Police looking to bolster cybercrime investigation capabilities
The Singapore Police Force this month called for tenders relating to cybercrime training, particularly in investigation techniques and handling computer evidence.
The picture painted by cybersecurity experts is sobering: a sharp growth in banking malware, more malicious mobile apps and more data breaches resulting in more than 552 million identities exposed last year.
Auction site eBay last week announced a major network security breach involving customer data. In Singapore, several cyberattacks including the defacement of the Istana and Ang Mo Kio Town Council websites were recorded last year, with arrests made.
Amid this landscape, the Singapore Police Force (SPF) this month called for tenders to provide anti-cybercrime training to cover “proper” investigation techniques and to illustrate the process of locating, handling and processing computer evidence.
Most modern crimes today involve technology, be it to facilitate crime, as a “witness” to crime, as a communication tool or as a target of criminal activity, the tender noted.
Despite SPF data showing a drop in cases recorded under the Computer Misuse Act from 271 in 2010 to 198 in 2011 and 195 in 2012 – the Act was renamed the Computer Misuse and Cybersecurity Act last year but no 2013 figures are available – cybersecurity experts said online crime is becoming increasingly complex.
It has become a fully developed market economy aided by hackers using virtual currencies and private forums that mask their identities, a recent report sponsored by network innovation service provider Juniper Networks showed.
Symantec’s latest Internet Security Threat Report noted a 62 per cent increase in the number of data breaches last year from the previous year, resulting in more than 552 million identities exposed.
Common cybercrime activities include social media scams, mobile cybercrime such as malicious apps, and cyber harassment, said Mr Ng Kai Koon, Symantec’s director of government affairs (Asia-Pacific and Japan).
The volume of online banking malware grew significantly last year and cybercriminals are targeting entities not commonly considered attack targets such as Bitcoin exchanges and point-of-sale terminals, said Trend Micro Singapore country manager David Siah.
The tender put out by the SPF closed last Thursday (May 22). It showed that the force wants law enforcement officers to be able to trace and monitor social media postings and content for investigation, learn hackers’ tricks to nail them, secure electronic evidence and carry out computer forensics analyses for criminal proceedings.
TODAY understands this is not the first time computer crime training is to be conducted by a third party.
But Symantec’s Ng said it is important that cybercrime training not be a one-off exercise, even for individual officers.
It is also “useful to expand some form of cyber awareness training to all officers, so that when they respond to an incident, the officers are aware of the necessary actions to preserve the digital and forensic evidence”.
Nevertheless, with the potential for cybercriminals to operate in one country, using systems hosted in another country to target victims in a third country, investigations could require much coordination among law enforcement agencies and are often difficult, said Mr Ng.