AUSTRALIA'S GOAL:

Stronger cybercrime prevention, prosecution and cooperation, with a particular focus on the Indo-Pacific

TO ACHIEVE THIS GOAL, AUSTRALIA WILL:

  • Raise cybercrime awareness in the Indo-Pacific
  • Assist Indo-Pacific countries to strengthen their cybercrime legislation
  • Deliver cybercrime law enforcement and prosecution capacity building in the Indo-Pacific
  • Enhance diplomatic dialogue and international information sharing on cybercrime
Cybercrime icon

Australia's economic prosperity and high adoption of technology mean we will remain an attractive target for cybercriminals in coming years. Cybercriminals are constantly adapting and evolving their techniques to exploit new technologies and defeat network defences. This tests the capacity of law enforcement agencies to adapt and respond. Australia will remain vigilant to the changing cybercrime threat environment in order to safeguard our economic interests.

As the volume and sophistication of cybercrime continues to grow, so too do its costs. It has been estimated that up to US$1.02 trillion in global economic growth will not be realised if we allow cybercrime to undermine public confidence in the digital domain. Addressing cybercrime in our region will create a safer commercial environment in which businesses can grow.

Cybercrime

Cybercrime is a low-risk, high-return criminal enterprise in which individuals and groups of actors leverage cyberspace for financial gain or other malicious ends. In Australia, the term cybercrime refers to crimes directed at computers, such as illegally modifying electronic data or seeking a ransom to unlock a computer affected by malicious software. It also includes crimes where computers facilitate an existing offence, such as online fraud or online child sex offences.

The vast majority of cybercrime targeting Australia originates overseas. Cybercrime is a global threat, but our region is particularly vulnerable. Countries in the region lose a third more business revenue to cybercrime than those in the European Union or North America.

Collectively, our region is only as resilient as our weakest link. Cybercriminals look to exploit the vulnerabilities of states in the early stages of developing the legislative and technical capabilities needed to fight cybercrime. These cybercrime safe havens are countries through or from which malicious cyber actors can conduct criminal operations with a very low risk of being identified, arrested, investigated, extradited or prosecuted.

In 2016, more than half of the world's netizens were found in the Indo-Pacific. But only 1.8 billion of the region's 4.1 billion people are yet online. This digital potential combined with the spread of ICT infrastructure and smart phone technology will produce a growing target audience for cybercriminals to exploit. It is in Australia's interest to help our neighbours improve their ability to prevent and respond to cybercrime. Doing so will underpin regional economic growth and create a safer environment in which Australian businesses can prosper.

Cybercriminals operate globally, so Australia will respond in kind. We will deepen bilateral, regional and global partnerships to increase cooperation and build our collective capacity to combat this threat. Cybercrime is a shared challenge and Australia encourages other countries to take an active role in initiatives that address this international issue.

Collaborative efforts to shut down safe havens complement Australia's ongoing national efforts to protect Australians from the harm of cybercriminals. The 2016 Cyber Security Strategy committed the Government to enhance Australia's ability to respond to cyber security threats, including cybercrime. In 2017, the Government directed the Australian Signals Directorate (ASD) to use its offensive cyber capabilities to disrupt, degrade, deny and deter organised offshore cybercriminals. This capability is subject to stringent oversight, and consistent with domestic law and our obligations under international law. Strong cyber defences and law enforcement measures will continue to sit at the forefront of our response to cybercrime threats.

Australia embraces a comprehensive strategy of strong cyber defences, regional capacity building and national law enforcement efforts in its fight against cybercrime.

Raise cybercrime awareness in the Indo-Pacific

Individuals are at risk of falling victim to cybercrime if they don't understand online risks and the techniques used by cybercriminals. For this reason, public education, awareness and the development of basic cyber skills is a fundamental building block in the prevention of cybercrime, and an essential first step in undermining the success of cybercriminals in our region.

Increasing connectivity in the Indo-Pacific means that our region is home to a vast number of first-time Internet users. As these new users come online, it is important that they are equipped with the awareness needed to enjoy the benefits of the Internet safely. Cyber security education is necessary to inform people of good cyber security practices, such as avoiding the use of pirated software that cybercriminals can exploit to gain access to personal devices.

Australia is committed to improving cybercrime awareness levels in our region. Cyber Safety Pasifika (CSP) is a cyber safety and cybercrime education program led by the Australian Federal Police (AFP). CSP delivers cyber awareness to Pacific Island countries, including Tonga, Nauru, Cook Islands, Federated States of Micronesia, Marshall Islands, Papua New Guinea, Samoa, Solomon Islands and Vanuatu.

