Chapter 4

Cybercrime and cyber-enabled crime

4.1
The COVID-19 pandemic has proven to be both a threat to public health and cybersecurity. Mandated social distancing and movement restrictions introduced to control the spread of the COVID-19 virus led to a greater reliance on online digital services for people to work and interact.
4.2
Cybercrime is a rapidly evolving phenomenon, and cybercriminals have been some of the most adept at exploiting opportunities created by the pandemic. With more individuals and organisations pivoting towards digital services, malicious cyber operators have been quick to target the vulnerabilities of individuals, organisations and digital technologies for financial or personal gain.
4.3
This chapter discusses the broad nature of cybercrime and key trends during the COVID-19 pandemic. It considers the barriers to addressing cybercrime and how law enforcement and the Australian government are responding to it.

The nature of cybercrime

4.4
In Australia, the term 'cybercrime' is used to describe both crimes directed at computers or other information communications technologies (ICTs) (such as hacking); and crimes where computers or ICTs are an integral part of an offence (such as online fraud, identity theft, and the distribution of child exploitation material).1
4.5
Generally, the extent of the cyber threat is vast; at one extreme it can include cyber-attacks on critical infrastructure, cyber espionage, and cyber offences perpetrated by criminal syndicates, businesses, individuals, and terrorist organisations.2
4.6
The Australian Signals Directorate (ASD) stated that 'cybercrime is one of the most pervasive and endemic threats facing Australia and the most significant threat in terms of overall volume and impact to individuals and businesses'.3
4.7
The Australian Cyber Security Centre (ACSC), which sits under the ASD, hosts 'ReportCyber'4, an online portal for reporting cybercrime. Within the first year of its operation (1 July 2019 to 30 June 2020), ReportCyber received
59 806 reports (or approximately one report every ten minutes) from across Australia.5 While the true cost of cybercrime is difficult to quantify, cyber incidents have been estimated to cost the Australian economy up to
$29 billion per year.6
4.8
The ASD explained that cybercriminals are opportunistic, and Australia is an attractive target due to its relative wealth, online connectivity and increasing online service delivery. Particularly concerning are transnational cybercrime syndicates that use or provide sophisticated tools and services, such as hacking tools or malware, to obtain sensitive information or generate illicit income.7

Pandemic-related drivers of cybercrime

4.9
With the onset of the COVID-19 pandemic, there have been additional opportunities for cybercrime to occur. More Australians are working and studying from home and accessing digital services, and many businesses are moving online for the first time.8 Additionally, cybercriminals are known to pivot quickly and capitalise on significant events, such as natural disasters, to generate a profit.9 The Department of Security Studies and Criminology (DSSC), Macquarie University submitted that the prevalence of cybercrime activities has previously increased during economic crises.10
4.10
Within the context of these factors, some pandemic-specific cybercrime drivers have been identified, including:
a rapid and substantial shift of people to teleworking arrangements;
increased use of and reliance on digital solutions for communication and transactions;
vulnerability to exploitation due to increased anxiety, fear and distraction; and
an urgency for basic information and necessities.11
4.11
A particular concern pointed out by the Cyber Security Cooperative Research Centre (CSCRC) is that many people have moved to less cyber-secure remote working conditions with a reliance on home networks and systems, making it difficult for organisations to mitigate cyber risks.12
4.12
An increase in electronic transactions has left many people and businesses vulnerable to personal credentials and banking details being compromised. The Western Australia Police Force pointed out that some cybercrime syndicates intentionally target online payment platforms that enable trade on multiple websites. This behaviour can expose personal and sensitive information, and it can go undetected for long periods of time.13

Cybercrime trends

4.13
There was conflicting evidence regarding the extent to which cybercrime activity increased during the COVID-19 pandemic.14 The Home Affairs Portfolio stated cybercrime increased modestly, while the CSCRC stated there had been an exponential rise in cyber activity.15
4.14
Decoupling existing cybercrime trends from those which have arisen from the COVID-19 pandemic is undoubtedly challenging. Dr Shumi Akhtar, a financial economist and Associate Professor from the University of Sydney, pointed out that technological advancement and innovation over the last decade was already leading to increased digital adoption and cyber-attacks. Crimes such as deception, theft, corruption, fraud, blackmail, money-laundering, phishing, and scams were already rising around the world, and the pandemic has only exacerbated this trend.16
4.15
Nonetheless, during the pandemic, the ASD observed cybercriminals adopting a range of existing methodologies to take advantage of Australians looking for information online about COVID-19 testing, restrictions and government assistance.17
4.16
The Australian Federal Police (AFP) and the ASD claimed that a rise in cybercrime could be attributed to increased online activity due to social distancing restrictions, as well as an increase in public awareness campaigns about how to report scams and fraud.18
4.17
Figure 4.1 provides the number of cybercrime reports which were made to the ACSC between July 2019 and June 2020.
Table 4.1:  
Source: ACSC, Annual Cyber Threat Report—July 2019 to June 2020, 3 September 2020, p. 10.
4.18
Between 1 July 2019 and 31 March 2020, there was a monthly average of 4503 cybercrime reports made to the ACSC. In April 2020, there was a bulk extortion campaign which resulted in 3876 reports and accounted for
45 per cent of all cybercrime reports made that month.19 However, the ASD reported that the campaign was not COVID-19 related. It involved email extortion that threatened to release sensitive information if victims did not pay an amount of untraceable cryptocurrency.20
4.19
The ASD correlated the increase in cybercrime reports over May and June 2020 (see Figure 4.1) with online fraud, where individuals and businesses lost money through deception, such as online shopping, investment and romance scams.21
4.20
Since early March 2020, the ACSC responded to 26 cybersecurity incidents that affected COVID-19 essential services and national suppliers, including health, water, transport/logistics, agriculture, and energy sectors. The ACSC provided advice and assistance to the organisations to remediate their systems and prevent future malicious cyber activity.22
4.21
The CSCRC drew attention to cyber-attacks against Australian companies during the first six months of 2020, including malware attacks on Toll Group, a ransomware attack on BlueScope Steel that impacted global operations, and cyber-attacks on Lion Dairy and Drinks, which disrupted production and supply chains.23 They argued that these activities highlight the importance of Australia moving away from reliance on overseas supply chains and separating itself technologically from nations that pose a threat.24

