Security icon

Cybercrime

Australia will: strengthen cooperation for enhanced prevention, detection, investigation and prosecution of cybercrime

Australia will do this by:

Action 21. Working with international partners to strengthen our collective efforts to prevent, detect, investigate and prosecute cybercrime, with a focus on the Indo-Pacific
Action 22. Supporting the creation of a new model for international, cross-border lawful access to data
Action 23. Promoting the existing international legal framework on cybercrime and opposing efforts to weaken existing cybercrime law and norms, agreements and methods of collaboration

Cybercrime is a global threat, which undermines trust in cyberspace and causes significant economic and social costs. As connectivity increases dramatically, so too does Australia and the Indo-Pacific's collective exposure to cybercrime. Global cooperation is vital to respond to this challenge.

Australia, and our region, faces a worsening cybercrime landscape characterised by expanding threats, low barriers to entry, and increasingly resourceful actors, some of which are backed by states.

The modes and methods of cybercrime are relentlessly evolving. With access to increasingly sophisticated tools, like the dark web and anonymising technologies, cybercrime actors can adapt their techniques rapidly.

CYBERCRIME

Cybercrime is a low-risk, high-return criminal enterprise in which individuals and groups of actors leverage cyberspace for financial gain or other malicious ends. In Australia, the term refers to crimes directed at computers, or crimes where computers facilitate an existing offence.

The range of COVID-19-themed scams, fraud attempts and deceptive email schemes observed by the Australian Cyber Security Centre (ACSC) in 2020 demonstrates that we remain an attractive target.

Australia remains committed to working with our international partners to prevent, detect, investigate and prosecute those partaking in criminal activity online, including on the dark web – wherever they may be located. Strengthening our capacity to combat cybercrime, both at home and overseas, enhances our region's collective security and resilience to cybercrime. Through the 2020 Cyber Security Strategy, and in line with the National Strategy to Fight Transnational, Serious and Organised Crime, Australia will prioritise support to victims of cybercrime, and work to ensure that our law enforcement agencies have the powers and technical capabilities to hold cyber criminals to account, and deter, disrupt and defeat the criminal exploitation of the dark web and anonymising technologies.

International operational cooperation

The Indo-Pacific remains particularly vulnerable to the threat posed by cybercriminals who look to exploit gaps in the region's legislative, policy, law enforcement and technical capacity. Australian law enforcement agencies engage international partners to support a regional response to cybercrime.

The Australian Federal Police's (AFP) partnerships with INTERPOL's Cyber Fusion Centre in Singapore and EUROPOL's European Cyber Crime Centre support the identification of new, imminent and evolving cybercrime threats.

Through the AFP, Australia will continue to build strong relationships with international partners to: improve cooperation on threat intelligence sharing assessment and analysis; trend monitoring; technical support for member countries; and, the identification of vulnerabilities, triage and disruption strategies.

State-sponsored cybercrime

State-sponsored cybercrime, where a state provides support or backing to individuals or groups undertaking criminal acts online, poses a serious risk to global security and financial systems. Profits from these criminal enterprises can be used to fund state activities including in contravention of international law and security frameworks (for example non-proliferation and financial sanctions).

The Indo-Pacific plays host to many of the world's most important crypto-currency exchanges, and will remain a lucrative target for resourceful state-sponsored cybercrime actors.

The Democratic People's Republic of Korea (North Korea) is responsible for increasingly sophisticated malicious cyber activities, including against financial institutions and crypto-currency exchanges in our region. In September 2019, the Panel of Experts assisting the UN Security Council North Korea Sanctions Committee noted that North Korea had raised as much as US$2 billion from such activities. Halting this flow of funds is vital to restricting North Korea's ability to fund illicit activities, including the development of nuclear and ballistic missile programs, and to counter sanctions evasion efforts by North Korea.

The investigative toolbox: data and encryption

Technology continues to expand the cybercrime threat landscape and, in turn, produce increasingly challenging circumstances in which to carry out criminal investigations.

The growth of global connectivity and increased reliance on cloud computing means that data once stored within Australia is now offshore. Lawful access to this data is vital for the effective investigation of cybercrime and other technology-enabled serious crimes. Traditionally, countries have relied on international crime cooperation mechanisms, such as mutual legal assistance, to lawfully obtain electronic data from overseas jurisdictions. However, the increased need for electronic evidence for all criminal offences is slowing these processes and affecting many countries' ability to investigate and prosecute crime.

