High-Tech Crime Countermeasures Ko IKAI High-Tech Crime Technology Division National Police Agency, JAPAN
Agenda State of High-Tech Crime Countermeasures Framework Facilities and Equipment Human Resources Training Challenges
State of High-Tech Crime
Basic Statistics 56,453,000(44% of whole nation) use Internet in Japan 15,962,000 use broadband connection 48% of households have Internet connection (except by cell phones) Estimation on Feb. 30, 2003, Internet White Paper 2003 (Internet Association Japan)
Intrusive Activities Detected by 57 IDS installed in police organizations
Breakdown of Intrusive Activities
Complaints
Breakdown of Complaints
Arrests
Breakdown of Arrests
Countermeasures Framework Facilities and Equipment Human Resources Training
Framework
Police System in Japan National Police Agency(NPA) National governmental organization Duty: supervision and planning related to national law and budget Prefectural Police Forces(PPF) Local governmental organization Duty: actual police operation
National Efforts High-Tech Crime Technology Division (HTCTD) since 1999 Unauthorized Computer Access Law Official notice of high-tech crime countermeasures to PPFs Official notice of cyber-terror countermeasures to PPFs Subsidy for PPFs
National Center of Computer Forensics(NCCF) Part of HTCTD Technical core of high-tech crime countermeasures Dealing with extremely difficult evidences
Cyber Force Center(CFC) Part of HTCTD Established in 2001 Focusing on protection against cyber attacks to critical infrastructure entities 24/7/365 watch and warning Information hub for computer network security
Local Efforts Establishment of High-Tech Crime Task Forces(HTCTF) High-tech crime reporting point Establishment of Cyber-Terror Task Forces Employment of people with IT skills as special investigators or IT security advisors
Facilities and Equipment
Cost Overview NCCF Initial: 15.3 million USD Maintenance: 1 million USD CFC Initial: 53.5 million USD Maintenance: 13 million USD (1 USD = 120 JPY)
Facilities NCCF National-owned building 5 floors, 1500 sq. meters (approx sq. feet) CFC Private-owned building (rented) 8 floors, 4500 sq. meters
Equipments in NCCF Massive log analysis system Password analysis system Credit card analysis system Virtual Internet environment X-ray inspection system Clean room Various softwares Honey pot
Equipments in CFC 24/7/365 watch and warning center Honey pot Distributed IDS R&D environment Simulation environment Training environment
Equipments in HTCTD HQ WWW server Cybercrime Technical Information Network System(CTINS) Purpose: information sharing among 10 cybercrime law enforcement units in Asia China; Hong Kong, China; India; Indonesia; Korea; Malaysia; Philippines; Singapore; Thai; and Japan
Human Resources
Wanted People NCCF People with EXTREME expertise on computer forensics CFC People with computer/network security expertise Dynamic employment is difficult in Japan
Base of Human Resources 4,000 info-communication specialists inside police organization They have built and maintained police communication infrastructure for 49 years It WAS able to pick-up necessary talent
People from Private Sector Contractor Maintainer of equipments R&D staffs Hiring Some local HTCTFs hires experts as special investigator or IT security advisor
Current State NCCF 12 officials (forensic experts) 5 contractors (experiment staffs) CFC 18 officials (computer/network security specialists) 10 contractors (R&D staffs) HTCTD HQ 18 officials (chief and administrative staffs)
Training
Training program National Police Academy High-tech crime technology course Cyber-terror technology course Training program by private sector Specially designed by various venders International conference OJT in foreign law enforcements FBI, Secret Service, NHTCU(UK)
Challenges Company secrets Dominant system vendor Cell phone vender Personnel circulation Co-ordination with security community FIRST, National CERT, NIRT
Questions?
Thank you! Contact: Ko Ikai, Toshihiko Kamon,