Home - Parliament of Australia logo

House of Representatives Committees

| House of Representatives Standing Committee on Communications

Navigation: Previous Page | Contents | Next Page

Appendix D — Commonwealth Computer Offences

The following offences are contained in the Commonwealth Criminal Code.

Hacking, malware and denial of service attacks with intent to commit a serious offence - Subsections 477.1(1) and (4)

Knowingly causing unauthorised access to or modification of data held in a computer or unauthorised impairment of an electronic communication to or from a computer with intent to commit a serious offence.[1]

The offence applies where the primary offence, for example of fraud or terrorism, carries a penalty of five years or more or life imprisonment.[2]

The penalty cannot exceed the penalty applicable to the primary offence.

Malware infections - Section 477.2

Knowingly causing an unauthorised modification of data with reckless disregard as to whether the modification impairs or will impair access to, or the reliability, security or operation of other data.

The offence applies to, for example, the use of the Internet to infect a computer with malware (e.g. key loggers, Trojans, viruses, worms).

Penalty: 10 years imprisonment.

Denial of Service Attacks - Section 477.3

Knowingly causing unauthorised impairment of electronic communication to or from a computer involving either (i) the use of a carriage service; or (ii) a Commonwealth computer.

This offence covers cyber attacks, such as denial of service attacks, where a server is inundated with a large volume of emails.

Penalty: 10 years imprisonment.

Hacking password protected data - Section 478.1

Knowingly and intentionally causes unauthorised access to or modification of restricted data. This offence applies where the restricted data is held in a Commonwealth computer or held on behalf of the Commonwealth. It also applies where the conduct is carried out by the means of a carriage service.

This is intended to cover conduct such as hacking into password protected data held by or for the Commonwealth.

Penalty: maximum two years imprisonment.

Damaging data held on a mobile device owned or leased by the Commonwealth - Section 478.2

Knowingly and intentionally causing any unauthorised impairment of the reliability, security or operation of data held on a computer disk, or credit card or other device used to store data by electronic means that is owned or leased by a Commonwealth entity.

This offence includes, for example, damaging a computer disc or credit card by passing a magnet over a credit card.

Penalty: maximum two years imprisonment.

Possession or control of data – Section 478.3

The possession or control of data with intent to commit a computer offence.

This offence is intended to cover the possession of a program or a root-kit that enables a person to hack into another person’s computer system, impair data via a malware infection or impair electronic communications via a DDOS attack.

Penalty: maximum three years imprisonment.

Production and supply of data – Section 478.4

Producing, supplying or obtaining data with intent to commit a computer offence.

This offence is intended to cover the production and/or supply of data to be used in a computer offence.[3]

Penalty: maximum three years imprisonment.

 

 

Senate

House of Representatives

Get informed

Bills

Committees

Get involved

Visit Parliament

Website features

Parliamentary Departments

We acknowledge the traditional owners and custodians of country throughout Australia and acknowledge their continuing connection to land, waters and community. We pay our respects to the people, the cultures and the elders past, present and emerging.

Aboriginal and Torres Strait Islander people are advised that this website may contain images and voices of deceased people.

Back to top