UNCLASSIFIED
Cybercrime:
The Australian
Experience
Australian Cybercrime Online Reporting Network (ACORN) Conference
Assistant Commissioner Tim Morris AM APM
National Manager, High Tech Crime Operations
Australian Federal Police
UNCLASSIFIED
UNCLASSIFIED
Cybercrime: Australian Trends
 Cyber crime is now a ubiquitous mainstream
& ‘traditional’ crime
 5.4 million Australian victims in 2012 at cost
of an estimated $AU1.06 billion
 Availability of tools required to carry out a
cyber attack are widely accessible
 Financially motivated crime groups target the
financial sector to chase high returns
UNCLASSIFIED
UNCLASSIFIED
Cyber crime: Australian threats
 Intelligence shows an increase in cross-
platform malware production
 Key business targets (such as banking and
finance)
 Intrusion, modification & denial of service
 Data theft
 Requirement for target hardening: the AFP is
closely aligned with private industry to
combat cybercrime through intelligence,
information sharing and prevention strategies
UNCLASSIFIED
UNCLASSIFIED
Cybercrime: International Trends
Emerging international cybercrime trends:
 Multi-platform threats
 Social engineering scams – creating level of
trust at first
 Highly targeted (malware)
 Increasing complexity and ingenuity
UNCLASSIFIED
UNCLASSIFIED
AFP Cyber Crime Operations
• The AFP’s Cyber Crime Operations Teams are
responsible for investigating significant
computer intrusions such as:
− Distributed Denial of Service attacks
− breaches of major computer systems
− collective large scale breaches to harvest
personal, business and/or financial data
− creating, controlling or distributing
malicious software, and
− crime which directly impacts critical
infrastructure
UNCLASSIFIED
UNCLASSIFIED
Melbourne Team
 Malware deployment and sophisticated malware kits
Sydney Team
 Threats to banking sector
Canberra Teams
 Issue Motivated Groups (Hacktivism)
 CSOC/ACSC
Key common goals
 Prosecution
 Disruption
 Prevention of loss
 Intelligence sharing
UNCLASSIFIED
UNCLASSIFIED
Victim Type
Commonwealth
Government
State
Government
Major
financial
institution /
corporation
Unauthorised
intrusion
AFP
State Police
AFP
State Police
State Police
Hactivism
AFP
State Police
AFP
State Police
State Police
Online fraud
AFP
State Police
State
Police
State Police
State Police
Activity
Small Business
Individual
Identity theft
Unauthorised
impairment
State Police
AFP
State Police
Intellectual
property
Data theft
Production of
AFP
State Police
AFP
State Police
AFP
AFP
AFP
State Police
UNCLASSIFIED
AFP
State Police
State Police
UNCLASSIFIED
Addressing cybercrime:
Challenges & opportunities
 Common frameworks or protocols to support





investigations
Data sovereignty – where is the data, stored
processed and transmitted?
Jurisdictional Issues - Criminal acts can be
carried out in Australia from anywhere in the
world
Speed at which cyber criminals act and the ease
with which digital evidence is destroyed
Way forward: implementation of regulation on
metadata retention
Is the Mutual Assistance in Criminal Matters Act
1987 up to the task?
UNCLASSIFIED
UNCLASSIFIED
Policies and Initiatives
The Australian government has a number of initiatives
and policies including:
 Australian Cyber Security Centre
 Cyber Security Operations Centre
 CERT Australia
 The National Plan to Combat Cybercrime
 Australian Government Cyber Security
Strategy
 Australia is also party to the Council of
Europe Convention on Cybercrime
UNCLASSIFIED
UNCLASSIFIED
Questions & comments
UNCLASSIFIED