Cyberspace and the Police

1
Cyberspace and the Police

• Mamoru TAKAHASHI
• Head of Computer Forensic Center, Hi-tech Crime
  Technology Division
• National Police Agency, Japan

2
Security Measures by Government

• Basic IT Law (Jan. 2001)
• Electronic Government
• To be established by fiscal 2003
• IT Security Office at Cabinet Secretariat is in
  charge of Security Aspect
• Action Plan on Building Infrastructure to Counter
  Hackers and Other Cyber Threats (Jan. 21, 2000)
• Special Action Plan on Fighting Cyber-terrorism
  against Critical Infrastructure (Dec. 15, 2000)
• How Government and the Private Sector Can Work
  Together to Fight Cyber-terrorism (Oct. 2, 2001)

3
Guidelines for IT Security Policy

• Formulated in July 2000.
• Each ministry and agency in the government
  finished formulating its own policy by Dec. 2000.
• Contents
• Physical security
• Human security (Education, Training, Password
  management)
• Technical security
• Operation
• Security Practices had Reviewed by Nov. 2002

4
NIRTNational Incident Response Team

• Established in April 2002, to react cyber
  attacks against e-government.
• Its mission is to share information and make
  emergency responses to counter cyber terrorism
• against e-government.
• This is one of our projects to prepare for
  establishment of e-government.

5
NPA Organization for Technical Support to Cyber
Crime Investigations
6
Computer Forensics Center
7
Trends of Internet Usage in Japan

• Estimated 47.08 millions (2000), up 74 year over
  year.
• Estimated 87.2 millions (2005).
• Cf. Population
• 126.9 millions (2000)

8
Arrest Rate for Cyber Crime
9
A Pile of Hard Disks as Evidence
10
Framework Against Cyber Terrorism
11
Introduction Video
12
Intrusion Detection Network System

• Collects information real-time from police forces
  nationwide.
• Detects and analyzes incidents on the Internet.
• Shares the analysis with various organizations.
• Contact Point for other Organizations.
• 24/7 Monitoring

13
1st Quarterly Report

• 24/7 Cyber Force's watch activity
• watching cyber attack attempts to the police
  facilities nationwide
• Analysis of criminal and malicious activities on
  the Internet
• based on data of the second quarter of FY2002
• First analysis of this kind in Japan
• first ever analysis in Japan

14
Emanation Source
Emanation source does not necessarily mean that
the attacker(s) come from there.
15
Country Trend
Italy
US
Japan
China
Korea
0
10
20
30
40
50
60
70
80
90
100
Emanation source does not necessarily mean that
the attacker(s) come from there.
16
Number of Attack
17
Attack Method
18
Usage of the Analysis

• Public announcement
• raising public awareness of security by providing
  data through the Internet
• Strengthen relationship with critical
  infrastructure
• promoting anti-cyber terrorism efforts
• Strengthen international cooperation
• information sharing with foreign law enforcement
  agencies

19
Future Work

• Timely information provision
• Information provision through the NPA security
  portal site (to be operational in March 2003)
• Continuous research on analysis method
• Maximization of analysis value
• Promote information sharing among the industry,
  academia and the government (ex. Critical
  infrastructures, the Cabinet Secretariat,
  universities)

20
Conclusions

• Malicious Activities on the Net are Active
• Meaningful Analysis Method of Net Activities must
  be Devised
• Crucial for the Police to have Technical
  Capability to deal with Cyber Crime
• ?
• Closer Relationship between Government and
  Industry is Crucial
• Security Awareness is Necessary

21
Contact Information

• Mamoru Takahashi
• Head of Computer Forensic Center
• Hi-tech Crime Technology Division
• National Police Agency
• mtakahashi00_at_npa.go.jp