Australia needs 'Internet Tsunami' to lift cyber security standards: AFP

Australia Federal Police launches new working group to improve collaboration on cyber security

It may take a major event, such as the undermining of one of Australia’s big four banks or an attack on the country’s national information infrastructure, before the Federal Government dedicates the resources needed to combat cyber security, according to the Australian Federal Police (AFP).

Speaking at a cyber security roundtable hosted by F-Secure in Sydney, Neil Gaughan, manager high tech and child protection operations at the AFP, said it would take a “catastrophic event” until resources get were pointed in the right direction.

“When the twin towers were hit in the US, we saw a significant worldwide resourcing placed on [fighting] terrorism,” he said. “As a result of activity happening in Northern Australia, resourcing is being put in place [to fight] people smuggling activity. We need to have a Tsunami on the Internet before the mindset will change.”

According to Gaughan, the lack of focus on cybercrime is due largely to a lack of demand from the public, who should be putting more pressure on the government to combat Internet-based crime. Similarly, Gaughan also said police priorities were not geared toward combating online crime.

“We recently had 300 people involved in cheque and currency fraud activity, and local law enforcement activity involved [in the case] was pretty minimal,” he said. “However, if you had a bomb go off in the middle of the CBD everyone would be involved very quickly.”

“Until the point where the community feels it is being impacted by [cybercrime] there is not going to be an expectation placed on government to do anything about it,” he added.

Along with legislation not keeping pace with the rate of change online, law enforcement agencies are also burdened by processes that hinder cooperation between agencies, both here and overseas, Gaughan said.

On the one hand, individual law enforcement officers had to make use of any informal contacts they had in overseas agencies -- a “who knows who in the zoo” approach, according to Gaughan -- or via a “mutual assistance request”.

“It is very slow, extremely cumbersome and to be blunt, does not service us in our needs in the current environment,” Gaughan said.

“[However] there is a significant amount of work being done in the Attorneys General’s department in negotiating with governments overseas to actually change the treaty regime we have in place to enable us to obtain information in real time as that is what we need to do.”

To encourage greater interaction between all state and federal governments on cybercrime, and to better co-ordinate responses to individual cybercrime incidents, the AFP’s Assistant Commissioners Crime Forum had just launched the e-Crime Practitioners Working Group.

Gaughan said the AFP was also working on developing mitigation and prevention strategies through greater collaboration between itself and AusCERT, the judiciary, academia and the IT industry.

“It’s about the attitude of the consumer,” he said. “You wouldn’t walk down Pitt Street with your ABN and bank details on a t-shirt, but we are quite happy to have those bank account details on an insecure computer.”

Join the CSO newsletter!

Error: Please check your email address.

Tags Australian Federal PoliceAFPcyber crimecyber security

More about Australian Federal PoliceCERT AustraliaFederal PoliceF-Secure

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Lohman

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place