What does the Australian Federal Police (AFP) advise the public regarding cybercrime?
The AFP outline a number of cybercrime offences on their website www.afp.gov.au and provides some advice to members of the public about how to respond to some of the most common offences as defined in Commonwealth legislation within Part 10.7 – Computer Offences of the Criminal Code Act 1995 including:
- computer intrusions (e.g. malicious hacking)
- unauthorised modification or destruction of data
- distributed denial of service (DDoS) attacks using botnets
- the creation and distribution of malicious software (e.g. viruses, worms, trojans).
Each State and Territory in Australia has its own legislated computer-related offences which are similar to the Commonwealth legislation.
What can the AFP do about computer intrusion?
Computer intrusion is unauthorised access to a computer or network.
For example, the hacking of your email service is a type of computer intrusion. The AFP advises that if your email account has been hacked and compromised, firstly, change your password, and if necessary contact the email service provider and get assistance to fully resolve the problem. This may be problematic, as many free email services do not offer much in the way of support.
If you know the identity of the perpetrator and they reside in Australia, and you consider the matter serious enough, then you can report it to the State or Territory police where you live. It is not necessary to directly contact the AFP, your local police should be your first point of contact.
In many cases, Australian law enforcement will not have the jurisdiction to take action because one or more of the involved parties is not located in this country. Only when the perpetrator resides in Australia or the computer server of the company that provides the email service is located in Australia are Australian law enforcement officials able to act.
What are some examples of the types of computer intrusion which can occur?
Malware, such as botnets, Trojans and computer viruses are other tools used by offenders to gain unauthorised access to a computer system or network. One common intrusion is the Denial-of-service (DoS) attack.
Denial-of-service (DoS) is the deliberate disruption or impairment of a service or communication. One notable example of a denial of service attack was that alleged to have occurred with the Australian Census being conducted in August, 2016. This forced the Australian Bureau of Statistics to shut down the online collection of census data from the public.
This type of attack is what is known as a Distributed Denial-of-Service (DDoS) attack using botnets. A botnet is a network of private computers, perhaps owned by many different people, which unknowingly to the owners, are infected with malicious software and controlled as a group to perform malicious tasks, e.g. to send spam or in this case to repeatedly send traffic to a web site.
Viruses are computer programs usually hidden within other programs that produces copies of itself (like a virus infecting the body) and inserts those copies into other programs or files. The virus usually performs a malicious action (such as destroying data).
Trojan horses, or trojans is any malicious computer program which appears externally to be useful or at the very least, harmless. Trojans are generally spread by duping a user into executing an e-mail attachment disguised to be unsuspicious, such as invoice or delivery document. The term “Trojan” is derived from the Ancient Greek story of the huge, hollow wooden horse that was used to smuggle Greek troops into the city of Troy.
Pop-ups can be a legitimate browsing tool, but they can also be abused especially in the provision of advertising on internet sites that can appear as a result of unknowingly having adware and spyware programs installed on your computer.
There are programs designed to defeat adware and spyware, and browsers with built-in pop-up blockers, and these can be easily obtained online or from other sources..
What can you do if your computer is infected?
If you discover any of these tools on your computer you should take steps to quarantine and remove them using antivirus software. If necessary, report it to your antivirus software and / or internet service provider (ISP).
If the virus or other malware was sent to you via an infected email from someone you know, then you should advise that person that their computer may also be infected.
If you believe your computer was intentionally infected with a virus and you have evidence as to the identity of the person who sent you the virus, then you can report it to the State or Territory police where you live.
What should Australian businesses do if their cyber security systems are compromised?
CERT Australia (the CERT) is the national computer emergency response team. It is the sole point of contact in Government for cyber security issues affecting major Australian businesses. It is part of the Australian Attorney-General’s Department, with offices in Canberra and Brisbane. It also works in the Cyber Security Operations Centre, sharing information with the Australian Federal Police (AFP), the Australian Security Intelligence Organisation (ASIO), and the Australian Signals Directorate (ASD).
In the event of a major computer intrusion of a major business, CERT is the Government agency that can be most helpful.
When can the AFP take action in cases of unauthorised modification of data, including destruction of data?
Generally, for a matter to fall within the jurisdiction of Australian police, when an unauthorised system intrusion, disruption or impairment occurs:
- the computer or network where the content is hosted must be located in Australia, or
- the offender causing the intrusion, disruption or impairment must be in Australia