Scams and fraud

4.22
The onset of the COVID-19 pandemic has been associated with an increase in scams and fraudulent behaviour.25
4.23
The Australian Competition and Consumer Commission (ACCC), which operates Scamwatch,26 advised that scam reports for the December 2020 quarter were 90.1 per cent higher than the December 2019 quarter. Furthermore, the ACCC received over 5620 scam reports mentioning
'COVID-19' in 2020, with financial losses of more than $7.4 million.27
4.24
The Australian Securities and Investment Commission (ASIC) observed three broad categories emerging from scam reports during the pandemic. These included fake crypto asset trading, fake investment schemes and scams on romance websites. In particular, romance and crypto scams more than doubled from the last two quarters of 2019 to July 2020.28
4.25
The ACCC identified that the impersonation of government websites and communications was a high-risk issue.29 According to the ACSC, cybercriminals began registering COVID-19 themed websites in Australia and overseas from February 2020. These websites are designed to host malicious software or harvest personal information. Unsuspecting victims are directed to websites via phishing campaigns, which impersonate government agencies or trusted organisations, who provide advice aligned with breaking developments such as accessing relief payments or health guidance.30

Fraud against economic stimulus measures

4.26
Evidence received in this inquiry identified that scam and misconduct reports increased following the Australian Government's announcements regarding the early release of superannuation access and the JobKeeper program in March 2020.31
4.27
ASIC argued that the availability of significant funds from the economic stimulus package, and the increased demand from investors for higher returns, generated opportunities for cybercrime to occur. For example, criminals exploited the use of digital applications that facilitated prompt access to various elements of the economic stimulus package, including the Early Release of Superannuation scheme.32
4.28
The Home Affairs Portfolio advised that the risk of fraudulent claims of stimulus payments has been exacerbated by the influx of new customers to the welfare system. They explained that 'Services Australia has dealt with 1.5 million new customers since COVID-19 restrictions began on 23 March 2020, with around a third of those having no historical interactions with the welfare system'. Moreover, some criminals sought to access stimulus measures to fund criminal activities, while others used legitimate businesses to access support programs and business loans.33
4.29
The Australian Tax Office (ATO) advised the committee that it had received and investigated 'tip-offs' by the community of illegal activity and behaviour relating to the COVID-19 economic stimulus measures. The ATO further advised that measures it had designed to protect the integrity of the stimulus packages had detected a small amount of fraudulent activity associated with the stimulus measures.34
4.30
This advice regarding a low number of fraudulent attempts is consistent with advice from the AFP. During a hearing on the AFP Annual Report 2019-20, held 12 April 2021, the AFP advised that it had received 30 complaints regarding fraud in relation to the early release of superannuation and JobKeeper.35 The AFP credited the low number of complaints associated with the stimulus packages to two factors:
the establishment of Taskforce Iris, which involved working with the ATO and numerous other agencies to build their awareness of fraud practices and scams; and
strong public messaging that breaches of the stimulus packages would be vigorously investigated.36

