Cybercrime is a global threat, which undermines trust in cyberspace and causes significant economic and social costs. As connectivity increases dramatically, so too does Australia and the Indo-Pacific's collective exposure to cybercrime. Global cooperation is vital to respond to this challenge.
Australia, and our region, faces a worsening cybercrime landscape characterised by expanding threats, low barriers to entry, and increasingly resourceful actors, some of which are backed by states.
The modes and methods of cybercrime are relentlessly evolving. With access to increasingly sophisticated tools, like the dark web and anonymising technologies, cybercrime actors can adapt their techniques rapidly.
The range of COVID-19-themed scams, fraud attempts and deceptive email schemes observed by the Australian Cyber Security Centre (ACSC) in 2020 demonstrates that we remain an attractive target.
Australia remains committed to working with our international partners to prevent, detect, investigate and prosecute those partaking in criminal activity online, including on the dark web – wherever they may be located. Strengthening our capacity to combat cybercrime, both at home and overseas, enhances our region's collective security and resilience to cybercrime. Through the 2020 Cyber Security Strategy, and in line with the National Strategy to Fight Transnational, Serious and Organised Crime, Australia will prioritise support to victims of cybercrime, and work to ensure that our law enforcement agencies have the powers and technical capabilities to hold cyber criminals to account, and deter, disrupt and defeat the criminal exploitation of the dark web and anonymising technologies.
International operational cooperation
The Indo-Pacific remains particularly vulnerable to the threat posed by cybercriminals who look to exploit gaps in the region's legislative, policy, law enforcement and technical capacity. Australian law enforcement agencies engage international partners to support a regional response to cybercrime.
The Australian Federal Police's (AFP) partnerships with INTERPOL's Cyber Fusion Centre in Singapore and EUROPOL's European Cyber Crime Centre support the identification of new, imminent and evolving cybercrime threats.
Through the AFP, Australia will continue to build strong relationships with international partners to: improve cooperation on threat intelligence sharing assessment and analysis; trend monitoring; technical support for member countries; and, the identification of vulnerabilities, triage and disruption strategies.
State-sponsored cybercrime
State-sponsored cybercrime, where a state provides support or backing to individuals or groups undertaking criminal acts online, poses a serious risk to global security and financial systems. Profits from these criminal enterprises can be used to fund state activities including in contravention of international law and security frameworks (for example non-proliferation and financial sanctions).
The Indo-Pacific plays host to many of the world's most important crypto-currency exchanges, and will remain a lucrative target for resourceful state-sponsored cybercrime actors.
The Democratic People's Republic of Korea (North Korea) is responsible for increasingly sophisticated malicious cyber activities, including against financial institutions and crypto-currency exchanges in our region. In September 2019, the Panel of Experts assisting the UN Security Council North Korea Sanctions Committee noted that North Korea had raised as much as US$2 billion from such activities. Halting this flow of funds is vital to restricting North Korea's ability to fund illicit activities, including the development of nuclear and ballistic missile programs, and to counter sanctions evasion efforts by North Korea.
The investigative toolbox: data and encryption
Technology continues to expand the cybercrime threat landscape and, in turn, produce increasingly challenging circumstances in which to carry out criminal investigations.
The growth of global connectivity and increased reliance on cloud computing means that data once stored within Australia is now offshore. Lawful access to this data is vital for the effective investigation of cybercrime and other technology-enabled serious crimes. Traditionally, countries have relied on international crime cooperation mechanisms, such as mutual legal assistance, to lawfully obtain electronic data from overseas jurisdictions. However, the increased need for electronic evidence for all criminal offences is slowing these processes and affecting many countries' ability to investigate and prosecute crime.
Australia is committed to early adoption of new international cooperation mechanisms. We are negotiating a new agreement with the United States under the United States Clarifying Lawful Overseas Use of Data Act (CLOUD Act), and are negotiating for a Second Additional Protocol to the Council of Europe Convention on Cybercrime (the Budapest Convention) for efficient cooperation on electronic evidence. New agreements with international partners for reciprocal access to electronic data would, when appropriate, bypass traditional mechanisms, while still ensuring appropriate protections and safeguards. This new model of modern, international crime cooperation would allow Australia to request data directly from foreign communications and technology companies in partner countries, rather than through governments.