CSP provides cybercrime awareness materials and 'train-the-trainer' initiatives to ensure Pacific communities are equipped to identify cybercrime risks and engage safely online. Thanks to a 2017 program update, there are now 13 police officers from nine Pacific countries ready to train their colleagues and deliver up to date cybercrime education curriculums to schools and community groups across the region.

Private sector engagement on cybercrime awareness raising

The private sector has an important role to play in raising cybercrime awareness. Australian companies doing business around the region are well placed to contribute their good reputation, invaluable networks of contacts and contextual understanding to the effort. Australia will create public-private partnerships focused on improving regional awareness of cybercrime risks. This will not only be an important force multiplier but will also reinforce the message that cybercrime is a joint challenge that government and business must address together.

AUSTRALIA WILL:

3.01 - Deliver cybercrime awareness training across the Indo-Pacific through public-private partnerships and the refreshed Cyber Safety Pasifika program

Assist Indo-Pacific countries to strengthen their cybercrime legislation

Raising public awareness will not prevent all cybercrime. Another effective way to respond to cybercrime is through a combination of stronger domestic legislative frameworks within countries and greater harmonisation of cybercrime legislation between countries.

Australia is committed to working with partners in the region to help strengthen their legal frameworks to address cybercrime. Robust cybercrime legal frameworks increase the risk of prosecution for would-be cybercriminals. Strengthening cybercrime legislation raises the cost of 'business' for cybercriminals and is an important way of preventing cybercrime safe havens in our region.

Similarly, Australia advocates for the harmonisation of legal frameworks – that is, having similar conduct criminalised in all jurisdictions – to facilitate international cooperation on cybercrime. This ensures that criminals cannot evade justice by simply crossing borders.

The Budapest Convention

Australia has been a party to the Council of Europe Convention on Cybercrime (the Budapest Convention) since 2013. It is a valuable mechanism to strengthen international cooperation on cybercrime, particularly through its provisions on mutual legal assistance. Countries are able to work together more effectively on trans-border investigations and prosecutions when domestic legal and law enforcement operational frameworks are harmonised in line with the provisions of the Budapest Convention. Reciprocal arrangements such as mutual legal assistance and intelligence sharing continue to be a critical mechanism for combatting cybercrime. Australia is keen to work with other countries to streamline these processes.

Australia works with countries in the region interested in acceding to the Budapest Convention by helping them achieve the required legislative reform. For example, substantial support from the Attorney-General's Department contributed to Tonga's recent accession to the Convention (see Supporting Stronger Cyber Crime Legislation in Tonga, below).

Australia will actively participate in the development of an Additional Protocol to the Budapest Convention on trans-border access to information. The Protocol will further articulate cooperation requirements between jurisdictions on providing access to electronic information, within appropriate conditions and safeguards. This will facilitate more effective mutual legal assistance through direct cooperation with service providers and between judicial authorities, joint investigation frameworks, and development of emergency assistance procedures. Australia is a member of the Drafting Group for the establishment of the Additional Protocol.

Supporting stronger cybercrime legislation in Tonga

Australia worked closely with Tonga to strengthen its legislative capacity to respond to cybercrime threats and meet the obligations of the Budapest Convention by:

  • facilitating a gap analysis of Tonga's legislation against the requirements of the Budapest Convention with an official from Tonga's Attorney General's Office (AGO) in 2014 through the Pacific Legal Policy Development Twinning Program;
  • working with Tonga's AGO to draft a Computer Crimes Bill that ensured Tonga's legislation met its obligations under the Budapest Convention; and
  • assisting Tonga's AGO with its consultations on the new Computer Crimes Bill prior to its introduction to Parliament during 2017.

Assisted by this collaboration, on 9 May 2017 Tonga became the first Pacific Island country to accede to the Budapest Convention. Tonga's experience and new legislative framework will provide a valuable model for other countries in the region.

Pacific Islands Law Officers' Network

Australia is also helping regional neighbours strengthen their cybercrime legislation by working with the Pacific Islands Law Officers' Network (PILON). PILON is a network of senior law officers from across the region that addresses law and justice issues common to Pacific countries. PILON's Strategic Plan 2016–2018 recognises cybercrime as a priority legal issue. Through the network, Australia advocates for the broad adoption of the Pacific Forensic Model Provisions, which provide a consistent framework for the collection and use of electronic evidence. Australia will support future PILON activities in this area, building on its funding of the Pacific Cybercrime Workshop held in Tonga during May 2017 in partnership with PILON, the Tongan Government, and the Council of Europe.

