Cyber crime fighters 

By Dawn Wiseman

Mourad Debbabi is Vice-President of the new Canadian National Cyber Forensics Training Alliance. Magnifying glass

Mourad Debbabi is Vice-President of the new Canadian National Cyber Forensics Training Alliance.

In the spring of 2007, the government of Estonia, a small independent Baltic state and former Soviet republic, made the decision to remove a Soviet war memorial from the city of Tallinn. The Russian government expressed its disapproval of the action.

Shortly thereafter, Estonia’s national IT network was subject to a cyber attack so intense and prolonged that it impacted the government’s ability to function. Web sites and servers of banks, broadcasters, newspapers and telecoms were also assaulted. The situation was so dire, that – after three weeks – NATO experts were called in to help.

While this type of cyber warfare is the extreme of cyber crime, there is no doubt that as people, business and the public sector have increased their online presence, so have criminals.

Over a year ago, Mourad Debbabi (Concordia Institute for Information Systems Engineering and Concordia University Research Chair Tier I in Information Systems Security) was invited to a meeting that included Canadian law enforcement officials, as well representatives of the banking, telecommunications, financial and public sectors.

“I was the only academic present,” he said.

The purpose of the meeting was to develop a national organisation to fight cyber crime. One of the speakers, an agent from the FBI, described a relatively new organization in the US called the National Cyber Forensics Training Alliance (NCFTA).

The NCFTA is neutral collaborative venue where critical confidential information about cyber incidents can be shared discreetly among industry, academia and law enforcement. The Alliance facilitates advanced training, promotes security awareness to reduce cyber-vulnerability, and conducts research in cyber forensics.

At the end of the meeting, participants asked themselves if such an organization was required in Canada.

“The answer was a resounding, unanimous yes,” said Debbabi.

NCFTA Canada was formally launched in July 2008 with Concordia as its primary host. While the legalities of the collaborative effort are still in negotiation among the partners - which include Bell Canada, the Competition Bureau of Canada, Rogers Communications, and Microsoft Canada - technical operations are starting this fall.

Debbabi, whose research focuses on cyber forensics, explained that the mandate of the organization is quite broad.

“Cyber crime includes any criminal activity where computers or computer systems are either the tool or the target - child porn and exploitation, identity theft, hacking, fraud, and any kind illegal digital transaction.”

Partners will target reductions in and improved defense against activities such as SPAMming, phishing and denial of service attacks like those launched against organizations such as the Church of Scientology earlier this year.

Debbabi underlined that these types of attacks account for billions of lost dollars and uncountable hours of lost productivity each year.

He is currently serving as NCFTA Canada’s Vice-President and a member of the Board of Directors, where his role is to, “ oversee establishment of the organization, its operation and management, and student and research project supervision.”

He is pleased Concordia was chosen as the host institution because, “we have the largest concentration of researchers focused on IT Security and cyber forensics in Canada.”

CIISE offers a master’s degree in the area, which currently has more than 150 students.

Debbabi believes the partnership created through NCTFA will expand students’ access to real world training opportunities and industry’s access to emerging means of dealing with threats.

“As a researcher, I know when I give a forensic toolkit to cyber investigators for testing and evaluation, I will receive significant feedback which will help in the development of better tools. NCFTA Canada is really all about increasing our efficiency at fighting cyber crime. Alone, none of us can achieve much, together we are very much better.”

 

Concordia University