‘Hacking the hackers’: reflections on state-implemented disruption as a ‘new model’ for cyber policing

ABSTRACT

Following the most significant data breaches in Australia’s history, targeting Optus and Medibank, in November 2022 Australia’s Minster for Home Affairs and Cybersecurity Clare O’Neil announced ‘a new model of policing’ involving a collaboration between the Australian Federal Police and Australian Signals Directorate. This collaboration would result in a new taskforce focused on ‘hacking the hackers’ or disrupting criminal groups responsible for high-profile cyber-attacks against Australian entities. Since this announcement, significant discussion has ensued regarding the meaning of state-implemented ‘disruption’ and questions have been raised about the potential mandate and operations of the newly announced taskforce. This paper explores the concept of disruption as it applies to cyber-criminal groups. It then turns to considerations for policy and practice regarding the pursuit of disruption. The paper aims to advance existing understanding of disruption and encourage further research and policy debate into the policing of cybercrime as the Australian government commences work on the 2023–2030 Australian Cyber Security Strategy.

KEYWORDS:

• Cybercrime
• cybersecurity
• data breaches
• disruption
• policing
• Ransomware

Acknowledgements

The authors would like to thank Benoît Dupont and the anonymous reviewers for their valuable feedback on an earlier version of this paper. The usual disclaimers apply.

Disclosure statement

No potential conflict of interest was reported by the author(s).