Reticent judges and slow legal frameworks are passing out soft and unbalanced charges to online criminals including members of the Anonymous collective, a move that is frustrating the Australian Federal Police (AFP).
(Credit: Darren Pauli/ZDNet Australia)
Australian members of Anonymous — a loose online activist collective responsible for a string of devastating cracking and denial-of-service attacks — were caught last year after they helped bring down the Prime Minister's website under Operation Titstorm.
The operation was a response to the Federal Government's mandatory internet content filtering plan which the collective fiercely opposes.
The AFP launched an operation called Whisk to look into the online attacks and netted two Anonymous participants using intelligence from the Defence Department's Cyber Security Operations Centre.
Both men, Melbourne resident Steve Slayo and Newcastle resident Matthew Gordon George, faced 10 years imprisonment for "causing unauthorised impairment of electronic communication to or from a Commonwealth computer" but received a good behaviour order and a $550 fine with a recorded conviction respectively.
Those penalties are not enough, according to one AFP officer involved with the case.
"Judges are not willing to hand out tough sentences," AFP High Tech Collection and Capability manager Grant Edwards said. "They don't understand the threat."
Catching Anonymous members is not the problem because Internet Protocol addresses can be traced, Edwards said, but rather the lack of understanding of the severity of the crime.
"It is difficult to create laws against cybercrime," Edwards said, citing problems of tracking perpetrators overseas.
"Unless we understand the impact, we can't create the laws. The issue is also the speed to create these laws," he added.
The AFP's High Tech Crime Investigations unit is charged with investigating and prosecuting individuals for attacks against Australia's critical infrastructure and information systems. It works in collaboration with the Cyber Security Operations Centre and the newly fledged CERT Australia.
Judges are also handing weak and unbalanced sentences to paedophiles charged with holding online child pornography, Edwards said.
To illustrate the problem, Edwards said one paedophile charged with holding 200,000 child pornography was sentenced to 14 months in jail, while another caught with 100,000 images was sentenced to four years.
The AFP said in a statement that "activities such as hacking, creating or propagating malicious viruses or participating in DDoS attacks are not harmless fun [and] can result in serious long-term consequences for individuals, such as criminal convictions or jail time".