The internet and digital economy represent a significant opportunity for Australia. However, cyber criminals increasingly exploit Australia's digital connectivity for their criminal activities.
In Australia, the term 'cybercrime' is used to describe both:
- Cyber-dependent crimes directed at computers or other information communications technologies (ICTs) – such as computer intrusions and denial of service attacks
- Cyber-enabled crimes, which can increase in their scale and or/reach through the use of computers or other forms of ICTs – such as online fraud, identity theft and the distribution of child exploitation material.
Australia has a strong criminal offence and law enforcement framework to address a broad range of cybercrimes. This includes a comprehensive set of computer and telecommunications offences under Parts 7.3, 10.6 and 10.7 of the Commonwealth Criminal Code Act 1995. They include:
- dishonestly obtaining or dealing in personal financial information .
- online child sexual exploitation and abuse
- cyber abuse including non-consensual sharing of intimate images
- computer intrusions
- unauthorised modification of data, including destruction of data
- unauthorised impairment of electronic communications, including denial of service attacks
- the creation and distribution of malicious software (for example, viruses and ransomware)
Each state and territory in Australia has its own cybercrime related offences that complement Commonwealth legislation as well as legislation which covers online fraud and other technology enabled crimes.
Report a cybercrime incident
If you or your business are a victim of a cybercrime, report it to the Australian Cyber Security Centre
If you have been the victim of a cybercrime of data breach you can contact IDCARE for support.
If there is an immediate threat to life or risk of harm, call 000.
The Commonwealth has enacted a comprehensive set of offences to address cybercrime, contained in the Criminal Code Act 1995 (Criminal Code). These offences are based on model laws agreed to by Commonwealth, state and territory governments in 2001. The offences are consistent with those required by the Council of Europe Convention on Cybercrime and are drafted in technology-neutral terms to accommodate advances in technology.
Key Commonwealth offences are contained in Part 10.6 and Part 10.7 of the Criminal Code, which contains offences criminalising the misuse of telecommunication networks, ‘carriage services’ (a term which includes the internet and online services, as well as wired and mobile services) and computers.
The Commonwealth computer offences are complemented by state and territory laws which criminalise the misuse of data and computer systems.
National Plan to Combat Cybercrime
As a key deliverable under Australia’s Cyber Security Strategy 2020 [553KB PDF], the 2022 National Plan to Combat Cybercrime was released on 21 March 2022 and builds on the 2013 Plan to formalise a framework that focuses on three key pillars: Prevent and Protect; Investigate, Disrupt and Prosecute; and Recover. The framework outlined under these key pillars will support the development of a nationally coordinated approach to combating cybercrime in Australia.
See the 2022 National Plan to Combat Cybercrime for more details.
Council of Europe Convention on Cybercrime
Cybercrime is a global problem which requires a coordinated international response.
Australia has acceded to the Council of Europe Convention on Cybercrime. The convention is the leading, binding international instrument directed at cybercrime, to which a number of other countries are also parties including the United States, Japan and many European countries. The convention came into force for Australia on 1 March 2013.
The objectives of the convention are to harmonise domestic legal frameworks on cybercrime, provide for domestic powers to investigate and prosecute cybercrime, and establish an effective regime of international legal cooperation.
Accession to the convention also helps improve the ability of our agencies to work effectively with their overseas counterparts in responding to cybercrime.
Find out more
Fighting cybercrime is a whole-of-government effort. To find out more about Australia's response to cybercrime visit:
- Australian Federal Police
- Australian Criminal Intelligence Commission
- Office of the eSafety Commissioner
For the latest advisories on recent Australian cybercrime incidents, visit the ACSC website.
The Department Home Affairs website also has updates on the Medibank Private and Optus data breaches.