Qld crime inquiry recommends police “infiltrate” online drug gangs, boost penalties for crims using Dark Web

Criminals who use the Internet for drug crimes, fail to provide their passwords to police or use online anonymising services for child exploitation, would attract additional sentences under a host of Queensland Organised Crime Commission of Inquiry (QOCCI) recommendations that also include suggestions that the Queensland Police Service (QPS) train cybercrime investigators to monitor and “infiltrate” the online drug trade.

The wide-ranging review of organised criminal activity in Queensland found that the criminal justice criminal system has failed to keep up with a range of online criminal behaviour. In response, its final report, QOCCI recommended a range of changes addressing the increased use of online technologies in five key areas: drug offences; child sexual offenses and child exploitation; financial crimes; money laundering; and corruption.

Effectively keeping up with the changing online behaviour of perpetrators requires a redoubled effort to build up cybercrime skills within the QPS, which faces an organised-crime community that is “developing in ways that mirror large corporations,” the report noted, citing moves such as the centralisation of operations, greater connectivity, growing sophistication, increased professionalism, and “long-term strategic planning geared towards growth”.

This changing scope had made national and interstate collaboration “essential” to effective law-enforcement, the report noted, and made cybercrime training a crucial focus for law-enforcement authorities around Australia.

QPS should invest further resources into the area of online drug offending and that “additional police officers with sufficient training and expertise in cybercrime, be tasked to monitor online activity, with a view to infiltrating the activities of those purchasing and selling drugs over the Internet.”

This is in line with moves by the likes of Interpol, which is already working with police agencies in many countries to bolster their cybercrime investigation capabilities.

“It is the commission's view that the QPS could take a more active role in the monitoring of the Internet for activity, with the aim of stemming the flow of drugs into the state,” QOCCI advised, noting that police “could conduct covert monitoring of online activities to identify drug activity occurring within the state.... Police need to be trained to pick up on these errors and begin to gather evidence to allow successful arrest and prosecution.”

QOCCI expressed repeated concerns about the use of the Internet or 'Dark web' based Darknet services to facilitate crime. “Individuals based in Queensland can now use Darknets to engage directly with international drug markets and purchase illicit drugs from anywhere in the world,” the commission notes.

“The Internet – and particularly the Darknet – creates a low-risk environment for individuals and organised crime groups to purchase and sell dangerous drugs. The anonymity offered by encryption-based services, and supplying via the post, provides protection for offenders... it is of the view that the Act should be amended to apply increased maximum penalties when such conduct is facilitated by the Internet and Darknet marketplaces.”

Dangerous-drug offences such as possessing, supplying and trafficking in dangerous drugs would be classified as an aggravated circumstance – adding five additional years to the maximum penalties for such crimes if they are facilitated online.

Similar concerns were raised about online child-exploitation activities, with administrators of child-exploitation Web sites targeted by new provisions that also criminalise encouragement of the use of such sites, and those who “provide advice to avoid detection and add to the proliferation of child exploitation material online”.

This would include use of the Darknet “or other hidden network, or anonymising service” in accessing child-exploitation materials; such activity would also classify as aggravating circumstances, with a warning that “the terminology used to describe such networks and anonymising services would need to be framed in such a way as to survive the evolution of technology”.

The QOCCI recommendations also included suggested amendments to police-powers laws around seizure and search of computers and storage devices. Owners of computers who fail to provide passwords or decryption keys for police to access information would be targeted by a recommendation for a new offence of “failing to comply with an order in a search warrant about information necessary to access information stored electronically”, which would carry a penalty of up to 5 years' imprisonment.

Where child-exploitation material was found in such a situation, an aggravated circumstance would apply with a maximum additional sentence of up to 7 years' imprisonment.

QOCCI also encouraged QPS and the Crime and Corruption Commission (CCC) to be “properly resourced” to tackle “to a greater degree” Queenslanders known to be sharing child-exploitation material on peer-to-peer platforms. Use of the Kent Internet Risk Assessment Tool (KIRAT) – a UK-developed methodology for forensic child-exploitation investigators – was to be prioritised for use by the QPS and Crime and Corruption Commission.

Financial crimes were also within the scope of the QOCCI review, with recommendations that the QPS Fraud and Cyber Crime Group be “appropriately resourced to deal with the much higher than expected volume of complaints referred to the police through the Australian Cybercrime Online Reporting Network”.

As well as specifically addressing concerns raised about surging online crimes, QOCCI also recommended that all Queensland government departments and agencies audit themselves to identify high-risk areas where their “information, assets, materials and functions” may be at risk of compromise; people working in those areas should maintain statements of their “declarable associations”.

QOCCI isn't the first law-enforcement authority to express concern about online criminal activity: a recent Australian Crime Commission report flagged concerns about use of encryption technology, as well as activities such as the use of cryptocurrencies in money laundering activities.

Join the CSO newsletter!

Error: Please check your email address.

Tags DarknetsQueensland Organised Crime Commission of Inquiry (QOCCI)online drug gangscorruptioncybercrimedark web

More about Australian Crime CommissionInterpolQPS

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts