UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris AM APM National Manager, High Tech Crime Operations Australian Federal Police

UNCLASSIFIED Cybercrime: Australian Trends  Cyber crime is now a ubiquitous mainstream & ‘traditional’ crime  5.4 million Australian victims in 2012 at cost of an estimated $AU1.06 billion  Availability of tools required to carry out a cyber attack are widely accessible  Financially motivated crime groups target the financial sector to chase high returns

UNCLASSIFIED Cyber crime: Australian threats  Intelligence shows an increase in cross- platform malware production  Key business targets (such as banking and finance)  Intrusion, modification & denial of service  Data theft  Requirement for target hardening: the AFP is closely aligned with private industry to combat cybercrime through intelligence, information sharing and prevention strategies

UNCLASSIFIED Cybercrime: International Trends Emerging international cybercrime trends:  Multi-platform threats  Social engineering scams – creating level of trust at first  Highly targeted (malware)  Increasing complexity and ingenuity

UNCLASSIFIED The AFP’s Cyber Crime Operations Teams are responsible for investigating significant computer intrusions such as: − Distributed Denial of Service attacks − breaches of major computer systems − collective large scale breaches to harvest personal, business and/or financial data − creating, controlling or distributing malicious software, and − crime which directly impacts critical infrastructure AFP Cyber Crime Operations

UNCLASSIFIED Melbourne Team  Malware deployment and sophisticated malware kits Sydney Team  Threats to banking sector Canberra Teams  Issue Motivated Groups (Hacktivism)  CSOC/ACSC Key common goals  Prosecution  Disruption  Prevention of loss  Intelligence sharing

UNCLASSIFIED Activity Victim Type Commonwealth Government State Government Major financial institution / corporation Small BusinessIndividual Unauthorised intrusion AFPState PoliceAFPState Police HactivismAFPState PoliceAFPState Police Online fraudAFPState Police Identity theftState Police Unauthorised impairment AFPState PoliceAFPState Police Intellectual property AFP Data theftAFPState PoliceAFPState Police Production of malware AFP

UNCLASSIFIED Addressing cybercrime: Challenges & opportunities  Common frameworks or protocols to support investigations  Data sovereignty – where is the data, stored processed and transmitted?  Jurisdictional Issues - Criminal acts can be carried out in Australia from anywhere in the world  Speed at which cyber criminals act and the ease with which digital evidence is destroyed  Way forward: implementation of regulation on metadata retention  Is the Mutual Assistance in Criminal Matters Act 1987 up to the task?

UNCLASSIFIED Policies and Initiatives The Australian government has a number of initiatives and policies including:  Australian Cyber Security Centre  Cyber Security Operations Centre  CERT Australia  The National Plan to Combat Cybercrime  Australian Government Cyber Security Strategy  Australia is also party to the Council of Europe Convention on Cybercrime

UNCLASSIFIED Questions & comments