back to article Five Eyes alliance’s top cop says techies are the future of law enforcement

Australian Federal Police (AFP) commissioner Reece Kershaw has accused un-named nations of helping organized criminals to use technology to commit and launder the proceeds of crime, and called for international collaboration to developer technologies that counter the threats that behaviour creates. Kershaw’s remarks were made …

  1. KittenHuffer Silver badge
    Big Brother

    Quis custodiet ipsos custodes?

    Next thing you know he'll be asking us techies to write breakable encryption so they can watch everything that everyone is doing.

  2. Pascal Monett Silver badge
    Windows

    "the psychological effect we have on organized crime"

    I'm sure Russian/Chinese/Nork hackers are quaking in their boots.

    It's so nice to be able to officially pat yourself on the back like that.

  3. Pete 2 Silver badge

    working both sides

    > Criminals have weaponized technology ...

    > our innovators and our tech pioneers – are among the future of law enforcement.

    So which side will win? I reckon it will be whoever offers the best incentives. Although those incentives could include not going to jail. Something that might be more or less appealing depending on which country a person is in (or could be extradited from) and whether that country takes a cut of the profits.

    1. Anonymous Coward
      Anonymous Coward

      Re: working both sides

      I can tell who loses: we, the common people.

      The ammounts of attacks that are going on would amaze people not in the know. It did keep me fed while working for a network security company.. but it is just sad.

      Essentially we allow in the internet organized groups tk say "nice shop/whatever you have here", no consequence. And 5 eyes and others allow this because they like the noise so they can do their business. Appalling, and they are all criminals to me.

      Sadly, the only practical solution is deep packet inspection,proper ipv6 and provenance analysis plus heavy penalties

  4. Potemkine! Silver badge

    Who will protect us against the Five Eyes Alliance, which is spying enemies and allies alike?

  5. Anonymous Coward
    Anonymous Coward

    Yup.....More Misinformation....from Reece Kershaw!!

    Quote (Reece Kershaw): "....those with extremists’ views are using the pandemic to ... spread their misinformation...."

    Yup....he should know......all of his "five eyes" posture counts as misinformation.....

    Quote (Reece Kershaw): "...innovation needed to identify and disrupt offenders...."

    Yup....he's right about that......notably the technologists in Fort Meade, Cheltenham and elsewhere...see Edward Snowden for details!

    Despite the continual posturing....THERE ARE NO "GOOD GUYS".....

  6. Anonymous Coward
    Anonymous Coward

    Ambrose Bierce had something to say....

    ....a reminder to Reece Kershaw from a hundred years ago in "The Devil's Dictionary"........

    peace, noun: A period of cheating between two periods of fighting

    Oh.....and there's William Burroughs with his two cents............."The paranoid is a person who knows a little of what is going on".

    Who'd have thunk it?.....useful wisdom in 2022 from Ambrose Bierce and William Burroughs......

  7. VoiceOfTruth

    Big words from Australia

    A country built on stolen land massacres of the indigenous people.

    1. Little Mouse Silver badge

      Re: Big words from Australia

      Pick a country. Any country...

  8. tiggity Silver badge

    sigh

    "Some nations also allow the manufacture of chemicals used to create drugs."

    Personally I'm quite glad that drugs can be manufactured, antibiotics potentially saved my life in the past...

    Seriously, I get really irritated when people say drugs when they mean "drugs we have outlawed" (additionally drug rules vary across countries, and in some cases across states, and additionally many countries sign up to various global anti drug agreements but in reality often turn a blind eye, e.g. opium production & export (used to make heroin) in Afghanistan - the Taliban periodically make a big thing of outlawing it, but when their cash gets low happily turn a blind eye to opium (& cannabis) exports as a nice source of income)

    .. as for illegal drug precursors, banning them is pointless, yes there are some compounds that have few other obvious uses other than making some illegal drugs, but most chemicals have many uses, and banning compounds that are only really used to make illegal drugs just adds a few more steps / complexity / expense to the process*

    *Never made any illegal drugs, but did work in a lab when doing a biochemistry PhD (if we needed controlled substances for our work we applied for a licence), a long time ago before switch to IT. Obviously in lab work, most of the stuff you need you just buy from chemical suppliers (only made your own if something obscure that was not readily available or costs were too exorbitant) - but people wit chemical training (or prepared to read up enough) could make a range of "illegal drugs" relatively easily (in many cases the most hassle would be some of the equipment you would like to use but would be a fool to - sensible illicit drug manufacture "klaxons" operated by govt agencies should also be equipment based, not just precursor based as lots of kit that would make the production process easier / safer / faster / more reliable / better quality would raise the question of what on earth does AN Other want with that.

  9. Little Mouse Silver badge

    "...the Five Eyes is watching."

    ...or is they?

  10. Anonymous Coward
    Anonymous Coward

    Criminals have [...] become ruthlessly efficient ...

    “Criminals have [...] become ruthlessly efficient ..."

    They probably haven't. They're probably just *more* efficient - and quicker moving - than your every-day, average law-enforcement organisation. A snail appears to be a mobility expert to a rock.

