Since Australia’s 2013 National Plan to Combat Cybercrime was released, cybercrime has continued to grow in scale and sophistication. While the 2013 Plan estimated the cost of cybercrime in Australia to be $2 billion annually, self-reported losses due to cybercrime totalled more than $33 billion during the 2020–21 financial year.
It is therefore more important than ever for Australia to have an effective framework to combat cybercriminals. This framework is outlined in the 2022 National Plan to Combat Cybercrime.
National Plan to Combat Cybercrime
The National Plan to Combat Cybercrime (the National Plan) seeks to ensure a secure online world for the Australian community, and a hostile environment for cybercriminals targeting Australians and their businesses. This will be achieved through joint action by the Commonwealth, state and territory governments and engagement with industry, academia and the community.
The National Plan builds on the strong foundations provided by other plans and strategies such as Australia’s Cyber Security Strategy 2020 and the National Strategy to Fight Transnational, Serious and Organised Crime.
The National Plan focuses on three key pillars:
- Prevent and Protect.
- Investigate, Disrupt and Prosecute.
- Recover.
Pillar One: Prevent and Protect
Robust online safety and cyber security regimes are critical to prevent cybercrime and protect Australians.
All levels of government will work with industry and academia to ensure that Australia is able to act flexibly and rapidly in responding to emerging cyber threats. Key focus areas include ICT product and service design, improving cyber security habits of Australians, and working with international partners to enhance global responses to the threat of cybercrime.
Pillar Two: Investigate, Disrupt and Prosecute
This pillar focuses on ensuring consistent national cybercrime legislation and criminal justice responses to facilitate effective investigation, disruption, and prosecution of cybercrime.
Information sharing between public and private sectors will allow Australian law enforcement and prosecutorial bodies to effectively gather evidence for investigations and undertake prosecutorial action against cybercriminals. Global cooperation, including through international forums such as the Council of Europe Convention on Cybercrime (Budapest Convention), will help strengthen global resilience to cybercrime.
Key actions under this pillar include:
- Enhance coordination across all government agencies and prosecutorial bodies.
- Strengthen partnerships between private and public sectors.
- Support law enforcement to access electronic evidence located in foreign jurisdictions to facilitate cybercrime investigations.
- Ensure law enforcement capabilities remain responsive to rapid technological evolutions.
- Ensure Australia’s cybercrime legislation remains world leading and fit-for-purpose.
- Enhance cybercrime data collection, reporting and intelligence to better understand cybercrime threats impacting Australia.
Actions outlined under this pillar will be significantly boosted through the establishment of the AFP-coordinated Joint Policing Cybercrime Coordination Centre (JPC3), which will coordinate Australia’s policing response to serious cybercrime threats.
Pillar Three: Recover
This pillar focuses on ensuring Australians can recover from cybercrime incidents. Key actions include:
- Build awareness among victims of cybercrime about how to access resources on recovery and how to report cyber incidents.
- Support organisations specialising in post-incident support services.
National Cybercrime Forum
An effective monitoring and evaluation mechanism is required to underpin the National Plan. The National Plan will drive outcomes through the establishment of the National Cybercrime Forum, bringing together representatives from Commonwealth, state and territory justice departments, law enforcement agencies and regulators (such as the Office of the eSafety Commissioner).
The Department of Home Affairs will lead the forum to develop a Cybercrime Action Plan that brings together the experience, powers, capabilities, and intelligence of all parties. The Cybercrime Action Plan will outline detailed actions under each of the three pillars of the National Plan, as well as mechanisms for monitoring and reporting on implementation progress and outcomes.
Key takeaways
The 2022 National Plan to Combat Cybercrime has been developed in response to the ever-increasing cybercrime threat, to protect Australians online and create a hostile environment for cybercriminals targeting Australians. The National Plan focuses on three key pillars: 1) preventing cybercrime and protecting Australians online; 2) investigating, prosecuting and disrupting cybercrime; 3) helping cybercrime victims to recover. The National Cybercrime Forum will provide a monitoring and evaluation mechanism to underpin the National Plan and will help to develop a Cybercrime Action Plan that outlines detailed actions under each of the three pillars of the National Plan.