This initiative is complemented by the 2017 expansion of Cyber Safety Pasifika (CSP). The program now includes legislation and policy development activities, with Australia working in partnership with PILON and the Pacific Islands Chiefs of Police.

Australia will also support the Council of Europe's Global Action on Cybercrime Extended capacity building project (GLACY+) and Cybercrime@Octopus project that supports the adoption and implementation of the Budapest Convention in the Indo-Pacific.

AUSTRALIA WILL:

3.02 - Promote the Budapest Convention as a best practice model for legislative responses to cybercrime and support accession to the Convention across the Indo-Pacific

3.03 - Be active in the negotiation of an Additional Protocol to the Budapest Convention on trans-border access to information

3.04 - Work with PILON to help strengthen cybercrime legislation in the region

Deliver cybercrime law enforcement and prosecution capacity building in the Indo-Pacific

Cybercrime legislation is not effective without the ability to enforce it. Australia is safer when countries in our region have the capacity to respond to cybercrime. Australia is committed to increasing the capacity of Indo-Pacific law enforcement agencies, prosecutors and judges.

The capacity of countries to investigate and prosecute cybercrime varies greatly in the Indo-Pacific. While some are leading in high-tech policing, others have only a nascent capability. Australia is working to close that gap.

Through its recently expanded Cyber Safety Pasifika (CSP) program, the AFP is actively partnering with law enforcement agencies in the region to enhance their capacity to address cybercrime. In partnership with the Federal Bureau of Investigation's (FBI) Legal Attaché Office in Canberra, the AFP coordinated a pilot three-day Cyber Investigations Skills Course for multiple Pacific Island countries in March 2017. The pilot, held in Brisbane, equipped 20 participating officers with basic cyber investigation skills including open source intelligence techniques. Through CSP, the AFP will continue to enhance the skills of Pacific police officers to manage cybercrime investigations.

The AFP also delivers cyber capacity building in the region through its support for the Jakarta Centre for Law Enforcement Cooperation (see below).

Jakarta Centre for Law Enforcement Cooperation (JCLEC)

The JCLEC is a not-for-profit social enterprise in Semarang, Indonesia, jointly owned by the Indonesian National Police (INP) and the Australian Federal Police (AFP). The centre is supported by a broad range of public sector, civil society and private sector entities from across the world. The JCLEC supports global collaborative efforts to minimise the community harm caused by transnational crime and terrorism.

Since 2004, the JCLEC has facilitated 56 cybercrime capacity building activities for over 1,000 international participants. This has included courses on computer forensics, cybercrime and social media investigations, intelligence gathering and covert online engagement. Workshops delivered by the AFP at the centre have elevated INP's capacity to identify, extract and report on electronic evidence. This new digital forensic investigation capability means that direct operational exchanges can take place between INP and AFP leads.

In addition to skilled law enforcement, a country's prosecution and judiciary need to be equipped to address cybercrime cases effectively. Working together with multilateral partners such as the United Nations Office on Drugs and Crime (UNODC) and the Council of Europe, Australia will support the delivery of cybercrime training courses for prosecutors and judges in Indo-Pacific countries (see Cybercrime Capacity Building with the United Nations Office on Drugs and Crime (UNODC)).

In so doing, Australia will deliver a comprehensive cybercrime capacity building program to the region, tackling cybercrime from awareness, legislation, law enforcement, and prosecution perspectives.

Cybercrime capacity building with the United Nations Office on Drugs and Crime (UNODC)

Australia provided funding for UNODC cybercrime capacity building in Southeast Asia. The five-day training course was delivered in Bangkok during October 2016 to around 30 judges, prosecutors and investigators. The course was aimed towards ASEAN member countries, including Cambodia, Laos, Indonesia, Malaysia, Myanmar, the Philippines, Thailand and Vietnam. The training focused on cybercrime investigation and prosecution (including 'darknet' and hidden web services), hacking, device imaging, handling/using electronic evidence and online child sexual exploitation case investigation.

AUSTRALIA WILL:

3.05 - Provide cybercrime training to law enforcement officers, prosecutors and judges across the Indo-Pacific

Enhance diplomatic dialogue and international information sharing on cybercrime

Australia is committed to collaborating with international partners to fight cybercrime collectively. Working together at the diplomatic and operational levels is critical to ensuring that cybercriminals have limited opportunities to exploit cyberspace for malicious purposes.