Online child sexual exploitation

4.31
With more children and offenders spending more time at home and online, evidence to the committee reported a large increase in online child exploitation activity occurring on both clear and dark nets during the COVID-19 pandemic.37
4.32
Due to global containment measures and movement restrictions, there was a significant increase in the download of child abuse files.38 The AFP-led Australian Centre to Counter Child Exploitation (ACCCE) identified that while posting activity on major darknet child abuse forums had remained constant since February 2020, the sharing of uploads tagged as ‘original content’ increased substantially.39 In addition, the Home Affairs Portfolio stated that from April to June 2020, there was a 163 per cent rise in child abuse content being accessed online, compared to the corresponding period in 2019.40
4.33
Furthermore, the Home Affairs Portfolio advised that reporting of suspicious financial transactions indicating payment for online child sexual abuse content increased 32 per cent from January to June 2020, compared with the period July to December 2019.41
4.34
The Home Affairs Portfolio posited that the direct offending by Australians against children overseas likely decreased due to travel restrictions. However, this could potentially increase the potential for online abuse, particularly for children in countries experiencing economic hardship.42
4.35
Numerous pandemic-related factors have increased the risk of children being sexually exploited. In particular, an increase in the amount of time children spend online for education, entertainment and social purposes made them more vulnerable to predators.43 Other contributing factors that made children more vulnerable included:
loss of income;
isolation;
high levels of stress and anxiety;44 and
limited access to educational and community support services who often detect and report cases of child exploitation.45
4.36
In response to the increased child exploitation-related referrals, the AFP bolstered resources within the ACCCE Child Protection Triage unit that focused on activities that presented immediate risk and danger to children. Additionally, the AFP, in partnership with other stakeholders, intensified its outreach, prevention and deterrence efforts to address pandemic-related risk factors for child exploitation and improve child safety.46
4.37
The AFP's ThinkUKnow program aims to reduce the impact and incidence of online child exploitation in Australia.47 The program is a critical AFP prevention strategy that targets multiple stakeholders including children, parents and teachers and educates them about safe internet use. The AFP reported that from July 2019 to June 2020, it delivered 233 presentations to over 13,000 parents, carers and teachers. During the pandemic, the ACCCE team pivoted to delivering the ThinkUKnow content and resources online.48
4.38
In April 2020, a seven-day online safety challenge was launched by the former Minister for Home Affairs, the Hon Peter Dutton MP, to help raise awareness and encourage carers to undertake preventative measures in relation to the online safety of children.49 The AFP advised that social media content promoting the challenge was viewed more than 2.3 million times over the seven-day period, with engagement of more than 130,000 comments and shares.50
4.39
In May 2020, the AFP launched the AFP Child Protection Plan 2020-2022, which focuses on child protection efforts over the next three years in collaboration with its partner agencies.51
4.40
During the pandemic, the AFP and its counterparts have achieved significant operational success in apprehending child sex offenders. Operation Arkstone began in February 2020 and led to 53 children being removed from further harm in Australia. As a result of evidence gathered in the investigation, 20 men were arrested in Australia, and the AFP made 146 referrals to law enforcement agencies around the world.52

End-to-end encryption and anonymising technologies

4.41
The use of end-to-end encryption53 communication technologies and anonymisation54 by criminal syndicates was highlighted as a concern in evidence provided, particularly as encrypted communications and anonymising technologies can limit certain traditional law enforcement investigative opportunities.
4.42
At a Press Club address on Child Exploitation in February 2020, Mr Michael Phelan, the Chief Executive Officer of the ACIC, stated that encrypted communications are a key enabler for OCGs to conduct their activities and are increasingly being utilised:
The law enforcement and intelligence community faces a growing challenge in infiltrating and disrupting the activities of organised crime and child exploitation syndicates. Their use of the dark web and encrypted technologies to obfuscate their identity and facilitate high-volume offending on a global scale has become the new status quo for these criminals.55
4.43
At a National Press Club address in July 2020, AFP Commissioner, Reece Kershaw raised serious concerns regarding plans by Facebook and other communication platforms to move to end-to-end encryption. He stressed that the use of these encrypted technologies by messaging platforms would make it harder for police to catch paedophiles, terrorists and those involved in criminal syndicates.56
4.44
The New South Wales Crime Commission (NSW Crime Commission) advised that due to international border closures, there had been an increased reliance on encrypted communication devices by organised crime groups (OCGs). For example, during the pandemic, OCGs used encrypted devices to communicate sensitive details of illicit importations in order to avoid the issues caused by border closures. The NSW Crime Commission pointed out that the most prevalent encrypted communication program used in Australia is 'Ciphr'. It also noted that when using the program, chat members would move to anonymous mode to prevent other chat members from identifying who is sharing information.57
4.45
The NSW Crime Commission advised that is it important that Australian law enforcement agencies develop strategies to tackle the problem of encrypted communications being used by OCGs, stating:
Irrespective of the COVID-19 pandemic…devices of this type will pose an enduring challenge for law enforcement in the future. It is essential that both the [NSW Crime] Commission and other Australian law enforcement agencies develop long-term strategies to deal with the providers of services or enablers to organised crime groups.58
4.46
In December 2018, the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (Assistance and Access Act 2018) was enacted as a legislative response to enable law enforcement and intelligence agencies to gain access to encrypted communications.59
4.47
At the August 2020 hearing, the Secretary of the Department of Home Affairs, Mr Michael Pezzullo, raised the issue of anonymising browsing technology being used on the dark web. Mr Pezzullo explained that while encryption barriers for law enforcement were overcome to some degree by the telecommunications amendments a year ago, there remained a number of key issues relating to anonymising technologies which were yet to be addressed by Parliament. Mr Pezzullo noted that law enforcement can view criminal content to some extent, but anonymising browsing technology prevents identification of the location or source of the material.60
4.48
To further enhance the AFP's and ACIC's ability to combat online crime, the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 (the SLAID Bill) was introduced to the House of Representatives in December 2020.61 The SLAID Bill introduces three new powers for the AFP and the ACIC to collect intelligence, conduct investigations, and disrupt and prosecute serious criminal online activity. The powers include:
Data disruption warrants which will allow the disruption of data through modification and deletion to frustrate the commission of serious offences, such as the distribution of child abuse material.
Network activity warrants which will allow the collection of intelligence on serious criminal activity carried out by criminal networks operating online.
Account takeover warrants which will allow the control of a person’s online account to gather evidence about criminal activity to further a criminal investigation.62
4.49
The Department of Home Affairs noted in its submission to the Parliamentary Joint Committee on Intelligence and Security's (PJCIS) review of the SLAID Bill, that:
While the powers introduced by that [Assistance and Access Act 2018] have significantly assisted Australia’s law enforcement, security and intelligence agencies to tackle online criminal threats, more must be done to provide the AFP and the ACIC with effective powers of response in the fight against cyber-enabled crime.63
4.50
At the public hearing on the AFP's Annual Report 2019–20, Commissioner Kershaw highlighted the importance of the SLAID Bill to law enforcement. In regards to combatting serious and organised crime, he stated it will make sure the AFP 'have the necessary powers to be able to break through and identify, disrupt and take action and collect intelligence'.64
4.51
At the time of writing, the PJCIS inquiry into the SLAID Bill is ongoing and a reporting date is yet to be set.

