Australian Federal Police plots "aggressive" cyber division following law change
New powers allow law enforcement to launch disruptive operations and collect data on suspected criminals


The Australian Federal Police (AFP) has suggested it may introduce a "more aggressive" cyber division, after legislation was passed in September granting extensive new surveillance powers to law enforcement agencies in the country.
During a Senate estimates hearing held on Monday, in which senators typically scrutinise how the government is spending taxpayer money, AFP commissioner Reece Kershaw said that the introduction of Surveillance Legislation Amendment (Identify and Disrupt) Act 2021 means it can now proactively target suspected criminals with disruptive operations.
Kershaw highlighted that the three new powers in the Act will significantly enhance how the AFP investigates serious cyber-enabled crime. The new powers allow police to disrupt data by modifying, copying, adding, or deleting it and allow the AFP and Australian Criminal Intelligence Commission (ACIC) to collect intelligence from devices and networks. Lastly, the powers allow the agencies to take control of an online account to gather information for an investigation.
The commissioner said that the police’s investigators are already planning how they might use the new powers in active investigations to identify, target, and disrupt offenders, including those relating to terrorism, drug importations, and distribution of child abuse material.
"At the moment, we're actually going through an internal review of how we can be more aggressive in cyber, and it may mean a mini restructure internally for us to really have what we would call a cyber offensive operation of the AFP, which would actually conduct disruption operations on these individuals," said Kershaw, according to ZDNet.
The commissioner said this includes talking with the Five Eyes alliance about the growth of cyber threats, with Kershaw currently being the chair of the organisation’s law enforcement group.
Encrypted communications platforms are a significant barrier for the AFP, said Kershaw, outlining that transnational serious organised crime offenders rely on encrypted platforms to carry out their criminality.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
“This is the next frontier of crime, and the AFP and our partners will work with governments and global law enforcement networks to ensure the long arm of the AFP reaches criminals no matter where they are in the world,” he added.
RELATED RESOURCE
The truth about cyber security training
Stop ticking boxes. Start delivering real change.
The AFP's plan for a new cyber offensive arm will have a dangerous effect on people's rights and freedoms in Australia and de-stabilise the open, secure internet we all rely on, said Namrata Maheshwari, Asia Pacific policy counsel, and lead on encryption policy at Access Now.
"This is extremely damaging for privacy and free expression, and undermines digital security for all. The new arm is being built on a flawed foundation: the Identify and Disrupt Bill, which violates human rights; and discussions with the Five Eyes surveillance alliance, which has often called for backdoors to encryption, a measure that would render private and secure communication impossible," she said. "We need rights-respecting frameworks to strengthen cybersecurity, and enhanced surveillance and new 'disruption' tools by law enforcement, as is being contemplated, will have the opposite effect."
Kershaw explained that Operation Ironside was enabled by unique, global law enforcement partnerships, particularly with the FBI, as the AFP provided the agency with the technical ability to decrypt and read encrypted communications in real time.
The operation saw the AFP work for almost three years, leading to the arrest of hundreds of suspected criminals that were tricked into using an encrypted messaging app. The app, codenamed “Anom”, was installed on mobile phones stripped of other capabilities that were bought on the black market. They were only able to send messages to another device that had the app installed, and criminals had to know other criminals to acquire a device.
Zach Marzouk is a former ITPro, CloudPro, and ChannelPro staff writer, covering topics like security, privacy, worker rights, and startups, primarily in the Asia Pacific and the US regions. Zach joined ITPro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to ITPro as a staff writer during the pandemic, before joining the world of freelance in 2022.
-
Should AI PCs be part of your next hardware refresh?
AI PCs are fast becoming a business staple and a surefire way to future-proof your business
By Bobby Hellard Published
-
Westcon-Comstor and Vectra AI launch brace of new channel initiatives
News Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
By Daniel Todd Published
-
Top data security trends
Whitepaper Must-have tools for your data security toolkit
By ITPro Published
-
Why bolstering your security capabilities is critical ahead of NIS2
NIS2 regulations will bolster cyber resilience in key industries as well as improving multi-agency responses to data breaches
By ITPro Published
-
SEC data breach rules branded “worryingly vague” by industry body
News The new rules announced last week leave many questions unanswered, according to security industry experts
By Ross Kelly Published
-
Crackdown on crypto needed to curb cyber crime, says expert
News Threat actors would struggle to generate money without the anonymity provided by unregulated digital tokens, but such a move would require worldwide buy-in
By Rory Bathgate Published
-
The gratitude gap
Whitepaper 2023 State of Recognition
By ITPro Published
-
Latitude Financial's data policies questioned after more than 14 million records stolen
News Some of the data is from at least 2005 and includes customers’ name, address, and date of birth
By Zach Marzouk Published
-
Latitude hack now under state investigation as customers struggle to protect their accounts
News The cyber attack has affected around 330,000 customers, although the company has said this is likely to increase
By Zach Marzouk Published
-
IDCARE: Meet the cyber security charity shaping Australia and New Zealand's data breach response
Case Studies IDCARE is recruiting a reserve army to turbocharge the fightback against cyber crime not just in the region, but in the interests of victims all over the world
By Zach Marzouk Published