What are illegal acts involving the use of a computer or related devices generally referred to as?

Inhaltsverzeichnis Show

What is Cybercrime?
Cybercrime law
What to do if you believe you are the victim of cybercrime
Online child abuse material
Online abuse
Australian Cyber Security Centre
Office of the eSafety Commissioner
Online safety
Defining cybercrime
How cybercrime works
Types of cybercrime
Common examples of cybercrime
Effects of cybercrime on businesses
Effects of cybercrime on national defense
How to prevent cybercrime
Cybercrime legislation and agencies

The AFP also works closely with State and Territory Police and international policing agencies in the fight against all types of cybercrime.

Whether people have a computer at home, use online banking services or simply receive electricity supplies, the community's reliance on technology is increasing. A safe and secure online environment enhances trust and confidence and contributes to a stable and productive community.

Government and business also take advantage of opportunities for economic development through increased use of information technology.

The AFP sees the increasing use and dependence on technology as one of the major influences on the domestic and international law enforcement operating environment.

What is Cybercrime?

In Australia, the term 'cybercrime' is used to describe both:

crimes directed at computers or other information communications technologies (ICTs) (such as computer intrusions and denial of service attacks), and
crimes where computers or ICTs are an integral part of an offence (such as online fraud)

Just as the internet and other modern technologies are opening up tremendous possibilities, they also provide opportunities for criminals to commit new crimes and to carry out old crimes in new ways. On the evidence available, it is clear that the number, sophistication and impact of cybercrimes continues to grow and poses a serious and evolving threat to Australian individuals, businesses and governments.

Online, criminals can commit crimes across multiple borders in an instant and can target a large number of victims simultaneously. Tools that have many legitimate uses, like high speed internet, peer to peer file-sharing and sophisticated encryption methods, can also help criminals to carry out and conceal their activities.

The AFP is responsible for detecting, preventing, disrupting, responding to and enforcing cybercrime offences impacting the whole of the Australian economy. It focuses on investigating cybercrime threats against Commonwealth Government departments, critical infrastructure and information systems of national significance, with a key element being the banking and financial sector. The AFP is guided by Commonwealth priorities for combatting cybercrime.

In general, the investigation of fraud against an individual is a state police responsibility. However, where there is a crossover between the investigation of a fraud against an individual and the investigation of an organised attack against critical banking systems, the AFP will work together with the local jurisdiction and the banking and finance industry.

For the latest advice on the types of cybercrime currently impacting Australians visit the Australian Cyber Security Centre website.

Cybercrime law

Cybercrime offences are found in Commonwealth legislation within parts 10.7 and 10.8 of the Criminal Code Act 1995 and include:

Computer intrusions
Unauthorised modification of data, including destruction of data
Unauthorised impairment of electronic communications, including denial of service attacks
The creation and distribution of malicious software (for example, malware, viruses, ransomware)
Dishonestly obtaining or dealing in personal financial information.

Each State and Territory in Australia has its own legislated computer-related offences that are similar to the Commonwealth legislation as well as legislation which covers online fraud and other technology enabled crimes.

What to do if you believe you are the victim of cybercrime

IF THERE IS AN IMMEDIATE THREAT TO LIFE OR RISK OF HARM, CALL 000.

If you or your business are a victim of a cybercrime, please report it in the first instance to the Australian Cyber Security Centre.

Online child abuse material

Visit the child protection page for more information.

Online abuse

The Office of the eSafety Commissioner provides a platform to report online abuse, including cyberbullying, image-based abuse, and offensive and illegal content.

Australian Cyber Security Centre

The Australian Cyber Security Centre (ACSC) is the Australian Government's lead on national cyber security. It brings together cyber security capabilities from across the Australian Government to improve the cyber resilience of the Australian community and support the economic and social prosperity of Australia in the digital age. It possesses a comprehensive understanding of cyber threats, and provides advice and assistance to help Australians identify and manage cyber risk.

The ACSC includes staff from the Australian Federal Police and Australian Signals Directorate, Department of Home Affairs, Australian Criminal Intelligence Commission and Australian Security Intelligence Organisation.

ACSC Joint Cyber Security Centres (JCSC) have opened in Brisbane, Melbourne, Sydney, Perth and Adelaide to bring together business and the research community along with State, Territory and Commonwealth agencies to enhance collaboration on cyber security. JCSCs are a critical hub for business and governments to improve their cyber security practices and share information in a trusted and secure environment.

The ACSC's website replaces a number of government cyber security websites and services.

