More resources are needed to address cybercrime, with UNSW Canberra cyber security expert Nigel Phair estimating it costs Australia’s economy about $42 billion a year.

Mr Phair, the Director of Enterprise at the UNSW Institute for Cyber Security, has published a new book, Cybercrime in Australia: 20 years of inaction, which answers the question:  What does Australia’s cybercrime landscape look like and how have we addressed it?

“20 years of surveys have all revealed the problem organisations have with cybercrime, yet we are not putting appropriate resources into it,” Mr Phair said.

“The past 20 years has seen constant enacting of legislation, yet this is not the answer – and it has made no difference.”

In 2021, 67,500 cybercrimes have been reported in Australia, but Mr Phair estimates this in only about one-fifth of the actual amount of online crime.

This means there are about 300,000 cybercrimes committed in Australia each year, with just 100 Australian police officers across the country dedicated to this type of crime.

Mr Phair, who is also a former Australian Federal Police officer, estimates that there have been less than 300 completed investigations into cybercrime in the past 20 years, of which just 150 were prosecuted.

“We spend so much of our time online, particularly via mobile smart devices, that the internet has become a fabric of our work and social lives,” he said.

“We are connected all through our waking hours (and depending on what apps we have downloaded, often during our sleep) and for younger people it is all they know.

“As such, we should treat the online environment just like any other public space where we may socialise, discover new information or participate in commercial activity. This includes ensuring there are appropriate police resources.”

Mr Phair’s cybercrime career commenced in 2002 and has spanned policing, consulting and academia, having worked extensively nationally and internationally.

“I have seen this crime type evolve, worked with many passionate people who try to make a difference, yet also seen the extensive damage which it causes governments, corporates and individuals,” he said.

“This book has been written to provide a retrospective look at the responses to cybercrime in Australia. Through the analysis of case studies; anonymous surveys of police, lawyers, privacy commissioners and cyber security consultants; and a wide range of statistics, this is the first analysis of how Australia has addressed the societal issues faced by cybercrime.”

Mr Phair said state and territory police are not taking cybercrime seriously with respect to investigations or crime prevention.

“Quite frankly, we have completely failed as a nation,” he said.

Cybercrime in Australia: 20 years of inaction was published today.