in

ACIC believes there's no legitimate reason to use an encrypted communication platform

The Australian Criminal Intelligence Commission (ACIC) believes there is no legitimate reason for a law-abiding member of the community to own or use an encrypted communication platform.

“These platforms are used almost exclusively by SOC [serious and organised crime] groups and are developed specifically to obscure the identities of the involved criminal entities and enable avoidance of detection by law enforcement,” the ACIC declared. “They enable the user to communicate within closed networks to facilitate highly sophisticated criminal activity”.

Consistency, at least: Cops are the only ones being lawful on the dark web, AFP declares

The comments were made in a submission [PDF] to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) as part of its inquiry into the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020.

It told the committee it intends to use the powers extended to the ACIC under the Bill to focus efforts on understanding and gathering intelligence on SOC groups who are using encrypted communication platforms to conceal their criminal activities.

The Bill, if passed, would hand the Australian Federal Police (AFP) and ACIC three new computer warrants for dealing with online crime.

The first of the warrants is a data disruption one; the second is a network activity warrant; and the third is an account takeover warrant.

The ACIC said the Bill would allow it, through the collection, assessment, and dissemination of criminal intelligence and information, to inform national strategies to address transnational serious and organised crime.

“To deliver on this purpose, the powers and capabilities of the ACIC must keep pace with technological trends and emerging threats to ensure the agency is able to adequately tackle serious cyber-enabled crime and sophisticated criminal groups using encrypted platforms,” it said.

“The agency must be enabled to support law enforcement outcomes to protect Australians against the most sophisticated and high-threat actors, who increasingly utilise advanced communications technologies to mask their criminal activities.”

Elsewhere: ACIC running into jurisdictional data troubles with new national firearms database

According to the ACIC, the disruption, intelligence collection, and account takeover powers contained within the Bill complement the agency’s existing powers by providing new avenues to gather information and respond to serious crime occurring online and to criminals using dedicated encrypted communication platforms.

“The measures in the Bill are grounded in the principle that the powers granted by Parliament to the agencies charged with enforcing the criminal law should not be eroded by advances in technology,” it wrote. “The Bill is designed to provide the ACIC and AFP with the ability to protect the Australian community from harms online in the same way they protect Australians in the physical world.”

The ACIC believes the Bill addresses gaps in current electronic surveillance powers.

Network activity warrants provided by the Bill will “immediately transform the ACIC’s ability to discover and understand serious criminal groups using the Dark Web and encrypted communication platforms to undertake and facilitate serious crimes”.

“Currently, while the ACIC might be able to detect criminal behaviour on a hidden website or computer network, we cannot identify all the individuals participating in the criminal behaviour,” it explained. “For this reason, we require the ability to target and infiltrate the network, or class of computers, in which the crime is occurring so the members of the criminal group can be identified and the full nature and extent of the criminality can be detected through the collection of intelligence.”

Data disruption warrants, meanwhile, would enable the ACIC to interfere with the data held on online criminal networks or devices, in order to frustrate the commissioning of serious criminal offences.

“This will be particularly powerful in the context of disrupting criminal activity which is largely occurring online,” it wrote.

Lastly, account takeover warrants, it said, would allow the agency to take control of an online account in conjunction with other investigatory powers, labelling it an “efficient method for agencies to infiltrate online criminal networks”.

“This will play a crucial role in uncovering the identities of otherwise anonymous criminals, as well as gathering evidence of the initiation and commissioning of serious offences online, including on the Dark Web and where encrypted communication platforms are in use,” it said.

MORE ON THE ‘HACKING BILL’


Source: Information Technologies - zdnet.com

TPG Telecom to invite customers onto 5G fixed wireless in June

Security researchers found 21 flaws in this widely used email server, so update immediately