AFP is looking to be 'more aggressive' with new cyber offensive arm

The AFP is in talks with the Five Eyes alliance about how it can implement a new cyber offensive operation.
Written by Campbell Kwan, Contributor
Image: ACT Policing

The Australian Federal Police is conducting an internal review to implement a new cyber offensive arm, AFP commissioner Reece Kershaw said at Senate Estimates on Monday morning.

"At the moment, we're actually going through an internal review of how we can be more aggressive in cyber, and it may mean a mini restructure internally for us to really have what we would call a cyber offensive operation of the AFP, which would actually conduct disruption operations on these individuals," he said

Kershaw said this process has included talking with the Five Eyes alliance about the growth of cyberthreats. Kershaw is currently the chair of Five Eyes' law enforcement group.

Throughout his testimony at Senate Estimates, Kershaw explained that the powers given to the AFP through the Surveillance Legislation Amendment (Identify and Disrupt) Act 2021, which passed earlier this year, would allow its cyber offensive capabilities to increase across various fronts, from countering child abuse, to spam, to terrorism.

"So [spam is] something we're looking forward to using those new powers to, you know, it is my personal pet hate. I get multiple ones a day," Kershaw said.

Through the new laws, the AFP and the Australian Criminal Intelligence Commission (ACIC) will gain the ability to apply for three new warrants to deal with online crime.

The first of the warrants is a data disruption one, which gives cops the ability to "disrupt data" by modifying, copying, adding, or deleting it. The second is a network activity warrant that would allow the AFP and ACIC to collect intelligence from devices or networks that are used, or likely to be used, by those subject to the warrant. The last warrant is an account takeover warrant that will allow the agencies to take control of an online account for the purposes of gathering information for an investigation.

"This is the next frontier of crime, and the AFP and our partners will work with governments and global law enforcement networks to ensure the long arm of the AFP reaches criminals no matter where they are in the world," Kershaw said in his opening statement at Senate Estimates.

"Our investigators are already strategising how they will use the new powers in active investigations to identify, target, and disrupt offenders -- including those relating to terrorism, large drug importations, and distribution of child abuse material."

The Attorney-General's department is currently working on authorising the warrants application process, with AFP Deputy Commissioner Ian McCartney saying that this process would be resolved in the coming weeks.  

In the AFP's annual report [PDF] released last week, the law enforcement agency said the past year has seen it expand cyber operational capacity and build technical capabilities as part of an $90 million investment by the Australian Government across four years. This includes the ransomware action plan's new Orcus taskforce and an AFP-led multi-agency taskforce called Dolos for targeting fraud that used compromised business emails.

The AFP added that it carried out 163 disruption activities and charged eight offenders with 21 offences in relation to cybercrime during 2020-21.

Related Coverage

Editorial standards