Australian Defence White Paper emphasises need for cybersecurity

After dismissing cyberattacks as something that might need to be addressed one day in its previous Defence White Papers, the Department of Defence's first paper in nine years highlights cyber as a threat that needs significant attention.

Australia's first Defence White Paper in nine years underscores online attacks as a critical issue that needs continued attention to protect national interests.

In the previous 2000 Defence White Paper (PDF), cybersecurity issues were barely raised, with it lumped among "non-military" threats like illegal immigration. These issues were more widely recognised in the 2009 Defence White Paper. The former paper mentioned cyber warfare as a more emergent threat to national security alongside space warfare and the risk of weapons of mass destruction, short of those of a nuclear capacity, being used by terrorist groups.

"It might become evident that the risk of cyberattack is even greater than we had first thought, and so we might decide to build on a foundation in this area by further enhancing our cybersecurity capabilities," the 2009 paper predicted.

However, the 2013 Defence White Paper (PDF) has a significantly different emphasis on these threats, highlighting it as a matter that has far-reaching consequences.

"The seriousness of the cyber threat was affirmed in 2011 when Australia and the US confirmed the applicability of the ANZUS Treaty to cyberattacks. This further emphasised the need for capabilities that allow us to gain an advantage in cyberspace, guard the integrity of our information, and ensure the successful conduct of operations."

Part of the government's 2009 response was to invest in a "major enhancement of Defence's cyber warfare capability" — capabilities that it states would remain "highly classified", but also publicly consist of a Cyber Security Operations Centre (CSOC).

The establishment of this centre is highlighted in this year's paper, with the report reading that it has "allowed the development of a comprehensive understanding of the cyber threat environment, and coordinated responses to malicious cyber events that target government networks", and that Australia has "increased its intrusion detection, analytic and threat assessment capabilities, and improved its capacity to respond to cyber security incidents".

The announcement of an additional Australian Cyber Security Centre that will bring industry expertise into collaboration with information security experts from organisations such as the Department of Defence (DoD), the Australian Security Intelligence Organisation, the Australian Federal Police, and the Australian Crime Commission, was also acknowledged in the paper and brought about clarification of who will oversee the centre.

National Security Adviser Margot McCarthy previously said that "guidance for the centre will be provided by a board of secretaries and agency heads from a range of agencies", and that because 95 percent of staff will initially be from DoD , it was likely to be overseen by an official from that department.

The paper now states that the centre will instead be overseen by a board led by the Secretary of the Attorney-General's Department, rather than DoD, and will be required to report regularly to the National Security Committee.

The paper also considers the consequences of failing to prepare and respond to online threats, stating that an adversary that manages to compromise the Australian government's systems could gain an "economic, diplomatic, or political advantage over us".

"Defence capability would be seriously undermined by compromised sensitive information on command and control, operational planning, platform design, or weapon system performance. Additionally, without effective mitigation and protection measures in place, the costs to Defence of addressing cyber intrusions could far outweigh the effort expended by an adversary."

Yet, for the first time, it also acknowledged that the impact of online attacks have effects beyond destabilising the government.

"Compromise of commercial, government, or private citizens' information would undermine public and international confidence in Australia as a secure digital environment."

As a public document, the paper does not go into any specifics on the actions that the nation needs to take to address these threats, but does acknowledge that "network and system management, along with personnel and physical security, need to be strengthened" as part of its continued response.

The Defence Signals Directorate was also flagged for a rename in the report, and will soon be officially titled the Australian Signals Directorate. It is the first name change for the Directorate since 1978, when it was called the Defence Signals Division.