From: InfoSec News (isnc4i.org)
Date: Fri Jul 27 2001 - 04:18:25 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.smh.com.au/news/0107/27/biztech/biztech16.html

By Kirsty Needham
Friday, July 27, 2001

The hacker group 2600 has told a Senate committee the Federal
Government's proposed Cybercrime Bill will fail to achieve the desired
result and Australia would be better off to provide computer training
to police officers.

The Cybercrime Bill was introduced to Parliament last month and
intends to cover new crimes such as hacking, denial-of-service
attacks, the spreading of computer viruses and Web site vandalism. But
2600 said it would also threaten people who discovered computer
security risks with prosecution.

The local chapter of 2600, which describes itself as a collection of
people interested in technology security but is best known as part of
an international hacker group, wrote in its submission that it was
common for so-called "ethical hackers" to identify and inform the
public about major security faults. It gave the example of a hacking
vulnerability in the password software used by Internet Service
Providers. Another would be a man's claims on radio last week that the
Commonwealth Bank's Internet banking system was insecure.

The Australian Computer Society has also raised concerns about the
Bill, which it says confers broad powers on ASIO and potentially makes
criminal offences of innocuous computer activities.

2600 said another approach would be to shake off what it said was
Australia's apathy towards computer security and provide IT training
to police officers to investigate crimes when they occurred.

"It might sound a little odd coming from us. But we think the more
people know about IT, they then might understand we are not always the
bad guys," said 2600 spokesman Mr Grant Bayley.

Debate on the Bill comes as Australia experiences a rise in computer
crime and State and Federal police forces continue to face an IT
"brain drain".

The executive officer of the Australian Centre for Policing Research,
and chair of an Interpol working party on IT crime, Mr Des Berwick,
said there were about 40 trained computer crime officers across
Australia, "depending on how the poaching is going".

An APCR report found that, on average, one-third of these officers
resign each year, many to join private consultancies where their
combination of IT and policing skills are highly prized.

Mr Berwick said there was a pressing need for Australia's police
forces to increase the pool of computer crime experts to the
"hundreds".

However, a major project initiated three years ago to train police
officers in computing skills is yet to be endorsed by police
commanders or receive a budget.

In the meantime, some investigations are being outsourced to the
private sector, raising issues of confidentiality.

"The NSW Police Service is using external computer forensic
consultants to meet the ever-increasing demand for computer forensic
and investigation services," said Inspector Brad Shepherd of the NSW
Police.

"The response time, cost, confidentiality and legality of external
consultants are factors always under consideration."

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoattrition.org with 'unsubscribe isn' in the BODY
of the mail.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]