Addressing cybercrime

4.52
Evidence to the inquiry highlighted that cybercriminals typically act from outside sovereign borders and domestic laws which allow many to elude due process. The boundary-less and anonymous nature of the internet facilitates cybercrime and makes it difficult to criminally prosecute in a court of law.65
4.53
The CSCRC explained that although there are international norms, conventions and treaties which govern cyberspace and state behaviour, the transnational nature of cybercrime remains an impediment to Australian law enforcement.66
4.54
The CSCRC argued that the pandemic has provided an opportunity to ensure that Australia's laws are aligned with developments in cyber threats and law enforcement agencies are equipped to respond to cybercriminal activity.67 The CSCRC recommended legislative change allowing Australian law enforcement agencies lawful access, where appropriate, to data and devices.68
4.55
Similarly, the Australasian Institute of Policing (AiPol) and the DSSC argued that a review of relevant criminal legislation and law enforcement resources is required to address any gaps in facilitating Australia's ability to detect, disrupt and build successful cases for prosecution.69
4.56
In addition to recommendations for legislative reforms, the inquiry received a number of other suggestions to address cybercrime, including:
that further funding be allocated to Australian law enforcement agencies, particularly the ACSC, to combat increased cybercrime;70
that Australia continue to align with its Five Eyes allies and call out harmful cyber behaviours;71
law enforcement could be assisted by the introduction of measures which focus on prevention and early detection;72 and
the development and implementation of education programs to raise awareness of fraud and cybercrime threats.73
4.57
Speaking generally about the rising risks of cyber-enabled crime, while referring to the specific incidence of COVID-related scams, the CSCRC noted that the capacity of law enforcement to tackle such crimes relied heavily on public awareness and the involvement and support of the community. The CSCRC emphasised the value of public awareness campaigns in this regard, particularly to ensure people do not become complacent and start thinking that they are immune to the effects of cybercrime.74
People are front and centre in cybercrime. Unfortunately—I don't have any data on this—it's probably the only type of crime that will touch all of us in some way during our lives. Most of us are quite removed from crime, but this will touch us in some way. We're a soft victim. Attempts are made all the time, and that's part of the challenge. It's a community thing, and all of us are involved in finding the solution.75

Cybersecurity policy

4.58
The Australian Cyber Security Strategy 2020 'outlines what the federal government sees as the responsibilities of government, business and the community and actions in relation to each'.76 It aims to ensure 'a more secure online world for Australians, their businesses and the essential services upon which we all depend'.77
4.59
The strategy identified that cyber threats continue to evolve rapidly, Australians are more connected than ever before, and the COVID-19 pandemic has shown the importance of secure online connectivity. Moreover, as a result of measures within the strategy, law enforcement agencies will be given greater ability to target criminal activity and protect Australians online.78
4.60
The strategy will invest $1.67 billion over 10 years to address the most urgent issues, particularly to achieve the following:
protect and actively defend critical infrastructure;
new ways to investigate and shut down cybercrime, including on the dark web;
stronger defences for Government networks and data;
greater collaboration to build Australia’s cyber skills pipeline;
increased situational awareness and improved sharing of information;
stronger partnerships with industry through the Joint Cyber Security Centre program;
advice for small and medium enterprises to increase their cyber resilience;
clear guidance for businesses and consumers about securing Internet of Things devices;
establish a 24/7 cyber security advice hotline for SMEs and families; and
improved community awareness of cyber security threats.79
4.61
Following the release of the strategy, the Department of Home Affairs (in consultation with relevant agencies, governments, and stakeholders) is expected to develop the next National Plan to Combat Cybercrime.80

