Cybercrime:The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris AM APM National Manager, High Tech Crime Operations Australian Federal Police
Cybercrime: Australian Trends • Cyber crime is now a ubiquitous mainstream & ‘traditional’ crime • 5.4 million Australian victims in 2012at cost of an estimated $AU1.06 billion • Availability of tools required to carry out a cyber attack are widely accessible • Financially motivated crime groups target the financial sector to chase high returns
Cyber crime: Australian threats • Intelligence shows an increase in cross-platform malware production • Key business targets (such as banking and finance) • Intrusion, modification & denial of service • Data theft • Requirement for target hardening: the AFP is closely aligned with private industry to combat cybercrime through intelligence, information sharing and prevention strategies
Cybercrime: International Trends Emerging international cybercrime trends: • Multi-platform threats • Social engineering scams – creating level of trust at first • Highly targeted (malware) • Increasing complexity and ingenuity
AFP Cyber Crime Operations • The AFP’s Cyber Crime Operations Teams are responsible for investigating significant computer intrusions such as: • Distributed Denial of Service attacks • breaches of major computer systems • collective large scale breaches to harvest personal, business and/or financial data • creating, controlling or distributing malicious software, and • crime which directly impacts critical infrastructure
Melbourne Team • Malware deployment and sophisticated malware kits Sydney Team • Threats to banking sector Canberra Teams • Issue Motivated Groups (Hacktivism) • CSOC/ACSC Key common goals • Prosecution • Disruption • Prevention of loss • Intelligence sharing
Addressing cybercrime: Challenges & opportunities • Common frameworks or protocols to support investigations • Data sovereignty – where is the data, stored processed and transmitted? • Jurisdictional Issues - Criminal acts can be carried out in Australia from anywhere in the world • Speed at which cyber criminals act and the ease with which digital evidence is destroyed • Way forward: implementation of regulation on metadata retention • Is the Mutual Assistance in Criminal Matters Act 1987 up to the task?
Policies and Initiatives The Australian government has a number of initiatives and policies including: • Australian Cyber Security Centre • Cyber Security Operations Centre • CERT Australia • The National Plan to Combat Cybercrime • Australian Government Cyber Security Strategy • Australia is also party to the Council of Europe Convention on Cybercrime