Cyber capability: It’s a problem
Big Issue: Australian law enforcement's ability to respond to technological is under question
The Australian Strategic Policy Institute’s (ASPI) border program chief John Coyne has flagged grave concerns about the ability of the nation’s law enforcement to respond to threats that arrive via new technology, including the rise of cyberattacks.
“The speed at which society currently absorbs technology is increasing exponentially. By default, criminals are increasing exponentially,” Mr Coyne told a parliamentary committee hearing last week.
“Unfortunately, in the law enforcement environment, at best we are maintaining pace at absorbing new technology. At worst we are slowing down,” he said.
The Parliamentary Joint Committee on Law Enforcement is investigating the impact of new and emerging information and communications technology on the threat landscape.
Dr Coyne said there was a need for Australian law enforcement agencies to respond faster to emerging cybersecurity attacks.
“The time criminals institute new capabilities and the time we take to react to them needs to close. At the moment, the key message here, especially in the technology space, is that the problem is getting wider,” he said.
“We want to close that time gap and that needs to be the key priority.”
He said agencies such as the Australian Federal Police were having only limited success in attempts to recruit and retain relevant technology skills in response to these emerging trends. As an example, he said the AFP was currently retrospectively training people with no ICT background in writing code. “It’s a flawed process,” he said.
Dr Coyne also called for the a change to the relationship between the public and private sector around the technology issues, such as approaching the current encryption challenge.
“There has to be partnerships. The idea, for instance, that you can legislate your way out of the encryption challenge is deeply flawed,” he said.
In his submission, Dr Coyne outlined a number of changes that were required to address such challenges, including the need to build an innovation culture within law enforcement and the development of new strategies that close the gap between new technology and ability of law enforcement to understand and handle them.
One specific legislative mention that Dr Coyne makes is on the Telecommunications (Interception and Access) Act 1979, and the need for it to be “rewritten in light of the over 40 years of technology disruptions to telecommunications”.
“While successive governments have progressively amended the Act, they have at various stages failed to engage holistically with the 21st Century’s seismic technological paradigm shifts: for example encryption.
“While many will likely be tempted to continue to tinker with this legislation using minor amendments, the evidence is clear that policy and legislation requires a ‘technology’ driven disruption,” Dr Coyne said.
On the other hand, Dr Coyne told the joint committee that Australian law enforcement’s international engagement was a “good news story”.
The Australia’s multilateral arrangement with the US, the UK, Canada and New Zealand, known as the Five Eyes intelligence network was a good example.
“There are always ups and downs in any international relationship but we have that police to police cooperation. What we do also have is a range of mutual legal assistance agreements and treaties globally with a range of ‘patchwork quilt’, and that’s worked,” he said.