Mitigation methods

4.62
In addition to Taskforce Iris as mentioned above, evidence to the inquiry indicated that Australian government agencies implemented a range of measures to address the increase in scams and fraud.
4.63
The ACCC has been analysing COVID-19–related scams to identify trends, monitor financial losses and inform scam prevention strategies.81 It has also been working to address scam activity by engaging in disruption, awareness-raising and sharing intelligence with businesses and other government agencies. The ACCC were involved in refining approaches to communications with the public that reduce the likelihood that scammers can impersonate government agencies.82
4.64
Meanwhile, the ASD has been working with law enforcement partners to disrupt or prevent cybercrime activity. It disrupted over 170 malicious COVID-19 themed websites with assistance from industry bodies and undertook an offensive cyber campaign against offshore cybercriminals to disable their access to online infrastructure and stolen information.83
4.65
Taskforces have been operating across Commonwealth agencies to coordinate and refine approaches to scams and fraud.84 For example:
The Serious Financial Crime Taskforce85 to combat cybercrime against the Australian tax and superannuation systems as well as crimes targeting the Commonwealth Coronavirus Economic Response Package.86
The AFP and the Attorney-General’s Department established a temporary COVID-19 Counter Fraud Taskforce which concluded on 30 June 2020.87 It used existing capabilities to combat serious and organised crime that attempted to exploit Commonwealth funded programs. The AFP continues to investigate reports of fraud relating to COVID-19 measures and other Commonwealth funded programs under Operation Ashiba.88
The AFP and Services Australia established an Anti-Fraud Investigations Taskforce (Taskforce Iris) to target individuals and groups planning to defraud the government's stimulus measures.89 As part of Taskforce Iris, Operation Bowmore Aqua investigated organised cyber-enabled crime targeting the early access to superannuation scheme. The AFP identified
107 victims, with the estimated value of the fraud exceeding $1 million. The AFP undertook proceeds of crime recovery action, preventing access to
166 fraudulent bank accounts with funds totalling $226,044. A further
98 bank accounts were identified as being held in false names or otherwise linked to the offending.90
The Department of Home Affairs has been assisting Services Australia and the ATO to verify identities for JobKeeper and JobSeeker payments. From January to June 2020, the Document Verification Service91 had processed over 33.5 million transactions, more than 65 per cent of the 50 million transactions conducted in all of 2019.92
4.66
Clearly, government agencies have achieved significant operational success in addressing fraudulent activity during the pandemic. However, the Home Affairs Portfolio pointed out that specific reforms are required to protect against identity-related fraud when traditional methods are challenged. It explained that work is underway to enhance the government's Digital Identity Service to create trusted digital credentials using the Face Verification Service (FVS). The Home Affairs Portfolio is working with jurisdictions to deliver national coverage of the FVS, which is subject to the passage of the Identity-Matching Services Bill 2019 currently before Parliament.93

Committee view

4.67
Cybercrime during the COVID-19 pandemic has been dynamic. The committee commends the work of Australian law enforcement agencies and partners in addressing cybercrime and increased cyber risks. It also acknowledges the rapid response of Commonwealth agencies in establishing joint taskforces to counter cybercrime and fraud, and appreciates their proactive and effective work.
4.68
Evidence to the inquiry has detailed how cybercriminals have adapted quickly to take advantage of the increased numbers of people and businesses relying on digital technology to work, interact and complete financial transactions during the pandemic. Cybercriminals have demonstrated they are adept at exploiting vulnerabilities, and especially impersonating the government by rapidly amending scams to align with government messaging on COVID-19.
4.69
Although there have been some examples of fraudulent attempts, and actual fraud of the federal government’s economic stimulus measures, thankfully it has not been widespread. The robust mechanisms implemented by agencies to detect and prevent criminal activity have been successful in limiting fraudulent behaviour. However, the committee would like to see law enforcement agencies continue to prevent scams and fraud targeting COVID19 government economic stimulus measures, and educate the public on scams and fraud through campaigns.

Recommendation 4

4.70
The committee recommends the Australian Government undertake public education campaigns on the prevalence and risks of scams and fraud.
4.71
The committee is deeply concerned about reports that there has been a significant rise in online child sexual abuse during the pandemic. The impact of the COVID-19 pandemic, including movement restrictions, increased online activity and related socio-economic factors, has amplified the risks of vulnerable children being sexually exploited.
4.72
The committee praises the work of law enforcement and intelligence agencies to counter online child sexual exploitation. The committee notes the range of activities law enforcement is involved in to tackle the horrific crime, including early intervention and awareness-raising, international collaboration and information sharing with international counterparts and important initiatives such as the recent 'Stop Child Abuse–Trace An Object' campaign.94
4.73
However, law enforcement agencies have warned governments of the rising use of encrypted communications by OCGs and perpetrators of online child sexual abuse for many years. Although the use of encrypted communications by criminals is not new, the COVID-19 pandemic has demonstrated how malicious actors can rapidly adapt their activities to suit any environment or social setting and enhance their success rate. Encrypted communications and anonymising technologies continue to challenge law enforcement and impact their ability to access communications, conduct investigations and prevent criminal activity.
4.74
The committee acknowledges that encrypted communications and anonymising browsing technologies protect the privacy and data of Australians. However, the committee is concerned that these technologies present significant challenges for law enforcement and prevent successful operational outcomes. Additionally, the move by popular unencrypted chat applications to become end-to-end encrypted within a number of years, poses a substantial risk of criminals and paedophiles abusing these platforms to carrying out illegal and heinous acts. Noting that the SLAID Bill is currently being considered by the PJCIS, the committee expresses its preliminary support for the Bill. The SLAID Bill enhances the options available to the AFP and ACIC to target, uncover and combat criminals who use the dark web, encrypted communications and anonymising technologies to conduct and disguise their illicit activities.

