Australia not immune to a 'cyberstorm': Assistant Cyber Minister
Australian Minister Assisting the Prime Minister for Cyber Security Dan Tehan has warned of the devastation a "cyberstorm" could have.
In his address to the National Press Club, Tehan described a cyberstorm as being an attack that compromises power, telephone, emergency, and financial networks, with attacks potentially mounted by a foreign power, criminals, or kids causing trouble.
"We are naive if we think that in Australia, we are immune to any of these threats," he said.
Tehan spoke of the need to make sure that Australia understands and plans for growing cyber threats, noting that how the government prepares for when cyber threats hit the country will determine how well it manages them.
Latest Australian news
"All of us must be on notice -- it is not a case of if but when government, businesses, or individuals will be hit," he said.
"When it comes to cybersecurity, being prepared isn't just having a wall that will block and protect from attacks. Instead, being prepared means minimising risk and having the ability to recover, to remediate, and to respond.
"No police force can guarantee that they will eradicate crime completely. But we can make it a lot harder if the windows aren't open, the doors are locked, and there is a strong cop on the beat."
Tehan conceded that there are areas where more needs to be done from a government perspective, including working with state and territory governments and businesses to better protect critical infrastructure.
"When the Bureau of Meteorology was compromised, it was most likely because it was seen as an entry to other organisations," Tehan said.
"A serious cyber attack has the potential to cause the same damage as a terrorist attack, but because this government is acting now, we are better placed than most."
Addressing Parliament on Wednesday, Prime Minister Malcolm Turnbull disclosed that the Australian Signals Directorate (ASD) had taken the fight against Islamic State into cyberspace, but said businesses, government organisations, and individuals still remain vulnerable to cyber attacks.
Although he said it is making "a real difference", neither Turnbull nor Tehan would reveal any details of how this is being done.
Turnbull said cybersecurity operations are subject to the same rules of engagement that apply to other military capabilities, which includes the six RAAF F/A-18 Hornets that have been bombing IS targets in Iraq and Syria.
IS has long been adept at using the internet for its own purposes, using slick video productions to trumpet its successes and persuasive social media pitches to potential Western converts.
Cyber attacks could take the form of denying IS use of its computer networks, or penetrating their systems to steal information or compromise command and control, with one academic paper terming this type of attack as being above espionage but below violence.
In his address, Opposition Leader Bill Shorten said that millions of small and medium-sized businesses in Australia need the federal government to help them stay safe in the digital world.
"They need [help] in the way that's simple enough for them to incorporate it into their business and that they can afford," Shorten said. "This means having the resources to design cyber defences for products, processes, and people."
The Labor leader also believes "trust and collaboration" should be present in every cybersecurity conversation, and said no government has the reach or resources to act alone to combat threats.
Turnbull unveiled Australia's AU$230 million Cyber Security Strategy in April, which is aimed at defending the nation's cyber networks from organised criminals and state-sponsored attackers, and sits alongside the AU$400 million provided in the Defence White Paper for cyber activities.
Included in Turnbull's strategy is the AU$136 million spent on small business grants to boost security, increase the government's cybercrime intelligence and investigation capabilities, create a threat information-sharing portal, and be able to identify vulnerabilities in government systems.
Additionally, items already catered for under the government's AU$1.1 billion National Innovation and Science Agenda announced in December are AU$38 million to support new business and promote the exporting of security products, the creation of a national cybersecurity innovation network, and a boost to Data 61's cyber program.
A total of AU$13.5 million has also been allocated to establish academic centres of cybersecurity excellence, and to raise awareness of cybersecurity across the country.
In the months since Turnbull handed down his strategy, Tehan said the government has taken action with increased urgency, pointing to the recent appointments of Alastair MacGibbon to Australia's first Cyber Security Special Adviser to the Prime Minister and Dr Toby Feakin as Australia's first Ambassador for Cyber Affairs, in addition to his own role, to prove his point.
"Suffice to say, while our Cyber Security Strategy still stands it cannot afford to stand still," he said.
"What we do today will prepare us for tomorrow. We need to accelerate the implementation of our Cyber Security Strategy and look to where we can further address our vulnerabilities.
"If we can do this, we can be confident in facing what comes next."
According to Tehan, there are four key areas he believes require more attention from government, which includes departments taking greater responsibility for the security of their agencies, having said previously that a centralised approach to cybersecurity is dangerous.
Similarly, Tehan said there is a need for the federal government to work with businesses and state and territory governments in the cyber fight, as well as being more proactive by having a "strong cop on the beat".
He also wants to see the transparent release of information on attacks to the public.
With AAP