Australia is committed to early adoption of new international cooperation mechanisms. We are negotiating a new agreement with the United States under the United States Clarifying Lawful Overseas Use of Data Act (CLOUD Act), and are negotiating for a Second Additional Protocol to the Council of Europe Convention on Cybercrime (the Budapest Convention) for efficient cooperation on electronic evidence. New agreements with international partners for reciprocal access to electronic data would, when appropriate, bypass traditional mechanisms, while still ensuring appropriate protections and safeguards. This new model of modern, international crime cooperation would allow Australia to request data directly from foreign communications and technology companies in partner countries, rather than through governments.

Australia's commitment to an innovative cooperative framework for lawful access to data that also emphasises the importance of human rights, including freedom of expression, and the right to privacy, and the rule of law, models best practice for other countries in our region and internationally.

Australia also supports strong encryption as being fundamental to online security and trust. The technical challenge of achieving lawful access to encrypted or anonymised communications, and the legal challenge of obtaining the cooperation of the international communications industry, present new and increasingly difficult barriers to law enforcement and security agencies combating cybercrime. Australia's Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 sets out Australia's domestic legal approach to this challenge.

Australia will advocate regionally and internationally for policies and systems that enable access to encrypted or anonymised communications for law enforcement and national security purposes that:

  • are transparent
  • enable governments to work collaboratively with industry
  • do not enable mass surveillance, the creation of decryption capabilities, or the implementation of so-called 'backdoors' that could undermine trust in digital communications
  • are subject to legitimate independent oversight
  • respect human rights and the rule of law.

AUSTRALIA'S TELECOMMUNICATIONS AND OTHER LEGISLATION AMENDMENT (ASSISTANCE AND ACCESS) ACT 2018

The Assistance and Access Act introduced a modern, technologically neutral industry assistance framework. The framework establishes a structure for Australian agencies and industry to work together to address technological obstacles to investigations into serious crimes and national security threats. Agencies can request voluntary technical assistance or compel compulsory technical assistance from ‘designated communications providers’. This includes information and communications technology companies that provide communications services or devices in in Australia, irrespective of where they base their corporation, servers or manufacturing. There are many safeguards before technical assistance can be sought, including that it must be reasonable and proportionate, practicable and technically feasible, and not fundamentally weaken cyber security. To date, agencies have worked cooperatively with industry, with all requests managed on a voluntary basis.

International cybercrime frameworks

International cooperation is an essential part of Australia's efforts to combat cybercrime. No country can eliminate cybercrime alone – by its very nature, cybercrime is international, with victims, perpetrators, and evidence often located across many disparate jurisdictions. International cooperation, collaboration, information sharing, discussion and capacity building are vital to any meaningful response to the threat posed by cybercrime.

Australia has been a party to the Budapest Convention since 2013. The Budapest Convention is an established and proven mechanism that continues to bring considerable benefits to Australia and our region by harmonising and making interoperable the legal frameworks relating to: domestic cybercrime offences; electronic evidence collection by law enforcement; and, international cooperation and assistance.

We continue to actively protect existing international law, frameworks and practices for cybercrime, uphold human rights, freedoms, and the rule of law, and oppose efforts to weaken them.

Through the United Nations (UN) Open-Ended Intergovernmental Experts Group to Conduct a Comprehensive Study of the Problem of Cybercrime, the Crime Congress, and the Commission on Crime Prevention and Criminal Justice, Australia will remain an active participant in broader international discussions to address and counter the full range of cybercrime. Australia will continue to support the UN criminal justice mandate based in Vienna and regional partners' attendance at these forums. We will also use these forums to continue to oppose online child sexual exploitation and abuse, building on the 2019 UN General Assembly Resolution Countering child sexual exploitation and sexual abuse online, led by Australia and adopted by consensus.1

Australia will continue to engage in multilateral discussions on cybercrime, consider appropriate proposals to address contemporary challenges, and support impartial, inclusive and expert-level dialogues aimed at combating cybercrime. We recognise the Budapest Convention as the most comprehensive and effective basis upon which to pursue a common international approach.