Recommendation 5

4.75
The committee recommends that the Australian Government consider whether new legislation is needed to address the rapidly evolving use of end-to-end encryption and anonymising technologies by organised crime groups, and ensure greater prospects of successful prosecution of those involved in malicious cyber activity.
4.76
The committee was pleased to see that the Australian Cyber Security Strategy was released in August 2020 that boosted funding to address key concerns such as workforce shortages, information sharing, public advice, and greater collaboration between agencies.
4.77
The committee supports the introduction of legislation that empowers Australian law enforcement agencies in combatting cybercrime. The committee acknowledges the challenges law enforcement face due to the anonymity of cybercrime and the borderless cyberspace. To further support law enforcement agencies to combat cybercrime, and successfully detect, disrupt and build cases for prosecution, the committee see that there is a clear need to review current criminal legislation and law enforcement resources to identify any gaps that may hinder the successful prosecution of those involved in malicious cyber activity.

  • 1
    Australian Federal Police, Cybercrime, www.afp.gov.au/what-we-do/crime-types/cyber-crime (accessed 18 November 2020); and Department of Home Affairs, Cybercrime and identity security, www.homeaffairs.gov.au/about-us/our-portfolios/criminal-justice/cybercrime-identity-security (accessed 18 November 2020).
  • 2
    For example, see: Cyber Security Cooperative Research Centre, Submission 6, p. 7; and Cat Barker, Monica Biddington, Nicole Brangwin, Helen Portillo-Castro and Tyson Wils, Cybersecurity, cybercrime and cybersafety: a quick guide to key internet links, Parliamentary Library, Research Paper Series 2018–19, 1 April 2019, p. 5, www.aph.gov.au/About_Parliament/Parliamentary_Departments/Parliamentary_Library/pubs/rp/rp1819/Quick_Guides/CybersecurityCybercrimeCybersafety
    , (accessed 18 November 2020).
  • 3
    Australian Signals Directorate, Submission 15, p. 2.
  • 4
    ReportCyber is an online tool that enables the community to report cybercrimes incidents such as; cyber abuse, online image abuse, online shopping fraud, fraud, identity threat, email compromise, ransomware and malware. These reports are referred to the relevant federal, state or law enforcement agency for assessment.
  • 5
    Australian Signals Directorate, Submission 15, p. 1.
  • 6
    Department of Home Affairs, Australia’s Cyber Security Strategy 2020, August 2020, p. 10, www.homeaffairs.gov.au/cyber-security-subsite/files/cyber-security-strategy-2020.pdf, (accessed 18 November 2020).
  • 7
    Australian Signals Directorate, Submission 15, p. 2.
  • 8
    Department of Home Affairs, Australia’s Cyber Security Strategy 2020, August 2020, p. 10, (accessed 18 November 2020).
  • 9
    Australian Signals Directorate, Submission 15, p. 2 and Ms Rachael Falk, Chief Executive Officer, Cyber Security Cooperative Research Centre, Committee Hansard, 28 August 2020, p. 9.
  • 10
    Department of Security Studies and Criminology, Macquarie University, Submission 7, p. 1.
  • 11
    Europol, 'Pandemic profiteering: how criminals exploit the COVID-19 crisis', 27 March 2020, p. 3, www.europol.europa.eu/publications-documents/pandemic-profiteering-how-criminals-exploit-covid-19-crisis (accessed 21 September 2020) and United Nations Office on Drugs and Crime, 'Cybercrime and COVID19: Risks and Responses', 14 April 2020, pp. [1]–[2], www.unodc.org/documents/Advocacy-Section/UNODC_-_CYBERCRIME_AND_COVID19_-_Risks_and_Responses_v1.2_-_14-04-2020_-_CMLS-COVID19-CYBER1_-_UNCLASSIFIED_BRANDED.pdf (accessed 21 September 2020) and Europol, 'Catching the virus: cybercrime, disinformation and the COVID-19 pandemic', 3 April 2020, p. 4, www.europol.europa.eu/publications-documents/catching-virus-cybercrime-disinformation-and-covid-19-pandemic (accessed 21 September 2020).
  • 12
    Cyber Security Cooperative Research Centre, Submission 6, p. 4.
  • 13
    Western Australia Police Force, Submission 13, p. 5.
  • 14
    For example, see: Cyber Security Cooperative Research Centre, Submission 6, p. 4; Australian Signals Directorate, Submission 15, p. 3 and Australasian Institute of Policing, Submission 19, p. 3.
  • 15
    Cyber Security Cooperative Research Agency, Submission 6, p. 4 and Home Affairs Portfolio, Submission 16, p. 2.
  • 16
    Dr Shumi Akhtar, University of Sydney, Submission 24, pp. 1–2.
  • 17
    Australian Signals Directorate, Submission 15, p. 2.
  • 18
    Australian Signals Directorate, Submission 15, p. 4 and Australian Federal Police, Submission 4, p. 4.
  • 19
    Australian Cyber Security Centre, Annual Cyber Threat Report—July 2019 to June 2020,