Diplomatic dialogue

High-level diplomatic engagement between Australia and its international partners on cybercrime helps generate common understanding and facilitate closer cooperation between counterparts. Cybercrime discussions are prioritised in Australia's diplomatic engagements.

Cybercrime was made a permanent agenda item for the Australia-Indonesia Ministerial Council on Law and Security in February 2017, and was a prominent agenda item at the first Australia-China High Level Security Dialogue in April 2017. Australia also engages actively on the issue in multilateral contexts such as the Pacific Islands Forum, ASEAN Regional Forum and East Asia Summit.

Australia and China 'will work together to counter malicious cyber actors, Internet distribution of child sex abuse material, e-mail scams and other transnational cybercrime activities, as well as to identify through consultation key incidents and carry out joint law enforcements'.
Joint Statement Australia-China High-Level Security Dialogue, Sydney 2017

Private sector engagement in international dialogue on cybercrime

The international and multi-stakeholder nature of cyberspace necessitates broad engagement with global and private sector partners in the fight against cybercrime. The Ambassador for Cyber Affairs will lead delegations to participate in international public-private sector conversations, for example the 2017 INTERPOL World Conference in Singapore. These opportunities promote Australia's cyber security industry and its positive contribution to the global fight against cybercrime.

Information sharing and operational collaboration

Australia complements its high-level diplomatic efforts with cybercrime threat information sharing and cooperation between international counterparts. This enables Australia and our partners to build a stronger threat picture of cybercriminal identities and methodologies, as well as share best practice mitigation.

Australia deploys individuals to partner countries around the globe to deepen information sharing links. The Australian Criminal Intelligence Commission (ACIC) has established two key working-level cyber partnerships. An ACIC Cybercrime Analyst is posted at the FBI International Cyber Crime Coordination Cell in the United States. Another is posted at the National Cybercrime Unit at the United Kingdom's National Crime Authority. These deployments enhance ACIC's ability to attribute real world identities to cybercriminals and develop strategic and operational intelligence products on cybercrime threats. Similarly, the AFP has established dedicated cybercrime liaison positions based in the United States and United Kingdom.

The Australian Transaction Reports and Analysis Centre (AUSTRAC) recently established a Cyber Operations team. This team focuses on the financial aspects of transnational cyber-enabled crime, tracking criminal financial transactions that occur online. The team harnesses established relationships with AUSTRAC partner agencies, FinTech partners and international networks, and develops new relationships with industry. AUSTRAC will continue to collaborate with partner Financial Intelligence Units (FIUs) and participate in international forums, including the Egmont Group of FIUs, to build its capacity to produce financial intelligence on virtual currencies and cybercrime.

Australia engages strongly with multilateral law enforcement information sharing networks such as INTERPOL and EUROPOL. The INTERPOL National Central Bureau Canberra, hosted by the AFP, is a conduit for the sharing of cybercrime information and intelligence with law enforcement agencies in the 190 INTERPOL member countries. The INTERPOL Global Complex for Innovation in Singapore also hosts an AFP Cybercrime Investigator in a leadership role.

EUROPOL, an intelligence focused support platform for law enforcement, hosts the European Cyber Crime Centre in The Hague in the Netherlands. Australia seconds an AFP Investigator to the centre, which targets technology-enabled serious crime and cyber disruption. The AFP also has a dedicated Cybercrime Liaison Officer based within the EUROPOL Joint Cybercrime Action Task Force. These secondees provide expert support to international efforts, as well as sourcing cybercrime threat information for Australian agencies on a regular basis.

Australia also participates in practical cybercrime cooperation mechanisms such as the International Cyber Crime Operations Summit (ICCOS). This initiative aims to degrade high-level cybercrime capabilities through information sharing and operational collaboration. The ICCOS membership includes Australia, the United States, United Kingdom, Canada, New Zealand, Germany, Netherlands, France and EUROPOL. The collaborative group was responsible for the takedown of the Avalanche cybercriminal infrastructure in December 2016, judged to be the largest and most successful international operation of its kind to date.

The Five Eyes Law Enforcement Group Cyber Crime Working Group, held in conjunction with the ICCOS, is another framework through which Australia cooperates on cybercrime. Through the group, the United States, United Kingdom, Canada, New Zealand and Australia share operating pictures and best practice approaches, maximise resources and act as an operational force multiplier in the fight against cybercrime.

AUSTRALIA WILL:

3.06 - Seek further opportunities to participate in strategic-level engagement on combatting transnational cybercrime

3.07 - Share cybercrime threat information and enhance operational collaboration with international partners to fight transnational cybercrime

2. Cyber security
4. International security & cyberspace