The end of November 2014 was an important time in the cyber security space in Australia. The Minister for Justice Michael Keenan launched the Australian Cybercrime Online Reporting Network (the ACORN), a reporting system for individuals and small businesses; the Prime Minister announced the opening of the Australian Cyber Security Centre, an important resource for government agencies and medium to large businesses; and the Department of the Prime Minister and Cabinet began a cyber security review process, the first since 2008.
These three major initiatives are all significant steps in our fight against cybercrime. However, what cannot be denied is the fact that one of the most important weapons we have to combat cybercrime is a cyber-literate public. Australians and Australian businesses need to understand how to stay safe online, how to engage in the digital economy and how to report an incident when it occurs.
In its first four months, the ACORN has already gone a long way to helping achieve these goals. With over 13,000 reports received, the police agencies and government organisations are starting to build the much needed picture of the types of cybercrime affecting Australians and Australian businesses.
But this is only the start. The major challenge we all face in the cybercrime space is its ever evolving nature. As a government and as individuals, we are in a constant battle with cybercriminals. Where we are trying to prevent and defend, cybercriminals are coming up with new ways to get around the systems. An unfortunately, it doesn’t require sophisticated skill – the availability of cybercrime toolkits has lowered the entry bar for new players. There is a flourishing underworld economy in online black markets, offering anyone the opportunity to commit cybercrimes.
As a result, cybercrime poses significant challenges for law enforcement. The nature of the internet – relative anonymity, its global nature, the speed and volume of transactions – challenges traditional law enforcement.
That is why a paradigm shift is needed in the way we deal with cybercrime. The borderless nature of cybercrime means that no jurisdiction can effectively tackle it in isolation – it requires a coordinated national approach. The ACORN provides a framework for government and law enforcement agencies to have greater co-operation with each other in the investigation of cybercrime. It extends the scope of existing jurisdictional capabilities.
Although the ACORN is proving to be a successful tool in helping law enforcement agencies overcome these challenges, we won’t be successful in our fight against cybercrime if we don’t develop a better understanding of the problem. And that extends beyond government- we also need the public to shift their thinking about what cybercrime actually is and how cybercriminals work.
It is with this in mind that the ACORN will present a piece addressing the emerging ransomware cases affecting Australians in next month’s issue of the Australian Security Magazine. With the lucrative syndicate behind CryptoLocker being shut down by the US Department of Justice in 2013, ransomware is evolving and Australians are being targeted.