tools of crime and developing tools to counter crime; o rethinking the costs and priorities of investigation; o responding to crime in real time; o coordinating investigative activities; o improving training at all levels of the organisation; o developing strategic partnerships and alliances; o improving the reporting of electronic crime; o enhancing the exchange of information and intelligence; o acquiring, developing and retaining specialist staff; and o avoiding `tech-lag'. One of the major policy issues which will face Governments is how to deal with the anonymity and untraceability aspects of the Internet. In the interim, it will be essential for law enforcement to liaise with Internet service providers (ISPs) to develop protocols to ensure the necessary retention and preservation of relevant data. The legal issue of jurisdiction and the need for unprecedented coordination and cooperation across the globe will clearly test Australasian law enforcement, as will the need for real time assistance and on-line investigation. Encryption is also an issue which needs to be addressed. Law reform will be a critical aspect of the action that will be needed to ensure that policing is positioned to deal with electronic crime. It is necessary to take steps now to ensure that law enforcement will be able to respond appropriately to the various manifestations of this ubiquitous and challenging crime. This is particularly so in light of the lead up time that is required to ensure funding, establish necessary infrastructure and achieve significant legislative reform. There is much to be done if Australasia's state of readiness is compared with that of the US or even the UK. The US Electronic Frontier Report (WGUCI 2000, p.vii) noted that the needs and challenges facing law enforcement in relation to electronic crime are "neither trivial nor theoretical". In Australia, it has also been found that the potential threat to the NII is real and growing (A-G's 1998, p.11). Recent incidents such as the denial-of-service attacks earlier this year and the Love Bug virus have demonstrated that significant vulnerabilities exist on a global scale. This early warning sign should not be ignored, particularly as advice is to the effect that the trend is away from Love Bug type variants to "a more targeted and deadly realm of destruction" and "more specific and sophisticated attacks" (Van Dijk 2000c, p.6). In addition, it has been suggested that the threat of the lone computer hacker is giving way to the more alarming trend of `hacker collectives' and the advent of organised cyber-insurgency (James & Cooper 2000, p.52). As indicated in the paper, one collective, `LOpht', testified before a US Congressional investigation that they could halt all Internet activity within 30 minutes (James & Cooper 2000, p.53). It would indeed be dangerous to ignore these telling warnings. It is also becoming evident that more structured, high level coordination is required on the e-crime issue at the national/Australasian level. No one agency or body seems to be responsible for pulling together the various threads of the issue and developing a strategic or holistic response. Law enforcement should not have to wait for the next global IT `disaster' to get the attention of governments. It must be recognised that technology is becoming pervasive and that computers and the Internet will increasingly feature in many of the more traditional, `local', but serious, crimes. It will therefore become essential for all police officers to have a good understanding of such technology and to be able to undertake basic search and seizure techniques involving computers which will meet evidentiary standards. The potential financial, economic and social costs of electronic crime are enormous. While gearing up to respond to global e-crime and its unique challenges will be an expensive endeavour, such efforts will be essential if we are to reap the substantial social and economic benefits of electronic commerce and the virtual world. This scoping paper provides an important and comprehensive basis for critical analysis and the development of an effective and sound law enforcement strategy for dealing with electronic crime. The next stage, analysis, will identify first priority matters, gaps and vulnerabilities that must be addressed by any strategy if law enforcement is to meet the challenges of the `virtual horizon'. The working party will now move quickly to formulate a draft electronic crime strategy which addresses the many issues identified in this paper. References For more information about the references in this extract please refer to the complete scoping paper prepared as the Australasian Center for Policing Research report No. 131.4 ; The Virtual Horizon: Meeting the Law Enforcement Challenge, Developing an Australasian Law enforcement strategy for dealing with electronic crime.