    A/C

  11. Anonymous Coward
    Anonymous Coward

    London *is* the "Blind" Eye when it comes to money laundering...

    > "un-named nations know that their lack of financial regulations enable organized crime to launder money."

    Why "un-named"? Would it be because that list includes- or should include- at least one "Five Eyes" member?

    Namely the United Kingdom, where (e.g.) the London property market has been pumped full of money from Russian oligarchs and other dubious sources, where the City of London is well-known for being happy to not look to closely at where its money is coming from, where (Westminster-controlled) Scottish Limited Partnerships embarrass those of us here by association with their obvious misuse in corruption and laundering.

    Where the UK government- or rather, the Tory party that runs it- has been happy to do the easy work of "cracking down" on Russia in a superficial way and sending arms to Ukraine (the latter of which I have no problem with in itself, quite the opposite) but still oddly slow in moving to shut these loopholes that would affect the Russian investments and money they themselves have ultimately benefitted from?

    Yeah, doesn't count if it's one of your own "Eyes", does it?

  12. amanfromMars 1 Silver badge

    Beware the Traps that Snare the Unworthy and Dispense Rough Justice to the Unwary.

    “And let’s not discount the psychological effect we have on organized crime when they know the Five Eyes is watching.”

    And what, apart from them not knowing what to do for the best because of the lack of necessary knowledge to address the intelligence deficit they suffer, does the Five Eyes watching without engagement tell techies being watched who know they are being watched whilst doing what they do?

    One doesn't have to be an Einstein or a Sherlock to know when something one might be doing is bound to attract attention from phishers hoping to steal away one's secrets and earn a feather in their crooked cap which can also feather their nests ..... and how much it really be worth whenever warranting such attention.

    Whenever not illegal or criminal activity, is such surveillance easily perverted and converted and subverted to server undue personal reward via the technical/virtual/industrial espionage/proprietary intellectual property theft route.

  13. Bitsminer Bronze badge

    Elephant in the room

    The FELEG is not paying attention, or demanding attention to, a very big policy concern.

    Intelligence gathering is not often done with a view to prosecution, in fact the standards of "truth" are often quite different. This is called the "intelligence to evidence" problem. It is quite well known in certain circles in Canada where for example a Russian spy couldn't be arrested or prosecuted because the intelligence people wouldn't allow disclosure in open court of their means and methods.

    In the end the FBI was tapped to disclose the existence of the spy for criminal prosecution by RCMP.

    In western societies with open court systems (excluding USA of course, hello FISA) there are often constitutional barriers to constructing a justice system that can prosecute spies and use the evidence against them without disclosing the means used to discover them.

    He can complain all he wants about bad actors but unless he and his FELEG counterparts have the tools to prosecute then he is whistling in the wind.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

  • LGBTQ+ folks warned of dating app extortion scams
    Uncle Sam tells of crooks exploiting Pride Month

    The FTC is warning members of the LGBTQ+ community about online extortion via dating apps such as Grindr and Feeld.

    According to the American watchdog, a common scam involves a fraudster posing as a potential romantic partner on one of the apps. The cybercriminal sends explicit of a stranger photos while posing as them, and asks for similar ones in return from the mark. If the victim sends photos, the extortionist demands a payment – usually in the form of gift cards – or threatens to share the photos on the chat to the victim's family members, friends, or employer.

    Such sextortion scams have been going on for years in one form or another, even attempting to hit Reg hacks, and has led to suicides.

    Continue reading
  • FBI warning: Crooks are using deepfake videos in interviews for remote gigs
    Yes. Of course I human. Why asking? Also, when you give passwords to database?

    The US FBI issued a warning on Tuesday that it was has received increasing numbers of complaints relating to the use of deepfake videos during interviews for tech jobs that involve access to sensitive systems and information.

    The deepfake videos include a video image or recording convincingly manipulated to misrepresent someone as the "applicant" for jobs that can be performed remotely. The Bureau reports the scam has been tried on jobs for developers, "database, and software-related job functions". Some of the targeted jobs required access to customers' personal information, financial data, large databases and/or proprietary information.

    "In these interviews, the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking. At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually," said the FBI in a public service announcement.

    Continue reading
  • Samsung fined $14 million for misleading smartphone water resistance claims
    Promoted phones as ready for a dunking – forgot to mention known problems with subsequent recharges

    Australia’s Competition and Consumer Commission has fined Samsung Electronics AU$14 million ($9.6 million) for making for misleading water resistance claims about 3.1 million smartphones.

    The Commission (ACCC) says that between 2016 and 2018 Samsung advertised its Galaxy S7, S7 Edge, A5, A7, S8, S8 Plus and Note 8 smartphones as capable of surviving short submersions in the sea or fresh water.

    As it happens The Register attended the Australian launch of the Note 8 and watched on in wonder as it survived a brief dunking and bubbles appeared to emerge from within the device. Your correspondent recalls Samsung claiming that the waterproofing reflected the aim of designing a phone that could handle Australia's outdoors lifestyle.