ThinkUKnow

ThinkUKnow is an online education and prevention program that uses a network of trained volunteers to deliver online safety presentations to parents, carers and teachers on how young people use technology, the challenges they might face and how to get help and support if something goes wrong online. Presentations generally run for one hour, and are supported by a comprehensive website, thinkuknow.org.au that provides additional information and resources.

ThinkUKnow is a partnership between the AFP, Microsoft, Datacom, Commonwealth Bank and is delivered in collaboration with State and Territory police and Neighbourhood Watch Australia.

Scamwatch

Scamwatch is run by the Australian Competition and Consumer Commission (ACCC). It provides information to consumers and small businesses about how to recognise, avoid, and report scams.

Office of the eSafety Commissioner

The Office of the eSafety Commissioner is committed to empowering all Australians to have safer, more positive experiences online. The Office was established in 2015 with a mandate to coordinate and lead the online safety efforts across government, industry and the not-for profit community.

Online safety

View a comprehensive list of all the Australian Government Initiatives for Online Safety.

Cybercrime is any criminal activity that involves a computer, networked device or a network.

While most cybercrimes are carried out in order to generate profit for the cybercriminals, some cybercrimes are carried out against computers or devices directly to damage or disable them. Others use computers or networks to spread malware, illegal information, images or other materials. Some cybercrimes do both -- i.e., target computers to infect them with a computer virus, which is then spread to other machines and, sometimes, entire networks.

A primary effect of cybercrime is financial. Cybercrime can include many different types of profit-driven criminal activity, including ransomware attacks, email and internet fraud, and identity fraud, as well as attempts to steal financial account, credit card or other payment card information.

Cybercriminals may target an individual's private information or corporate data for theft and resale. As many workers settle into remote work routines due to the pandemic, cybercrimes are expected to grow in frequency in 2021, making it especially important to protect backup data.

Defining cybercrime

The U.S. Department of Justice (DOJ) divides cybercrime into three categories:

crimes in which the computing device is the target -- for example, to gain network access;
crimes in which the computer is used as a weapon -- for example, to launch a denial-of-service (DoS) attack; and
crimes in which the computer is used as an accessory to a crime -- for example, using a computer to store illegally obtained data.

The Council of Europe Convention on Cybercrime, to which the U.S. is a signatory, defines cybercrime as a wide range of malicious activities, including the illegal interception of data, system interferences that compromise network integrity and availability, and copyright infringements.

The necessity of internet connectivity has enabled an increase in the volume and pace of cybercrime activities because the criminal no longer needs to be physically present when committing a crime. The internet's speed, convenience, anonymity and lack of borders make computer-based variations of financial crimes -- such as ransomware, fraud and money laundering, as well as crimes such as stalking and bullying -- easier to carry out.

Cybercriminal activity may be carried out by individuals or groups with relatively little technical skill, Or by highly organized global criminal groups that may include skilled developers and others with relevant expertise. To further reduce the chances of detection and prosecution, cybercriminals often choose to operate in countries with weak or nonexistent cybercrime laws.

How cybercrime works

Cybercrime attacks can begin wherever there is digital data, opportunity and motive. Cybercriminals include everyone from the lone user engaged in cyberbullying to state-sponsored actors, like China's intelligence services.

Cybercrimes generally do not occur in a vacuum; they are, in many ways, distributed in nature. That is, cybercriminals typically rely on other actors to complete the crime. This is whether it's the creator of malware using the dark web to sell code, the distributor of illegal pharmaceuticals using cryptocurrency brokers to hold virtual money in escrow or state threat actors relying on technology subcontractors to steal intellectual property (IP).

Cybercriminals use various attack vectors to carry out their cyberattacks and are constantly seeking new methods and techniques for achieving their goals, while avoiding detection and arrest.

Cybercriminals often carry out their activities using malware and other types of software, but social engineering is often an important component for executing most types of cybercrime. Phishing emails are another important component to many types of cybercrime but especially so for targeted attacks, like business email compromise (BEC), in which the attacker attempts to impersonate, via email, a business owner in order to convince employees to pay out bogus invoices.