As the international community considers the elaboration of a UN convention of cybercrime (A/Res/74/247) Australia remains committed to advocating for a transparent, inclusive, and consensus-based process with multi-stakeholder participation. It will be important for any new instrument to build on existing and proven legal frameworks, such as the Budapest Convention, and ensure the protection of human rights, uphold the rule of law, and ensure an open, free and secure cyberspace.

1 UNGA Resolution A/RES/74/174, adopted 18 December 2019

Regional engagement and capacity building

Domestic capacity and capabilities, along with the ability to effectively cooperate internationally, are central to combating cybercrime. Australia, through our Cyber and Critical Technology Cooperation Program, will continue to support targeted and multifaceted capacity building in the policy, technical, operational and legal spheres, to support ASEAN countries and countries across the Pacific respond to the challenges posed by cybercrime.

Initiatives like the AFP-led Cyber Safety Pasifika and Cyber Safety Asia programs will assist regional law enforcement practitioners to develop further cybercrime-relevant skill sets, while providing broader community awareness and education regarding the risks of cybercrime.

These initiatives complement a range of initiatives led by the eSafety Commissioner and other Australian agencies aimed at mitigating a range of online harms (see Online Harms and Safety on page 59). Australia's broader law enforcement assistance programs, such as anti-money laundering assistance, will help build capacity to attack the profit that drives a large amount of cybercrime.

 

BILATERAL ENGAGEMENT AND SUPPORT FOR THE BUDAPEST CONVENTION IN THE PACIFIC

Throughout the Pacific, the Australian Attorney-General's Department (AGD) has partnered with Pacific Island countries to strengthen domestic legislative frameworks to combat cybercrime in line with the Council of Europe Convention on Cybercrime (the Budapest Convention). Since 2014, AGD has partnered with Tonga, Fiji, Samoa, Vanuatu, Solomon Islands, Niue and Tuvalu to advance cybercrime law reform. AGD support has ranged from assistance in analysing compliance of existing laws with the Budapest Convention to assistance with drafting instructions for legislative reforms, the drafting of new domestic laws and reviewing draft legislation to ensure alignment with the Budapest Convention.

PACIFIC ISLANDS LAW OFFICERS' NETWORK (PILON) CYBERCRIME WORKING GROUP

Consistent with the Pacific Islands Forum's Boe Declaration priority focus on transnational crime and cybersecurity, the Australian Attorney-General's Department (AGD) has worked closely with the Council of Europe to support the Cybercrime Working Group of the Pacific Islands Law Officers' Network (PILON) to build awareness of the rising risks of cybercrime for Pacific communities. PILON is a network of senior legal and law enforcement officers from across the Pacific working together to contribute to a safe and secure Pacific by advancing key law and justice issues. Since 2017, PILON has facilitated annual workshops for over 80 Pacific policy makers, police and prosecutors, providing guidance on law reforms and building capacity to investigate and prosecute cybercrime. The Cybercrime Working Group has developed a mutual legal assistance handbook focusing on combating cybercrime and using electronic evidence. This handbook will provide criminal justice practitioners in the Pacific with practical information on the domestic and international mechanisms available to facilitate efficient and effective cooperation in criminal matters, and assistance accessing cross-border electronic evidence, a key component of Chapter III of the Budapest Convention.

Democratic Principles
Human Rights
Ethics of Critical Technology
Diversity and Gender Equality
International Peace and Stability
Disinformation & Misinformation
Cyber Security
Cyber Crime
Online Harms & Safety
Regional Connectivity
Digital Trade
Markets and Supply Chains
Critical Technology Standards
Research, Industry and Innovation
Internet Governance
AICCTP
GEDSI
CCTCP
International
Indo-Pacific
South East Asia
Pacific
Indonesia
India
Papua New Guinea
ASEAN
Attribution
United Nations
Artificial Intelligence
Ambassador for Cyber Affairs and Critical Technology
Incident response
Critical Technology
Cyber Affairs
Multilateral engagement
Bilateral engagement
Partnerships and agreements
Standards
5G
Connectivity
International law and norms
Confidence building measures
Values
Security
Prosperity
Regulation and governance
Quantum computing
Blockchain
Online safety
Electoral integrity
Cyber and Critical Technology Cooperation Program
Digital Trade
2017 International Cyber Engagement Strategy
Grant
Capacity building
Women in Cyber
News and announcements
Media