    Continue reading
  • Man gets two years in prison for selling 200,000 DDoS hits
    Over 2,000 customers with malice on their minds

    A 33-year-old Illinois man has been sentenced to two years in prison for running websites that paying customers used to launch more than 200,000 distributed denial-of-services (DDoS) attacks.

    A US California Central District jury found the Prairie State's Matthew Gatrel guilty of one count each of conspiracy to commit wire fraud, unauthorized impairment of a protected computer and conspiracy to commit unauthorized impairment of a protected computer. He was initially charged in 2018 after the Feds shut down 15 websites offering DDoS for hire.

    Gatrel, was convicted of owning and operating two websites – DownThem.org and AmpNode.com – that sold DDoS attacks. The FBI said that DownThem sold subscriptions that allowed the more than 2,000 customers to run the attacks while AmpNode provided customers with the server hosting. AmpNode spoofed servers that could be pre-configured with DDoS attack scripts and attack amplifiers to launch simultaneous attacks on victims.

    Continue reading
  • Former chip research professor jailed for not disclosing Chinese patents
    This is how Beijing illegally accesses US tech, say Feds

    The former director of the University of Arkansas’ High Density Electronics Center, a research facility that specialises in electronic packaging and multichip technology, has been jailed for a year for failing to disclose Chinese patents for his inventions.

    Professor Simon Saw-Teong Ang was in 2020 indicted for wire fraud and passport fraud, with the charges arising from what the US Department of Justice described as a failure to disclose “ties to companies and institutions in China” to the University of Arkansas or to the US government agencies for which the High Density Electronics Center conducted research under contract.

    At the time of the indictment, then assistant attorney general for national security John C. Demers described Ang’s actions as “a hallmark of the China’s targeting of research and academic collaborations within the United States in order to obtain U.S. technology illegally.” The DoJ statement about the indictment said Ang’s actions had negatively impacted NASA and the US Air Force.

    Continue reading
  • Beijing-backed baddies target unpatched networking kit to attack telcos
    NSA, FBI and CISA issue joint advisory that suggests China hardly has to work for this – flaws revealed in 2017 are among their entry points

    State-sponsored Chinese attackers are actively exploiting old vulnerabilities to "establish a broad network of compromised infrastructure" then using it to attack telcos and network services providers.

    So say the United States National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI), which took the unusual step of issuing a joint advisory that warns allied governments, critical infrastructure operators, and private industry organizations to hurry up and fix their IT estates.

    The advisory states that network devices are the target of this campaign and lists 16 flaws – some dating back to 2017 and none more recent than April 2021 – that the three agencies rate as the most frequently exploited.

    Continue reading
  • Police lab wants your happy childhood pictures to train AI to detect child abuse
    Like the Hotdog, Not Hotdog app but more Kidnapped, Not Kidnapped

    Updated Australia's federal police and Monash University are asking netizens to send in snaps of their younger selves to train a machine-learning algorithm to spot child abuse in photographs.

    Researchers are looking to collect images of people aged 17 and under in safe scenarios; they don't want any nudity, even if it's a relatively innocuous picture like a child taking a bath. The crowdsourcing campaign, dubbed My Pictures Matter, is open to those aged 18 and above, who can consent to having their photographs be used for research purposes.

    All the images will be amassed into a dataset managed by Monash academics in an attempt to train an AI model to tell the difference between a minor in a normal environment and an exploitative, unsafe situation. The software could, in theory, help law enforcement better automatically and rapidly pinpoint child sex abuse material (aka CSAM) in among thousands upon thousands of photographs under investigation, avoiding having human analysts inspect every single snap.

    Continue reading
  • FBI, CISA: Don't get caught in Karakurt's extortion web
    Is this gang some sort of Conti side hustle? The answer may be yes

    The Feds have warned organizations about a lesser-known extortion gang Karakurt, which demands ransoms as high as $13 million and, some cybersecurity folks say, may be linked to the notorious Conti crew.

    In a joint advisory [PDF] this week, the FBI, CISA and US Treasury Department outlined technical details about how Karakurt operates, along with actions to take, indicators of compromise, and sample ransom notes. Here's a snippet:

    Continue reading
  • Australian digital driving licenses can be defaced in minutes
    Brute force attack leaves the license wide open for undetectable alteration, but back end data remains unchanged

    An Australian digital driver's license (DDL) implementation that officials claimed is more secure than a physical license has been shown to easily defaced, but authorities insist the credential remains secure.

    New South Wales, Australia's most populous state, launched its DDL program in 2019, and as of 2021 officials there said that slightly more than half of the state's eight million people use the "Service NSW" app that displays the DDL and offers access to many other government services.

    Now, a security researcher at cybersecurity company Dvuln claims he was able to brute force his way into the app with nothing but a Python script and a consumer laptop. Once inside, he found numerous security flaws that made it simple to alter the DDL stored in the app. 

    Continue reading
  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading

Biting the hand that feeds IT © 1998–2022