ACORN received almost 48k cyber-related reports in 2016-17
The Australian Cybercrime Online Reporting Network (ACORN) received a total of 47,873 reports in 2016-17, 6,532 more than in the previous year.
As revealed in the Connect Discover Understand Respond 2016-17 Annual Report from the Australian Criminal Intelligence Commission (ACIC), scams and online fraud were the highest reported incidents to ACORN, accounting for 51 percent of the 47,873 total.
Incidents related to online purchase or sale accounted for 20 percent of the reports, while cyberbullying or stalking accounted for 7 percent, attacks on computer systems for 6 percent, illegal or prohibited material for 3 percent, and offending against children accounted for 2 percent -- or approximately 960 individual reports made.
ACIC said that of the 47,873 accounts, 37,999 were forwarded to police for "appropriate" action.
ACORN, launched in 2014, is a joint initiative between the ACIC, the Attorney-General's Department and all Australian police agencies. Developed initially by CrimTrac -- which merged with the Australian Crime Commission (ACC) on July 1, 2016 -- ACORN allows Australians to report so-called cybercrimes including hacking, identity theft, illegal online content, and system attacks, with the network also providing advice to help people recognise and avoid common types of cybercrime via its website, which attracted 240,324 visitors in 2016-17.
As of June 30, 2017, there had been over 114,000 reports of cybercrime registered with ACORN since its inception.
The role of ACIC is to provide a national platform for sharing information and intelligence related to frontline services, cybercrime reporting, biometrics, forensics, and protection services.
Its report [PDF] said that cybercrime disruption remained a focus for the commission, with ACIC working with domestic and international partners on joint assessments and informing cybercrime policy.
During 2016-17, ACIC said it disrupted 81 serious and organised criminal entities, seizing more than AU$929.71 million estimated street value of drugs and more than AU$14.06 million in cash. The commission said it also disseminated more than 2,000 intelligence products to its partners, and disrupted an international money laundering syndicate operating in Australia that was run by an international controller.
It also facilitated -- through the use of its National Criminal Intelligence System (NCIS) pilot program -- the arrest in the United Kingdom of a cybercriminal who had used malware to fraudulently remove more than AU$700,000 from an Australian business' bank account.
NCIS will connect the existing data holdings of Commonwealth, state, and territory law enforcement partners to provide what the ACIC called the "first truly national and unified picture of criminal activity", spanning policing and intelligence data holdings. Essentially, the NCIS will allow police across Australia to coordinate their intelligence operations and investigations where criminals are active across more than one jurisdiction.
In its pilot form, NCIS attracted more than 11,000 searches across more than 600 million records. ACIC said real-time results were achieved across cybercrime to counter-terrorism investigations and intelligence operations.
ACIC said it also continued to work with the Australian Cyber Security Centre (ACSC) -- of which it is a founding member, alongside the Department of Defence, Attorney-General's Department, Australian Security Intelligence Organisation, and Australian Federal Police (AFP) -- to respond to cyber incidents impacting Australia, including the WannaCry and Petya ransomware campaigns.
According to ACIC, the merger of the ACC and CrimTrac saw the former's serious and organised crime work with the latter's information systems and service delivery functions.
In a bid to further streamline the functions under each, ACIC has developed internal intelligence hubs that will be introduced in the coming year. These hubs will focus on national security, high risk domestic and international targets, gangs, firearms, financial crime, drugs, emerging threats, and cybercrime.
In 2016-17 ACIC was given a AU$89.8 million operating budget, and boasted 810 staff that included investigators and intelligence analysts, and technical and cyber analytics operatives, as well as others.
The commission was also handed a further AU$1.73 million to develop and enhance the ACIC's cyber crime intelligence and analysis capability in response to the recommendations by 2016 Cyber Security Review that also produced Australia's AU$230 million Cyber Security Strategy.
ACIC received AU$16 million over four years under the strategy to expand its cybercrime intelligence capability.
From July 2017, an ACIC cybercrime analyst was deployed to the National Cybercrime Unit at the National Crime Agency in the United Kingdom, as part of the cybersecurity strategy, to "develop strategic and operational intelligence products, and identify cybercrime and associated serious and organised crime threats" impacting both countries.
Also under cybersecurity strategy resposibilities, ACIC said it provided the AFP's Cyber Crime Operations with identities of four possible cybercrime offenders; provided the United States' Homeland Security Investigations Cyber Crimes Center with information on a person of interest based in Melbourne, who was cashing out large amounts of bitcoin into the US; and also worked with the US Federal Bureau of Investigation and provided travel movement information on a cybercriminal, as well as on the investigation to identify a Russia-based cybercriminal.
Specific priorities in the 2017-18 year for ACIC will be to deepen its understanding of virtual currencies and how criminals exploit them, and to enhance understanding of the use of malware in relation to financial crimes.
In terms of cybercrime, ACIC said it will continue to participate in national strategies to counter cyber threats, including with the ACSC, as well as to continue to share intelligence with partners.
PREVIOUS AND RELATED COVERAGE
90 percent of Australian organisations admit security compromise to ACSC
A survey of 113 Australian organisations conducted by the Australian Cyber Security Centre has found 90 percent of respondents faced some form of cybersecurity compromise during the 2015-16 financial year.
ASIO shifting strategy and resources in the face of cyber threat
The country's intelligence agency has aligned its resources to focus on the growing threat of cyber espionage targeting 'a range' of Australian interests.
OAIC received 114 voluntary data breach notifications in 2016-17
The office led by Information and Privacy Commissioner Timothy Pilgrim received 114 voluntary data breach notifications, 35 mandatory digital health data notifications, and 2,494 privacy-related complaints during the 12-month period.