    3 September 2020, p. 10, www.cyber.gov.au/sites/default/files/2020-09/ACSC-Annual-Cyber-Threat-Report-2019-20.pdf (accessed 4 April 2021).
  • 20
    Australian Signals Directorate, Submission 15, p. 3.
  • 21
    Australian Signals Directorate, Submission 15, p. 4.
  • 22
    Australian Signals Directorate, Submission 15, p. 4.
  • 23
    Cyber Security Cooperative Research Centre, Submission 6, pp. 4–5.
  • 24
    Cyber Security Cooperative Research Centre, Submission 6, pp. 4–5.
  • 25
    For example, see: Australian Signals Directorate, Submission 15, p. 4; Australian Securities and Investments Commission, Submission 10, p. 5 and Australian Competition and Consumer Commission, Submission 12, p. 1.
  • 26
    Scamwatch provides information to consumers and small businesses about how to recognise, avoid and report scams.
  • 27
    Australian Competition and Consumer Commission, Submission 12.1, p. 1.
  • 28
    Australian Securities and Investments Commission, Submission 10, p. 5.
  • 29
    Australian Competition and Consumer Commission, Submission 12, p. 2.
  • 30
    Australian Signals Directorate, Submission 15, p. 2.
  • 31
    Australian Securities and Investments Commission, Submission 10, p. 5 and Australian Securities and Consumer Commission, Submission 12, p. 1.
  • 32
    Australian Securities Investments Commission, Submission 10, p. 4.
  • 33
    Home Affairs Portfolio, Submission 16, p. 2.
  • 34
    Australian Tax Office, Submission 23, p. 5.
  • 35
    Mr Brett Pointing, Deputy Commissioner, Operations, Australian Federal Police, AFP Annual Report 2019-20, Committee Hansard, 12 April 2021, p. 12.
  • 36
    Mr Brett Pointing, Deputy Commissioner, Operations, Australian Federal Police, AFP Annual Report 2019-20, Committee Hansard, 12 April 2021, p. 12.
  • 37
    For example, see: Home Affairs Portfolio, Submission 16, pp. 2–3, and Australian Federal Police, Submission 4, p. 4.
  • 38
    Home Affairs Portfolio, Submission 16, p. 3.
  • 39
    Home Affairs Portfolio, Submission 16, p. 3.
  • 40
    Home Affairs Portfolio, Submission 16, p. 3.
  • 41
    Home Affairs Portfolio, Submission 16, p. 3.
  • 42
    Home Affairs Portfolio, Submission 16, p. 3.
  • 43
    Interpol, COVID-19 impacts—Threats and trends: Child sexual exploitation and abuse, September 2020, p. 4, www.interpol.int/en/News-and-Events/News/2020/INTERPOL-report-highlights-impact-of-COVID-19-on-child-sexual-abuse, (accessed 24 March 2021).
  • 44
    Western Australia Police Force, Submission 13, p. 6.
  • 45
    Interpol, COVID-19 impacts—Threats and trends: Child sexual exploitation and abuse, September 2020, p. 4, www.interpol.int/en/News-and-Events/News/2020/INTERPOL-report-highlights-impact-of-COVID-19-on-child-sexual-abuse, (accessed 24 March 2021).
  • 46
    Australian Federal Police, Submission 4, pp. 4–5.
  • 47
    Australian Federal Police, AFP Annual Report 2019-20, p. 20, (accessed 5 May 2021).
  • 48
    Mr Brett Pointing, Deputy Commissioner, Operations, Australian Federal Police, AFP Annual Report 2019-20, Committee Hansard, 12 April 2021, p. 3.
  • 49
    Australian Federal Police, Submission 4, p. 5.
  • 50
    Australian Federal Police, AFP Annual Report 2019-20, p. 21, (accessed 5 May 2021).
  • 51
    Australian Federal Police, Submission 4, p. 4–5.
  • 52
    Australian Federal Police and New South Wales Police Force, 'Operation Arkstone Update: Additional 152 charges laid against Sydney man', Joint Media Release, 18 March 2021, www.afp.gov.au/news-media/media-releases/operation-arkstone-update-additional-152-charges-laid-against-sydney-man, (accessed 6 May 2021).
  • 53
    End-to-end encryption is a method of secure communication where only the communicating users can read data transferred from one end system or device to another.
  • 54
    Anonymisation refers to the process of removing both direct and indirect personal identifiers that may lead to the identification of an individual.
  • 55
    Mr Michael Phelan, Chief Executive Officer, Australian Criminal Intelligence Commission, ACIC CEO Press Club Address—Child Exploitation, 19 February 2020, www.acic.gov.au/media-centre/media-releases-and-statements/acic-ceo-press-club-address-child-exploitation (accessed
    6 May 2021).
  • 56
    Commissioner Reece Kershaw, Australian Federal Police, National Press Club address,
    22 July 2020, www.afp.gov.au/news-media/national-speeches/national-press-club-address-22-july-2020 (accessed 6 May 2021).
  • 57
    New South Wales Crime Commission, Submission 27, p. 3.
  • 58
    New South Wales Crime Commission, Submission 27, p. 9.
  • 59
    Explanatory Memorandum, Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, p. 2.
  • 60
    Mr Michael Pezzullo AO, Secretary, Department of Home Affairs, Committee Hansard,
