The "Anonymous" hacker group gave Australia's police forces a month's warning that it was going to attack the Federal Government. Why didn't the Australian Federal Police's electronic crimes unit do anything about it?
commentary The Australian Federal Police's High Tech
Crime Centre (HTCC) should be embarrassed.
The unit — one of Australia's peak cybercrime-fighting bodies
— appears to have been on a mission in recent times to raise its
profile and community awareness in general about internet security
issues.
Just yesterday, for example, HTCC national manager, Commander
Neil Gaughan took the opportunity to tell the Federal Parliament in
Canberra that the nation needed a national advertising campaign to
educate Australia's apparently befuddled internet users about
online security.
"We need people to become aware that they are at risk and we
need them to change their behaviour," he said.
Laudable words ... the only problem was that Gaughan didn't
appear to be taking his own advice.
At the very same instant the good commander was delivering his
sermon from the mount, nefarious online forces were preparing to
make a mockery of the Australian Federal Police's (AFP) ability to
protect even the government's own infrastructure.
A loose-knit alliance of hackers who describe themselves only as
"Anonymous", were finalising widespread plans to attack federal
government websites, email addresses and fax machines,
particularly those belonging to Prime Minister Kevin Rudd,
Communications Minister Stephen Conroy and the Australian
Communications and Media Authority (ACMA).
A scant half-dozen hours later, at least some of the attacks had
succeeded. The websites of the Prime Minister and reportedly
ACMA went down, or were taken down by their administrators, after
Australia's telcos witnessed a massive tsunami of traffic surging
through their networks and breaking on the government's
infrastructure.
Now you might be asking ... how could the AFP have known this
was going to happen, and taken steps to prevent it?
It's a good question.
No less than one month ago, "Anonymous" issued a public threat
to do so, complete with a YouTube video and pamphlets distributed
over the internet. Furthermore, they outlined their plans in a
detailed website, which contained the exact timing of the
attack.
"Anonymous" is well-known to law enforcement
authorities for its past actions. This week's attacks were spurred
by the group's objection to the internet filter initiative that Conroy's
department is spearheading.
Given the widespread availability of information pertaining to
the attack, at the very least, the AFP could have been expected to
have taken action to shut down websites and IRC channels belonging
to the group, even if it couldn't arrest its leaders.
Prior evidence suggests content sites such as YouTube haven't
hesitated to cooperate with reasonable law enforcement requests.
The fact that Anonymous' video threats are still available suggests
Australia's police didn't even ask.
Now I'm not suggesting the AFP's HTCC is the only group that
could have taken action in this case; certainly state police
forces, other federal agencies and even telcos and public sector
network and systems administrators could have done, and probably
did do, much to block the attacks.
Nobody should be able to threaten Australia a month in advance with an electronic attack and get away with it.
The Federal Attorney-General's office told ZDNet.com.au this
morning that the Cyber Security Operations Centre in the Department
of Defence's Signals Directorate was providing targeted agencies
with assistance in mitigating the issue, and agencies were also
briefed in advance about the threats.
But the irony of the events yesterday is inescapable.
There have also been other worrying signs emanating from the
HTCC in recent times. Last week the AFP confirmed it had still not
made any arrests more than three weeks after it carried out an
extremely high-profile raid on a Melbourne resident who was
suspected of attempting to obtain credit card details via an online
forum.
Footage of the raid was broadcast on ABC's Four Corners
days after it was carried out, as part of a wide-ranging report on
e-crime in Australia. It's not only the fact that the AFP has not
made any arrests from the raid that is concerning. There is also
the fact that the report had law enforcement and computer forensics
circles buzzing about the manner in which the AFP gathered
evidence.
Some have even muttered that the whole raid could simply have
been a public relations stunt designed to scare online fraudsters
into stopping their illegal activities, with no arrests even
intended.
As police officers would say, all of this is circumstantial
evidence. The HTCC has successfully carried out joint operations in
recent times with state police that have resulted in arrests. And
as Communications Minister Stephen Conroy said this morning, the
attack by "Anonymous" was juvenile in nature ... serious hackers
don't broadcast their activities in advance or use brute force
denial-of-service attacks.
But the fact remains that there are questions being raised as to
the efficacy of the nation's response to electronic crime.
Nobody should be able to threaten Australia a month in advance
with an electronic attack and get away with it.