Mike Alcorn presentation

YOURLOGO

U.S. Department of StateBureau of Diplomatic Security

Office of Antiterrorism Assistance Program

Michael C. Alcorn – Cyber Training Program Manager

Office of Antiterrorism Assistance2

DS/ATA

Created by U.S. Congress in 1983

Provide antiterroism assistance to strengthen bilateral ties between U.S. and foreign allies.

Provide training and equipment to deter terrorism.

Trained over 57,000 people from 151 countries since 1984

Implemented by the Bureau of Diplomatic Security

Operates through U.S. Embassies


Border Control Management

Critical Incident Management

Senior Crisis Management Combatting Domestic and

Transnational Terrorism Executive Seminar on

Digital Investigations

Major Case Management Terrorist Crime Scene

Investigations Fraudulent Travel

Documents Intro to Digital Forensics

and Investigations Investigative Information

Management

Explosive Incident Countermeasures

Canine Explosive Detector Course

Crisis Response Team Training

Weapons of Mass Destruction

Response

Course Offerings

Management Investigations

4 Office of Antiterrorism Assistance

Enter your own text hereATA Cyber Training Program


ATA Cyber Training Mission

Provide skills-based investigative, policy, IT security training and equipment to partner nations that culminates in a tangible and long-term increase in their ability to mitigate cyber threats from terrorists and criminals.


JordanThailandKenyaTurkeyKazakhstanMoroccoTrinidadColombia

SenegalUganda

EgyptIndonesiaMalaysia

IndiaPakistanGeorgia


ATA Cyber Training Timeline

Program started with single cyber terrorism overview course.

Equipment grants and capacity building became the norm.

Regional information sharing and terrorist use of the internet conferences began.

Program shifted to become more hands-on in nature.

Cellular forensics, Internet and audio/video forensics courses developed.


Create and enhance awareness among top level government and law enforcement executives.

Provide expertise in the prosecution of cyber crime.

Promote regional and global information exchange and collaboration.

Provide first responder and incident response training.

Provide guidance on basic investigative skills and evidence preservation.

Progress country from basic to advanced computer forensics.

Establish professional networking among international peers.

Assist with staffing, training, and operating procedures.

Nexus between CERTS and law enforcement.

Provide fundamental IT Administrative and network security training.

IT Security

Three Areas of Focus

Law EnforcementExecutive and Policy Level


Conduct cyber assessments and establish relatinships. Establish senior level awareness and buy-in to broad training strategic plan.

Deliver courses related to basic evidence recognition and seizure. Establish train-the-trainer program.

Provide enabling equipment grant - operationalize

Provide basic, intermediate and advanced technical skills – Hands-on forensics, investigative skills, network security.

Cyber unit management training.

Provide prosecutorial training. Professional networking and regional integration.

ATA Cyber Training Process

Step 4

Step 3

Step 2

Step 1




Executive Seminar on Digital Investigations and Security

Cyber Awareness Seminar for Prosecutors

Regional Conference Terrorist Use of the Internet

Cyber Unit Management Consultation – Washington D.C.

Identification and Seizure of Digital Evidence

Introduction to Digital Forensics and Investigations

Proactive Internet Investigations Course

Cellular Communication Forensic Consultation

Digital Forensic Grant and Consultation

Advanced Digital Forensic Consultation

Cyber Unit Management Consultation

Encase and FTK training and certification courses

Audio/Video Forensics Consultation

Fundamentals of Network Security

Information Security Technology Consultation

CERT and Law Enforcement Forum

IT Security

ATA Cyber Courses

Law EnforcementExecutive and Policy Level


Regional Conference on Terrorist Use of the Internet

Three-Day Event – Senior Law Enforcement, Legislators, and Government Officials

Create and foster regional relationships among the participating countries.

Emphasize the importance of regional and eventual global multilateral collaboration in combating terrorist use of the Internet.

Suggest and discuss specific regional policies and strategies essential to disciplined information sharing, building of critical relationships, investigatory and prosecutorial cooperation and resource sharing.

Develop a useful, cost-effective model that can be replicated in other regions, and that can contribute to an eventual globally-connected network.

14

Sustainment

Establish productive and trusting relationships at all levels.

Provide channels of communication to key law enforcement and U.S. based corporations.

Provide organizational advice and global perspective on cyber issues.


Thank you!

U.S. Department of StateBureau of Diplomatic SecurityOffice of Antiterrorism Assistance

Michael C. AlcornCyber Training Program ManagerPhone: 1-571-236-3272Email: [email protected]

Contact

2230 Gallows RoadDunn Loring, Virginia 22027USA

CybercrimeA Global Overview of the Role of “Borderless Partnerships” in assisting Law Enforcement

and Public Safety efforts.