    28 August 2020, p. 48.
  • 61
    Explanatory Memorandum, Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, p. 2.
  • 62
    Department of Home Affairs, Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020—New powers proposed for the AFP and ACIC, 17 December 2020, www.homeaffairs.gov.au/about-us/our-portfolios/national-security/lawful-access-telecommunications/surveillance-legislation-amendment-identify-and-disrupt-bill-2020, (accessed 6 May 2021).
  • 63
    Department of Home Affairs, Parliamentary Joint Committee on Intelligence and Security, Review of the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, Submission 9, p. 4.
  • 64
    Commissioner Reece Kershaw, Australian Federal Police, AFP Annual Report 2019-20, Committee Hansard, 12 April 2021, p. 5.
  • 65
    For example, see: Cyber Security Cooperation Research Centre, Submission 6, p. 7 and Australasian Institute of Policing, Submission 19, p. 3.
  • 66
    Cyber Security Cooperation Research Centre, Submission 6, p. 7.
  • 67
    Cyber Security Cooperative Research Centre, Submission 6, p. 3.
  • 68
    Cyber Security Cooperation Research Centre, Submission 6, p. 7
  • 69
    Department of Security Studies and Criminology, Macquarie University, Submission 7, p. 3 and Australasian Institute of Policing, Submission 19, p. 3.
  • 70
    Australasian Institute of Policing, Submission 19, p. 5.
  • 71
    Cyber Security Cooperation Research Centre, Submission 6, p. 6.
  • 72
    Department of Security Studies and Criminology, Macquarie University, Submission 7, p. 2.
  • 73
    Department of Security Studies and Criminology, Macquarie University, Submission 7, p. 2 and Ms Rachael Falk, Chief Executive Officer, Cyber Security Cooperation Research Centre,
    Committee Hansard, 28 August 2020, p. 13.
  • 74
    Ms Rachael Falk, Chief Executive Officer, Cyber Security Cooperation Research Centre,
    Committee Hansard, 28 August 2020, pp. 12 and 14.
  • 75
    Ms Rachael Falk, Chief Executive Officer, Cyber Security Cooperation Research Centre,
    Committee Hansard, 28 August 2020, p. 12.
  • 76
    Cat Baker, Cyber Security Strategy, Budget Review 2020-21 Index, October 2020, www.aph.gov.au/About_Parliament/Parliamentary_Departments/Parliamentary_Library/pubs/rp/BudgetReview202021/CyberSecurityStrategy, (accessed 2 April 2021).
  • 77
    Department of Home Affairs, Australia’s Cyber Security Strategy 2020, August 2020, p. 4, (accessed 18 November 2020).
  • 78
    Department of Home Affairs, Australia’s Cyber Security Strategy 2020, August 2020, p. 6, (accessed 18 November 2020).
  • 79
    Department of Home Affairs, Australia’s Cyber Security Strategy 2020, August 2020, pp. 6–7, (accessed 18 November 2020).
  • 80
    Department of Home Affairs, Cybercrime and identity security, www.homeaffairs.gov.au/about-us/our-portfolios/criminal-justice/cybercrime-identity-security
    , (accessed 18 November 2020).
  • 81
    Australian Competition and Consumer Commission, Submission 12, p. 1.
  • 82
    Australian Competition and Consumer Commission, Submission 12, p. 2.
  • 83
    Australian Signals Directorate, Submission 15, p. 3.
  • 84
    For example, see: Australian Federal Police, Submission 4, pp. 5–6; Australian Securities and Investments Commission, Submission 10, p. 4; Australian Competition and Consumer Commission, Submission 12, p. 2.
  • 85
    Australian Securities and Investments Commission, Submission 10, p. 4.
  • 86
    Australian Tax Office, Serious Financial Crime Taskforce, www.ato.gov.au/General/The-fight-against-tax-crime/Our-focus/Serious-Financial-Crime-Taskforce/, (accessed 24 November 2020).
  • 87
    The taskforce is led by the ATO. Other agencies involved include AUSTRAC, ACIC, ASIC, ATO, ACCC, National Disability Insurance Agency, National Indigenous Australian’s Agency, Services Australia, Department of Education, Department of Home Affairs, Commonwealth Director of Public Prosecutions and Department of Agriculture, Water and the Environment.
  • 88
    Australian Federal Police, Submission 4, pp. 5–6.
  • 89
    Home Affairs Portfolio, Submission 16, p. 6.
  • 90
    Australian Federal Police, AFP Annual Report 2019-20, p. 20, www.transparency.gov.au/annual-reports/australian-federal-police/reporting-year/2019-20, (accessed 5 May 2021).
  • 91
    The Document Verification Service checks whether the biographic information on an individual's identity document matches the original record. It is used to prevent identity crime.
  • 92
    Home Affairs Portfolio, Submission 16, p. 8.
  • 93
    Home Affairs Portfolio, Submission 16, p. 9.
  • 94
    'Stop Child Abuse – Trace An Object' is a public appeal to help law enforcement identify children who are victims of sexual abuse.

 |  Contents  |