A list of the different types of cybercrimes

Types of cybercrime

As mentioned above, there are many different types of cybercrime. Most cybercrimes are carried out with the expectation of financial gain by the attackers, though the ways cybercriminals aim to get paid can vary. Some specific types of cybercrimes include the following:

Cyberextortion:A crime involving an attack or threat of an attack coupled with a demand for money to stop the attack. One form of cyberextortion is the ransomware attack. Here, the attacker gains access to an organization's systems and encrypts its documents and files -- anything of potential value -- making the data inaccessible until a ransom is paid. Usually, this is in some form of cryptocurrency, such as bitcoin.
Cryptojacking:An attack that uses scripts to mine cryptocurrencies within browsers without the user's consent. Cryptojacking attacks may involve loading cryptocurrency mining software to the victim's system. However, many attacks depend on JavaScript code that does in-browser mining if the user's browser has a tab or window open on the malicious site. No malware needs to be installed as loading the affected page executes the in-browser mining code.
Identity theft:An attack that occurs when an individual accesses a computer to glean a user's personal information, which they then use to steal that person's identity or access their valuable accounts, such as banking and credit cards. Cybercriminals buy and sell identity information on darknet markets, offering financial accounts, as well as other types of accounts, like video streaming services, webmail, video and audio streaming, online auctions and more. Personal health information is another frequent target for identity thieves.
Credit card fraud: An attack that occurs when hackers infiltrate retailers' systems to get the credit card and/or banking information of their customers. Stolen payment cards can be bought and sold in bulk on darknet markets, where hacking groups that have stolen mass quantities of credit cards profit by selling to lower-level cybercriminals who profit through credit card fraud against individual accounts.
Cyberespionage: A crime involving a cybercriminal who hacks into systems or networks to gain access to confidential information held by a government or other organization. Attacks may be motivated by profit or by ideology. Cyberespionage activities can include every type of cyberattack to gather, modify or destroy data, as well as using network-connected devices, like webcams or closed-circuit TV (CCTV) cameras, to spy on a targeted individual or groups and monitoring communications, including emails, text messages and instant messages.
Software piracy: An attack that involves the unlawful copying, distribution and use of software programs with the intention of commercial or personal use. Trademark violations, copyright infringements and patent violations are often associated with this type of cybercrime.
Exit scam:The dark web, not surprisingly, has given rise to the digital version of an old crime known as the exit scam. In today's form, dark web administrators divert virtual currency held in marketplace escrow accounts to their own accounts -- essentially, criminals stealing from other criminals.

Common examples of cybercrime

Some of the more commonly seen cybercrime attacks include distributed DoS (DDoS) attacks, which are often used to shut down systems and networks. This type of attack uses a network's own communications protocol against it by overwhelming its ability to respond to connection requests. DDoS attacks are sometimes carried out simply for malicious reasons or as part of a cyberextortion scheme, but they may also be used to distract the victim organization from some other attack or exploit carried out at the same time.

Infecting systems and networks with malware is an example of an attack used to damage the system or harm users. This can be done by damaging the system, software or data stored on the system. Ransomware attacks are similar, but the malware acts by encrypting or shutting down victim systems until a ransom is paid.

Phishing campaigns are used to infiltrate corporate networks. This can be by sending fraudulent emails to users in an organization, enticing them to download attachments or click on links that then spread viruses or malware to their systems and through their systems to their company's networks.

Credential attacks are when a cybercriminal aims to steal or guess user IDs and passwords for the victim's systems or personal accounts. They can be carried out through the use of brute-force attacks by installing keylogger software or by exploiting vulnerabilities in software or hardware that can expose the victim's credentials.

Cybercriminals may also attempt to hijack a website to change or delete content or to access or modify databases without authorization. For example, an attacker may use a Structured Query Language (SQL) injection exploit to insert malicious code into a website, which can then be used to exploit vulnerabilities in the website's database, enabling a hacker to access and tamper with records or gain unauthorized access to sensitive information and data, such as customer passwords, credit card numbers, personally identifiable information (PII), trade secrets and IP.

Other common examples of cybercrime include illegal gambling, the sale of illegal items -- like weapons, drugs or counterfeit goods -- and the solicitation, production, possession or distribution of child pornography.

Effects of cybercrime on businesses

The true cost of cybercrime is difficult to assess accurately. In 2018, McAfee released a report on the economic impact of cybercrime that estimated the likely annual cost to the global economy was nearly $600 billion, up from $45 billion in 2014.

While the financial losses due to cybercrime can be significant, businesses can also suffer other disastrous consequences as a result of criminal cyberattacks, including the following:

Damage to investor perception after a security breach can cause a drop in the value of a company.
In addition to potential share price drops, businesses may also face increased costs for borrowing and greater difficulty in raising more capital as a result of a cyberattack.
Loss of sensitive customer data can result in fines and penalties for companies that have failed to protect their customers' data. Businesses may also be sued over the data breach.
Damaged brand identity and loss of reputation after a cyberattack undermine customers' trust in a company and that company's ability to keep their financial data safe. Following a cyberattack, firms not only lose current customers, but they also lose the ability to gain new customers.
Businesses may also incur direct costs from a criminal cyberattack, including increased insurance premium costs and the cost of hiring cybersecurity companies to do incident response and remediation, as well as public relations (PR) and other services related to an attack.