Since we are dealing with human beings-LET’S NOT

FORGET… The Seven Deadly sins of Anger, Greed,

Envy, Sloth, Pride, Gluttony and Lust all exist in the ‘online’ world and have been automated and magnified……basically the GLOBALIZATION OF CRIME over the Internet has occurred….and is accelerating.

There are almost no ‘new crimes’ under the sun….just new twists….like exploiting trust electronically…

Would YOU click on this email if it were sent to you from a “Trusted Source”-like your

lawyer?

If you did, your bank account details, then

your money, went on a world tour...all in 10 minutes.

Ghana

Ukraine

Seychelles

No Cyber crime law or extradition treaty for Cyber Crimes exists in many countries but GREAT Internet Connections and Electronic Funds Transfer networks are everywhere!

FBI Threat Focus Cell model used to leverage global co-

operation Largest computer intrusion threat to US

financial industry – past 21 months Financial Threat Focus Cell

– Pending cases: 390– Attempted losses: $220 million– Actual losses: $70 million

Trident BreACH – three prong approach - Virus/Malware creators - Malware exploiters / Core organizers - Money Mule organizations

Law Enforcement Response To Date:– United States: 92 charged and 39 arrested– United Kingdom: 20 arrested and 8 search warrants– Ukraine: 5 detained and 8 search warrants– A classic case of Global Co-Operation.

victims

mule organization

malware coder/malware exploiters

Global Reach of ACH Fraud

390$220M

$70M300+

3500+

Total FBI cases:Attempted loss:Actual loss:Victims:Mules:

Excellent Multi-Agency Partnerships IC3-www.ic3.gov-Internet Crime

Complaint Center, a collaboration between FBI, Bureau of Justice Assistance and the National White Collar Crime Center.

DHS-US Computer Emergency Response Team (US-CERT) and the G-First portal

FBI-Department of State Anti-Terrorism Assistance Cyber outreach and training initiatives globally.

U.S.S.S. Electronic Crimes Task Forces in 24 regions around the the U.S.

The worlds Electronic Economy and communications networks have become fully borderless.

….Yet all criminal and civil laws of every nation state are defined by national borders….

High Speed-High Bandwidth Internet connectivity is expanding rapidly to all corners of the earth.

Second and Third world nations have jumped past landlines and are installing 3G and 4G wireless networks-Africa is on the cusp of the Internet revolution….

Remember when Africa seemed really, really far

away….Don’t worry, Africa is coming to you

and can instantly be in your ‘electronic’ back yard…or living in your computer

at work or home.

African Undersea CablesLatest update: 17 Aug 2010

http://www.flickr.com/photos/shuttleworth/4900523615/

http://www.flickr.com/photos/shuttleworth/4900523615/

African FBI Legal Attaches

http://www.fbi.gov/contact/legat/africa.htm%235







How many FBI Agents do you think are posted on the entire African

Continent?? On a good day…maybe 20. Add to

that maybe another 10 Other U.S. Government Law Enforcement Agency personnel….to cover 56 countries in Africa.

Geography and mathematics alone dictate that ‘we’ must work closely with local law enforcement agencies and develop effective and efficient partnerships.

The Virtual Jihad: Terrorist Use of the Internet

Exploitation of Internet-Based Technologies

Why terrorists use the Internet Fast Easy access Broad audience Little or no regulation or censorship Rich multimedia environment Inexpensive Anonymous Internet is a battlefield in the Global War on

Terrorism

Internet tools and services enhance terrorist capabilities

Communication Command and control Propaganda and psychological warfare Radicalization and recruitment Training Operational planning Fundraising

Successful U.S. led Global Coordination efforts

The established group of 8 (G8)- 24 hour/7 day a week network contact list links national police agencies or Justice ministry officials-currently 54 countries out of 187 countries represented by Interpol actively participate.

DHS-USCERT has taken the lead in coordinating with over 20 national CERT’s globally to share actionable intelligence, threat vectors and mitigation strategies.

FBI has 62 Legal Attache offices worldwide, staffed with between 2 and 6 Agents. They are the liaisons for US and Interpol law enforcement requests. USSS has 17 offices overseas.

Americas

Asia

Eurasia

Europe

Middle East

American Law Enforcement and Public Safety authorities cannot succeed without the active support, cooperation and technical assistance of

other Law Enforcement Agencies around the world.