BOM ducks Senate's security breach scrutiny

The Australian Bureau of Meteorology remains tight-lipped on December's alleged security breach, redirecting questions from the Senate towards its new supercomputer instead.
Written by Asha Barbaschow, Contributor

Representatives from the Australian Bureau of Meteorology (BOM) faced the Senate Environment and Communications Committee on Monday, probed with questions pertaining to the alleged breach the BOM experienced late last year.

In December, the BOM said its systems were fully operational and reliable in response to a report by the ABC that the weather bureau had suffered from a large breach. At the time, the BOM was tight-lipped.

"The bureau does not comment on security matters," it said. "Like all government agencies, we work closely with the Australian government security agencies."

When answering the Senate on Monday, the response from BOM employees was not one of admission.

Labour Senator Anne Urquhart asked the bureau if it had experienced a breach in December and BOM CEO Rob Vertessy redirected his response to the new supercomputer the department was receiving.

"I can say a few things, the first is that there have been no security-related disruptions to our service delivery, to our ICT systems at all -- that's the first thing," he said.

"The second is that it is well known throughout the internet and the systems that we all run in government and business that there are a range of threat actors out there that require gradually improving security posture for those agencies to minimise the risks of the violations.

"The bureau, like all agencies, has an active program of improving its ICT security posture and we are in the fortunate circumstance because we're rebuilding some of our ICT infrastructure chiefly around the supercomputer. We've got the ability now to redesign the architecture of our systems as such that we have improved ICT security."

Minister for Education and Training Senator Simon Birmingham added that such questions around breaches touch on national security matters, saying he was hesitant to address them in a forum such as estimates.

When asked if the system rather than the security had been breached, Vertessy said that there had been no disruption at all to the BOM services owing to any security breaches.

"All departments have them from time to time, and that's been pointed out by the Australian Signals Directorate and is the underlying imperative for us all to put in place sharpened security arrangements," he said.

Urquhart asked the BOM representatives again if there had been a breach, referencing reports from the media in December.

"I was trying to work out whether or not the reporting was in fact correct and I take it from your answer that it is," Urquhart said.

Vertessy asserted that he was not going to comment on reports made by the press.

"I'm not going to comment on media stories and speculations -- there's quite a number of them and there's some wild stuff in there as well -- I can't go through all of those storylines and tell you if they're accurate or not," he said.

In July, the BOM signed a AU$77 million supercomputer contract with American manufacturer Cray. At the time, BOM CIO and deputy director information systems and services Lesley Seebeck told ZDNet that the new Cray XC-40 supercomputer is expected to be up and running mid-2016, replacing the ageing Sun Microsystems machine which was commissioned in 2013.

Answering questions from Urquhart on Monday, Seebeck said the BOM was taking advantage of the supercomputer to redesign its systems.

"We are working closely with the Australian security agencies as we always do, given that whenever we get or upgrade our systems we try and take into account security; I don't actually draw a distinction between a security system being breached and security -- they are one in the same," she said.

"So what we're doing at the moment with the supercomputer is taking advantage of the fact that this has been installed and is undergoing acceptance testing at the moment, and we're designing our systems around that to ensure that it is hardened and resilient as we can possibly make it, because we have one operational system that's in the interests of all of us to ensure it is secure."

When asked again if there was an investigation into what happened in December, Seebeck said she did not understand what Urquhart was talking about.

"I don't think anyone is confirming any aspect of those stories and whether or not something occurred," Birmingham interjected. "I think there is a continual and ongoing body of work done to ensure that the bureau, as with all government agencies, is as responsive as possible to the threats to security or otherwise for the systems that are operated."

"If we can just dispel the notion that there was some particular event on any day that was akin to a denial-of-service attack or a bring down of the system -- no such event occurred," Vertessy added.

As confirmed by the BOM, on January 8, 2016, its weather information service went down. Seebeck said that the bureau experienced the failure of one of its physical network switches which caused the entire network to come down. She said all operational systems were restored after five and a half hours with the remainder of the systems up by the end of the day.

"We operate a very complex, highly interconnected network of applications and systems. We are undertaking a series of activities including an after action report to see what lessons we can learn. We're also going through and seeing where we can harden our systems to make sure it doesn't happen again," Seebeck said.

Earlier in the day, it was revealed that a restructure at the CSIRO to temporarily cut around 350 jobs, mainly from climate research, could affect weather data programs run with the BOM.

Vertessy said there would be "holes" in joint programs such as the Cape Grim greenhouse gas data collection and the Australian Community Climate and Earth-System Simulator if CSIRO pulled out.

"CSIRO aren't doing everything but they play a very significant role," Vertessy said, adding he would try to persuade the CSIRO to retain those jobs.

Birmingham later told the committee the CSIRO had advised him it intended to continue operations at Cape Grim.

As a result of the job cuts, climate scientists believe Australia's obligations under the Paris climate commitments will be "directly undermined".

Last week, CSIRO chief executive Larry Marshall said the body wanted to refocus on improving productivity in industry, the impact of "digital disruption", health, and new technologies in agriculture.

The federal government said the CSIRO's realignment would take roughly two years and funding on climate change mitigation adaptation research would be maintained.

With AAP

Editorial standards