“At the moment, we’re actually going through an internal review of how we can be more aggressive in cyber, and it may mean a mini restructure internally for us to really have what we would call a cyber offensive operation of the AFP, which would actually conduct disruption operations on these individuals,” he said
Kershaw said this process has included talking with the Five Eyes alliance about the growth of cyberthreats. Kershaw is currently the chair of Five Eyes’ law enforcement group.
Throughout his testimony at Senate Estimates, Kershaw explained that the powers given to the AFP through the Surveillance Legislation Amendment (Identify and Disrupt) Act 2021, which passed earlier this year, would allow its cyber offensive capabilities to increase across various fronts, from countering child abuse, to spam, to terrorism.
“So [spam is] something we’re looking forward to using those new powers to, you know, it is my personal pet hate. I get multiple ones a day,” Kershaw said.
Through the new laws, the AFP and the Australian Criminal Intelligence Commission (ACIC) will gain the ability to apply for three new warrants to deal with online crime.
The first of the warrants is a data disruption one, which gives cops the ability to “disrupt data” by modifying, copying, adding, or deleting it. The second is a network activity warrant that would allow the AFP and ACIC to collect intelligence from devices or networks that are used, or likely to be used, by those subject to the warrant. The last warrant is an account takeover warrant that will allow the agencies to take control of an online account for the purposes of gathering information for an investigation.
“This is the next frontier of crime, and the AFP and our partners will work with governments and global law enforcement networks to ensure the long arm of the AFP reaches criminals no matter where they are in the world,” Kershaw said in his opening statement at Senate Estimates.
“Our investigators are already strategising how they will use the new powers in active investigations to identify, target, and disrupt offenders – including those relating to terrorism, large drug importations, and distribution of child abuse material.”
The Attorney-General’s department is currently working on authorising the warrants application process, with AFP Deputy Commissioner Ian McCartney saying that this process would be resolved in the coming weeks.
In the AFP’s annual report [PDF] released last week, the law enforcement agency said the past year has seen it expand cyber operational capacity and build technical capabilities as part of an $90 million investment by the Australian Government across four years. This includes the ransomware action plan’s new Orcus taskforce and an AFP-led multi-agency taskforce called Dolos for targeting fraud that used compromised business emails.
The AFP added that it carried out 163 disruption activities and charged eight offenders with 21 offences in relation to cybercrime during 2020-21.
Related Coverage
AFP seeks upgrades to telco interception and surveillance device monitoring toolAFP wants to consolidate its multiple tracking applications onto a universal platformHow the FBI and AFP accessed encrypted messages in TrojanShield investigationOperation Ironside has confiscated AU$31 million of assets so farAFP used controversial encryption laws in its ‘most significant operation in policing history’AFP using a squad of doggos to detect devices such as USBs and SIM cards