Effects of cybercrime on national defense

Cybercrimes may have public health and national security implications, making computer crime one of DOJ's top priorities. In the U.S., at the federal level, the Federal Bureau of Investigation's (FBI) Cyber Division is the agency within DOJ that is charged with combating cybercrime. The Department of Homeland Security (DHS) sees strengthening the security and resilience of cyberspace as an important homeland security mission. Agencies such as the U.S. Secret Service (USSS) and U.S. Immigration and Customs Enforcement (ICE) have special divisions dedicated to combating cybercrime.

USSS's Electronic Crimes Task Force (ECTF) investigates cases that involve electronic crimes, particularly attacks on the nation's financial and critical infrastructures. USSS also runs the National Computer Forensics Institute (NCFI), which provides state and local law enforcement, judges and prosecutors with training in computer forensics.

The Internet Crime Complaint Center (IC3), a partnership among the FBI, the National White Collar Crime Center (NW3C) and the Bureau of Justice Assistance (BJA), accepts online complaints from victims of internet crimes or interested third parties.

How to prevent cybercrime

While it may not be possible to completely eradicate cybercrime and ensure complete internet security, businesses can reduce their exposure to it by maintaining an effective cybersecurity strategy using a defense-in-depth approach to securing systems, networks and data.

Cybercrime risks can be reduced with the following steps:

develop clear policies and procedures for the business and employees;
create cybersecurity incident response plans to support these policies and procedures;
outline the security measures that are in place about how to protect systems and corporate data;
use two-factor authentication (2FA) apps or physical security keys;
activate 2FA on every online account when possible;
verbally verify the authenticity of requests to send money by talking to a financial manager;
create intrusion detection system (IDS) rules that flag emails with extensions similar to company emails;
carefully scrutinize all email requests for transfer of funds to determine if the requests are out of the ordinary;
continually train employees on cybersecurity policies and procedures and what to do in the event of security breaches;
keep websites, endpoint devices and systems current with all software release updates or patches; and
back up data and information regularly to reduce the damage in case of a ransomware attack or data breach.

Information security and resistance to cybercrime attacks can also be built by encrypting local hard disks and email platforms, using a virtual private network (VPN) and using a private, secure domain name system (DNS) server.

Cybercrime legislation and agencies

As mentioned above, various U.S. government agencies have been established to deal specifically with the monitoring and management of cybercrime attacks. The FBI's Cyber Division is the lead federal agency for dealing with attacks by cybercriminals, terrorists or overseas adversaries. Within DHS is the Cybersecurity and Infrastructure Security Agency (CISA). This group coordinates between private sector and government organizations to protect critical infrastructure.

Furthermore, the Cyber Crimes Center (C3) provides computer-based technical services that support domestic and international investigations included in the Homeland Security Investigations (HSI) portfolio of immigration and customs authorities. C3 focuses on cybercrimes that involve transborder illegal activities. It is responsible for finding and targeting all cybercrimes within HSI jurisdiction. C3 includes the Cyber Crimes Unit (CCU), the Child Exploitation Investigations Unit (CEIU) and the Computer Forensics Unit (CFU).

Various laws and legislation have been enacted in addition to the agencies that have been established to deal with cybercrime. In 2015, the United Nations Office on Drugs and Crime (UNODC) released the cybercrime repository, which is a central database that includes legislation, previous findings and case law on cybercrime and electronic evidence. The intention of the cybercrime repository is to assist countries and governments in their attempts to prosecute and stop cybercriminals.

Legislation dealing with cybercrime can be applicable to the general public, or it can be sector-specific, extending only to certain types of companies. For example, the Gramm-Leach-Bliley Act (GLBA) focuses on financial institutions and regulates the implementation of written policies and procedures that should improve the security and confidentiality of customer records, while also protecting private information from threats and unauthorized access and use.

Other legislation has been established to deal with specific cybercrimes, such as cyberbullying and online harassment. A little over half of U.S. states have implemented laws dealing directly with these crimes.

For example, Massachusetts law cites that online harassment is a crime that is punishable with a fine of up to $1,000, a maximum of two-and-a-half years in jail or both. In Tennessee, online harassment and stalking is considered a Class A misdemeanor, and a convicted cybercriminal can face a jail sentence of, at most, 11 months and 29 days, a fine of up to $2,500 or both.