'Camouflaged' internet concerns the Australian Federal Police

The Australian Federal Police has said that the use of virtual private networks and other methods for people to anonymise themselves on the internet is a continuing concern for the law-enforcement agency.
Written by Josh Taylor, Contributor

The Australian Federal Police (AFP) has said that the anonymous nature of the internet continues to be a concern for the law-enforcement agency, and that it is reliant on global partnerships with law-enforcement agencies around the world to continue to effectively tackle crime online.

The Australian Federal Police's manager of cybercrime operations Glen McEwen appeared on Wednesday before a parliamentary committee investigating government agency use of powers in Section 313 of the Telecommunications Act, which allows agencies to request internet service providers to block websites.

The committee has been investigating the issue after it was revealed last year that the Australian Securities and Investments Commission (ASIC) had accidentally blocked 250,000 websites when seeking to block sites associated with investment fraud, because the agency did not know that a single IP address could be associated with a number of websites.

The AFP is one of three agencies known to use the power, along with ASIC and one unnamed national security agency. It has been reported that during the 2012 and 2013 financial years, the AFP used this power 21 times to block websites on the Interpol "worst of" list of child abuse websites.

McEwen said on Wednesday that the AFP also uses the power to block malware websites, and, in particular, the recent GameOver Zeus botnet. He said that asking telcos to block websites is a "last resort", where sites are hosted in jurisdictions outside the AFP's reach, or where websites need to be taken down quickly.

When asked by the committee about Australians using virtual private networks (VPNs) and other methods to bypass blocks and seek to anonymise their internet use, McEwen said it is a constant concern for the agency.

"The reality of VPNs and the camouflaging activity that people do utilise within the internet is of concern," he said.

"But we do have the ability to monitor and disrupt people using [VPNs]."

The issue extends far beyond the use of VPNs, he said.

"I wish it was as simple as VPNs. The ability to inhabit the internet anonymously and securely has been growing for a very long time," he said.

"It's not a difficult thing to do, if that's what you choose to do. The anonymity component of the internet is always an issue for us."

He said that two years ago, the AFP considered the online marketplace Silk Road, which uses Tor, to be "untouchable". However, through worldwide law-enforcement agency cooperation, he said, they were able to bring it down.

McEwen welcomed additional oversight into the use of s313 powers to block websites, stating that the AFP has a number of internal checks in place to ensure that it is used appropriately.

"Ultimately the AFP is responsible to the courts and the community for its actions. We have a range of audit functions within the AFP. The auditing of our cyber components is robust," he said.

"When we block the 'worst of the worst' list, there are procedures in place with Interpol to ensure we don't make a mistake.

"The good thing about the fact that something did go wrong [with ASIC] is we learned lessons, and we can now put protocols in place. It will go a long way to alleviating the issue occurring again."

McEwen indicated that there is some resistance from ISPs in complying with s313 requests to block websites, but he said he hopes that they would "come around" in the long run.

"We rely on the good conscience of companies to assist us in our endeavours. There has been elements of resistance that has required further discussions," he said.

"At the moment, we're satisfied that the majority of the in particular larger providers are complicit [sic] and welcome the opportunity to develop strategies with the AFP. We're happy with the fact that we can communicate and consult with the majority of them at the moment. Those that have a philosophical view will come around."

This morning, the Department of Communications deputy secretary Ian Robinson said that the government is looking towards developing a whole-of-government approach that would see agencies report to the Australian Communications and Media Authority every time they request a website to be blocked. He indicated that agencies would use the power responsibly.

"It's a very big thing to block a website on the internet, so I don't think, in practice, any government agency would undertake it without detailed investigation."

Editorial standards