Australia's commitment to an innovative cooperative framework for lawful access to data that also emphasises the importance of human rights, including freedom of expression, and the right to privacy, and the rule of law, models best practice for other countries in our region and internationally.
Australia also supports strong encryption as being fundamental to online security and trust. The technical challenge of achieving lawful access to encrypted or anonymised communications, and the legal challenge of obtaining the cooperation of the international communications industry, present new and increasingly difficult barriers to law enforcement and security agencies combating cybercrime. Australia's Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 sets out Australia's domestic legal approach to this challenge.
Australia will advocate regionally and internationally for policies and systems that enable access to encrypted or anonymised communications for law enforcement and national security purposes that:
- are transparent
- enable governments to work collaboratively with industry
- do not enable mass surveillance, the creation of decryption capabilities, or the implementation of so-called 'backdoors' that could undermine trust in digital communications
- are subject to legitimate independent oversight
- respect human rights and the rule of law.
International cybercrime frameworks
International cooperation is an essential part of Australia's efforts to combat cybercrime. No country can eliminate cybercrime alone – by its very nature, cybercrime is international, with victims, perpetrators, and evidence often located across many disparate jurisdictions. International cooperation, collaboration, information sharing, discussion and capacity building are vital to any meaningful response to the threat posed by cybercrime.
Australia has been a party to the Budapest Convention since 2013. The Budapest Convention is an established and proven mechanism that continues to bring considerable benefits to Australia and our region by harmonising and making interoperable the legal frameworks relating to: domestic cybercrime offences; electronic evidence collection by law enforcement; and, international cooperation and assistance.
Through the United Nations (UN) Open-Ended Intergovernmental Experts Group to Conduct a Comprehensive Study of the Problem of Cybercrime, the Crime Congress, and the Commission on Crime Prevention and Criminal Justice, Australia will remain an active participant in broader international discussions to address and counter the full range of cybercrime. Australia will continue to support the UN criminal justice mandate based in Vienna and regional partners' attendance at these forums. We will also use these forums to continue to oppose online child sexual exploitation and abuse, building on the 2019 UN General Assembly Resolution Countering child sexual exploitation and sexual abuse online, led by Australia and adopted by consensus.1
Australia will continue to engage in multilateral discussions on cybercrime, consider appropriate proposals to address contemporary challenges, and support impartial, inclusive and expert-level dialogues aimed at combating cybercrime. We recognise the Budapest Convention as the most comprehensive and effective basis upon which to pursue a common international approach.
As the international community considers the elaboration of a UN convention of cybercrime (A/Res/74/247) Australia remains committed to advocating for a transparent, inclusive, and consensus-based process with multi-stakeholder participation. It will be important for any new instrument to build on existing and proven legal frameworks, such as the Budapest Convention, and ensure the protection of human rights, uphold the rule of law, and ensure an open, free and secure cyberspace.
1 UNGA Resolution A/RES/74/174, adopted 18 December 2019
Regional engagement and capacity building
Domestic capacity and capabilities, along with the ability to effectively cooperate internationally, are central to combating cybercrime. Australia, through our Cyber and Critical Technology Cooperation Program, will continue to support targeted and multifaceted capacity building in the policy, technical, operational and legal spheres, to support ASEAN countries and countries across the Pacific respond to the challenges posed by cybercrime.
Initiatives like the AFP-led Cyber Safety Pasifika and Cyber Safety Asia programs will assist regional law enforcement practitioners to develop further cybercrime-relevant skill sets, while providing broader community awareness and education regarding the risks of cybercrime.
These initiatives complement a range of initiatives led by the eSafety Commissioner and other Australian agencies aimed at mitigating a range of online harms (see Online Harms and Safety on page 59). Australia's broader law enforcement assistance programs, such as anti-money laundering assistance, will help build capacity to attack the profit that drives a large amount of cybercrime.