To serve and to protect: The OSCE trains the next generation of Ukraine’s cyber police
Cyber crime is one of the fastest developing threats to international security in the 21st century. The OSCE Project Co-ordinator is helping Ukraine to respond to and confront this security challenge by training and equipping the next generation of cyber police officers.
A day before his graduation in July 2016, 23-year-old cyber police recruit Dmytro takes a seat behind a desk in a new room of the Kharkiv National University of Internal Affairs, complete with state-of-the-art equipment provided by the OSCE Project Co-ordinator Ukraine and financed by the Canadian government.
“Our class was a great mixture of people,” says Dmytro, as he reflects on his recently completed training as a cyber police inspector. “Technical specialists worked closely together with lawyers like me. We learned a lot from each other.”
Dmytro’s future colleague Maryna, 26, worked in the banking sector from 2008 to 2015, before she decided to become a cyber police officer. “I was fairly familiar with the challenges of cybercrimes such as banking fraud, cash trapping and card reader fraud at ATMs,” Maryna says. “I wanted to see the other side of the business.”
Transforming Ukraine’s former paramilitary ‘militsiya’
Dmytro and Maryna were among 84 students to undergo the cyber police training organized by the OSCE Project Co-ordinator in Ukraine. The course is part of the OSCE-supported “Law on the National Police”, enacted in November 2015, on transforming the former Ukrainian paramilitary ‘militsiya’ into a professional police force in line with international best practices.
The OSCE Project Co-ordinator helped to organize the selection process of the cyber police recruits in 2015, and to develop a four-month, 760-hour, training curricula.
“As Ukraine moves into the new economy – with e-governance, e-banking and e-commerce – new types of crime will shadow this progress,” says Jeff Erlich, Senior Project Officer with the Project Co-ordinator, highlighting why his Office identified cyber crime as a key area for action. “Many of these crimes threaten people’s human rights and hurt their economic well-being. Some even threaten national and international security.”
Experts from the Ukrainian Interbank Payment Systems Members Association (EMA) were among those who were involved by the OSCE Project Co-ordinator Ukraine to provide trainees with professional guidance through interactive case studies. Through its assessment of data on nationwide cybercrime trends, EMA risk management and banking security expert Oleksiy Krasiuk says that “the diversity of crimes in this area increases year-by-year.”
‘Speaking the same language’
In 2015 vishing was the most prevalent method of fraud, with more than 2771 vishing calls registered. The second most common was cash trapping, with roughly 1000 registered cases.
Most common cyber crimes in Ukraine
Source: Ukrainian Interbank Payment Systems Members Association (EMA)
- Vishing – Malicious phone calls exploit the public's trust in landline and mobile telephone services with the aim of stealing credit card numbers and other personal data;
- Cash Trapping – ATM money slots are tampered so that customers are unable to retrieve money. Once the customer leaves the site, the thieves collect the money from the ATM;
- Skimming – Card readers in ATMs are manipulated so that they are able to copy data from the magnetic stripe of the customer’s banking card. The data from the manipulated card readers is retrieved by the thieves to create forged banking cards;
- Phishing websites – Fake websites set up by hackers are used to obtain personal information from unsuspecting users
- Eavesdropping – Personal information is stolen by listening in to the private conversations of others without their consent over telephone lines, e-mail and other methods of communication considered private.
Given the breakneck pace of technological development, cyber crimes are evolving quickly and cyber police will be expected to keep up with new threats. “Successful co-operation requires law enforcers to speak the same language as banks do and vice versa. We, from the banking side, need people to be familiar with new types of fraud, its features and differences – like skimming and shimming, phishing and vishing,” says Raisa Fedorovska from EMA.
The training course is not limited to tackling fraud. Participants will also learn about how information technologies are increasingly being used to facilitate human trafficking. In these classes, recruits were familiarized with the methods used by criminals at each stage – including recruitment, transfer and exploitation of victims of trafficking in human beings. And of course, the training participants also receive training to ensure they are fully versed with the law, so that they can collect information to ensure the highest chances of a successful prosecution.
Fully equipped with these skills, Dymtro and Maryna eagerly awaited the formal completion of their studies on graduation day so that they could finally begin work.
“We will continue supporting the National Police in their reform efforts and the re-training of existing cyber police officers who passed the re-attestation process,” Erlich told the new officers at their graduation. “In addition, we will work with donors to ensure that new cyber police will have additional equipment to be able to use knowledge and skills which you’ve gained here.”
As the new graduates celebrated the achievements, the halls of the ceremony were adorned with the words of the new ideals of the new Ukrainian police: Служити та захищати – to serve and to protect.