Given the vast territorial reach of the internet, it is necessary to develop a unified and integrated response to dealing with the evolving threat posed by cybercrime. For this reason, the Government has developed the National Plan to Combat Cybercrime. The National Plan involves a commitment from the Commonwealth, State and Territory governments of Australia to work together to address the threat of cybercrime.
What are the key principles underpinning the national plan to combat cybercrime?
The National Plan is built upon 4 principles. These are:
- Understanding the problem – looking at who is targeted by cybercrime and why, how they are targeted, who are the perpetrators of cybercrime and what harm they are causing will assist in better understanding the problem of cybercrime. Once this information is known, policy can be better shaped and targeted to produce more effective results.
- Partnerships and shared responsibility – due to the nature cybercrime, a united approach is necessary. For this to occur, mutually beneficial partnerships to share information and combine resources are necessary.
- Focusing on prevention – it is generally accepted that it is better to prevent cybercrime from occurring than to respond to its effects. This means that the government needs to be proactive in anticipating new cybercrime threats.
- Balancing security, freedom and rights – in creating a response to cybercrime, the government needs to balance security with freedom and privacy of internet users.
What are Australia’s key priorities in combating cybercrime?
The government has prioritised the following 6 area to focus on when creating a national response to cybercrime:
- Education the community to protect themselves – the aim is to ensure that all internet users are aware of the risks of cybercrime and can take steps to protect themselves from falling victim to cybercrime.
- Partnering with industry to tackle the shared problem of cybercrime – industries such as ISPs, software and hardware companies are key in an integrated approach to combat cybercrime. The government aims to work in close partnership with these industries and other businesses to respond effectively to the issue of cybercrime and to promote a safer and more secure digital environment.
- Fostering an intelligence-led approach and information sharing – sharing information and intelligence between law enforcement agencies, intelligence agencies and the private sector are necessary to create a better understanding of cybercrime and to develop effective responses.
- Improving the capacity and capability of government agencies, particularly law enforcement, to address cybercrime – this aim is achieved by focusing on improving the coordination of responses to cybercrime and addressing capability and capacity gaps within agencies.
- Improving international engagement on cybercrime and contributing to global efforts to combat cybercrime – this is achieved by promoting a harmonised international legal framework, and to assist other countries to respond to cybercrime. It also involves working cooperatively with international countries and other international bodies to improve cooperation on cybercrime.
- Ensuring an effective criminal justice framework – the country’s criminal justice system must provide an effective framework for investigating and prosecuting cybercrime. Offences must therefore account for the new and emerging technologies, and penalties must provide adequate deterrence.
What Australian agencies are involved in investigating cybercrime?
The National Plan to Combat Cybercrime requires a collaborative approach, both nationally and transnationally, to the issue of tackling cybercrime threats. The following agencies and government departments are instrumental in dealing with the issues cybercrime creates:
Attorney-General’s Department (AGD): AGD is responsible for Commonwealth criminal law policy (including cybercrime), identity and protective security, privacy and telecommunications interception policy. These are all key elements in protecting the national security of an increasingly digitally enabled Australia.
Australian Criminal Intelligence Commission (ACIC): The Australian Criminal Intelligence Commission (ACIC) (formerly Australian Crime Commission or ACC) is Australia’s national criminal intelligence agency that has unique investigative capabilities which it draws on to provide government with an independent view of the risk of serious and organised crime. The ACIC maintains national criminal intelligence holdings; produces strategic intelligence assessments; and coordinates national operational responses to disrupt, disable and prevent organised crime impacting on Australia.
Australian Federal Police (AFP): AFP is responsible for enforcing federal criminal law and protecting national interests from crime in Australia and overseas. The AFP’s High Tech Crime Operations portfolio provides the AFP with an enhanced capability to investigate, disrupt and prosecute offenders committing serious and complex cybercrimes.
Commonwealth Director of Public Prosecutions (CDPP): CPPP is responsible for the prosecution of Commonwealth criminal offences including Commonwealth offences involving cybercrime. The CDPP also maintains the Cybercrime Manual for prosecutors and investigative agencies which provides guidance in relation to cybercrime offences relevant to the investigation and prosecution of cybercrime offences.
State and Territory law and justice agencies: State and Territory law and justice agencies are responsible for criminal law policy at the state and Territory level. Similarly, State and Territory Directors of Public Prosecution are responsible for the prosecution of offences under the laws of their jurisdictions.
State and Territory police: State and Territory police cybercrime units are responsible for the investigation of all cyber offences committed against the person, business, and state, territory and local government.
Other key agencies include:
CERT Australia: who are the initial point of contact for industry for cyber security incidents impacting upon Australian networks.
Australian Communications and Media Authority (ACMA): contributes to the development of a safer online environment through notifying ISPs of malware infections identified among their customers and providing a vehicle for reporting about illegal online content, including online child sexual abuse offences material.
Australian Competition and Consumer Commission (ACCC): works to disrupt identified scam activities and, where appropriate, prosecute offenders for breaches of the Competition and Consumer Act 2010 (Cth).
Australian Security Intelligence Organisation (ASIO): investigates cyber activity conducted for the purpose of espionage, sabotage, terrorism or other forms of politically motivated violence, and contributes to the investigation of computer network operations directed against Australia’s systems.
Australia New Zealand Policing Advisory Agency (ANZPAA): provides strategic and policy advice regarding cross-jurisdictional issues to enhance community safety and security.
CrimTrac – responsible for the development and maintenance of national information sharing systems between State, Territory and Commonwealth law enforcement agencies.
Department of Broadband, Communications and the Digital Economy (DBCDE): ensures that all Australians can access internet services, and empowers consumers to operate safely and securely online through its education and awareness-raising initiatives
Department of Defence’s Cyber Security Operations Centre (CSOC): provides the Government with a better understanding of sophisticated cyber threats against Australian interests.
Department of Foreign Affairs and Trade (DFAT): advances and protects Australia’s interests in relation to combating cybercrime internationally, including meeting our international legal obligations.
Department of the Prime Minister and Cabinet (PM&C): responsible for coordination and leadership for cyber policy issues.
What are some of the legal complexities that can arise in cybercrime investigation and prosecutions?
Like many other countries Australia is adopting a transnational model of law enforcement co-operation in dealing with cybercrime.
This raises complex issues of law, concerning the use of information being shared between jurisdictions and the decision of where an offender may ultimately be prosecuted. This may effect the maximum penalty that applies to a specific offence and requires a careful consideration of mutual assistance law and the observation of due process and procedural fairness to those subjected to a multi-agency investigation for cybercrime.
Nyman Gibson Miralis provides expert advice and representation in complex international cybercrime investigations. Our expertise includes dealing with malware, phishing and computer hacking offences, bootlegging and tripping, Bitcoin and crypto-currency fraud, as well as offences relating to identity theft, spreading computer viruses and DDoS attacks.
Contact us if you require assistance.