​Malware tops Australia's online crime threat: ACC

The next five years will see the criminal deployment of malware top the online crime threat to Australia, according to the Australian Crime Commission.

Malicious software poses the highest online crime threat to Australia over the next five years, according to the Australian Crime Commission (ACC).

"The cybercrime threat to Australia from international and domestic organised crime groups is significant and continues to increase in complexity," said ACC Fusion Special Intelligence manager Tim Wellsmore.

He said that the use of malware for financial gain is seeing the increased sophistication of social engineering, observation of people's online behaviour, and identification of their vulnerabilities.

Wellsmore, who spoke at the Australian Cyber Security Centre Conference in Canberra on Wednesday, said that online crime is costing Australia at least AU$1 billion each year.

There were up to 15,000 compromised systems in Australia on each day between October 17, 2014, and January 14 this year, according to the Australian Internet Security Initiative, led by the Australian Communications and Media Authority (ACMA).

"We are working to better understand the market for cybercrime activity and the criminal syndicates involved so we can better respond," said Wellsmore. "With over 12.4 million internet subscribers in Australia and 20.6 million who have a mobile service with a data connection, the need for safe online behaviours is now more critical than ever before."

Wellsmore also encourages greater collaboration with industry to reduce risk, and supports information sharing across intelligence, law enforcement, and the private sector.

Wellsmore's comments come as Australia's Foreign Minister Julie Bishop suggests that it would be premature to establish an international agreement on internet security, despite the need for a trans-border agreement to help minimise the potential damage done by state-sponsored online activity.

"Australia argues that an international agreement is premature; even the work of codifying key principles is in its infancy -- the conversation has only just started, and the technology is evolving rapidly. It is a challenge for policy makers just to keep up," said Bishop during a panel event at the Global Conference on Cyberspace in The Hague, the Netherlands, late last week.

Bishop argued that although it is too early to come to an international agreement on internet security, it is in the interest of all states to help develop the internet as a platform for economic activity.

"The effective functioning of critical infrastructure underpins the global economy," she said. "States should prevent and refrain from online activity which damages or impairs critical infrastructure, whether it be in banking, telcos, energy structures."