Turnbull sets the scene for a 'Stop the Bytes' election

The PM released Australia's Cyber Security Strategy on Thursday morning. Media reports focused on the 'revelation' of our cyber attack capabilities, but that's just a well-crafted political distraction.
Written by Stilgherrian , Contributor

"The Australian government has admitted for the first time that it has the ability to launch cyber attacks," reported ABC Radio's AM on Thursday morning. "The statement is contained in a AU$230 million Cyber Security Strategy that will be launched by the prime minister today."

The ABC framed the strategy as a response to cyber attacks such as those claimed to be from China and elsewhere, citing the widely-reported breach of Bureau of Meteorology systems.

"Last year, the ABC uncovered a state-based intrusion into the Bureau of Meteorology [BoM] that has infected its entire computer network. The threat is persistent, aimed at stealing information, and will cost hundreds of millions of dollars to fix," said a separate ABC report.

It's easy to spot when the government has successfully managed the media coverage of a major new policy.

First, high-profile news outlets are given the documents in advance, along with some "key messages" bullet points. Journalists are told where to look for a particularly juicy news angle, and given background information to help them contextualise the headline.

The resulting "to be released today" news yarns kick off the news cycle. Then breakfast radio builds momentum. So by the time the policy is officially announced a few hours later, everyone is on the same page. Finally, early-evening TV news reinforces the key messages, and the framing of debate is complete.

For Thursday morning's release of the Cyber Security Strategy, the twin angles "acknowledging attack capabilities is new" and "the BoM was hacked" featured in stories at The Australian, Fairfax Media news outlets, SBS News, Sky News Australia, and the Daily Mail. The Guardian ran the BoM angle without mentioning attack capabilities. The Daily Telegraph ran the attack capability angle without mentioning the BoM.

That's "Mission Accomplished" for the government's media team, right?

Prime Minister Malcolm Turnbull then confirmed the facts behind those news angles.

"I can confirm reports that the Bureau of Meteorology suffered a significant cyber intrusion which was first discovered early last year. And the Department of Parliamentary Services suffered a similar intrusion in recent years," he said.

Turnbull confirmed to both ABC News24 and Sky that Australia has "very considerable capabilities" in cyber attack, without going into any detail.

These official confirmations are important from a political and diplomatic point of view, especially since Turnbull was in China for high-level talks only last week. It's a clear message: "Yeah look, China, we know you're cybering us, so quit it or we'll cyber you back real hard".

A cyber boomerang of mutually assured destruction, if you will.

It also seems to confirm my personal belief that the leak of news about the BoM hack to the ABC was a "official strategic leak", coming as it did just a week before the climate change talks in Paris, where both Australia and China were negotiating their carbon emission targets.

But what the strategy actually says is remarkably unremarkable.

"Australia's defensive and offensive cyber capabilities enable us to deter and respond to the threat of cyber attack. Any measure used by Australia in deterring and responding to malicious cyber activities would be consistent with our support for the international rules-based order and our obligations under international law," it says on page 27 of the strategy.

That's it.

The stated mission of the Australian Signals Directorate (ASD) is "Reveal Their Secrets -- Protect Our Own". The ASD and its partner organisations across the Five Eyes alliance in the US, the UK, Canada, and New Zealand are the direct descendants of the World War II organisations that cracked codes, jammed enemy radars, sent false information, and much more.

It's more than reasonable, therefore, for Australia to have been developing cyber attack capabilities ever since there's cybers to attack. It's more than probable that our attack capabilities have been in operation for quite some years.

As for the BoM hack, while it's certainly an important organisation with networks spanning the country, is it really the most significant Australian government network intrusion of late? I doubt it. But it's a well-known and much-trusted organisation that the punters can relate to, and it's better than revealing any embarrassing breaches of secret-squirrel systems.

All this headline-grabbing cyber stuff is really just a natural continuation of programs already under way, just like the cybersecurity research strategy ZDNet reported on Tuesday.

The Australian Cyber Security Centre has already started to connect with telcos and ISPs to set up data-sharing procedures. Other critical organisations will follow. The Cyber Security Growth Centre was already announced as part of the National Innovation and Science Strategy in November 2015. And the same goes for building our cyber education capabilities.

The AU$230 million funding for the strategy should also be put into context. It's less than AU$10 per Australian to cover both national security and community cybersafety initiatives, as well as the industry cooperation program. Or if you prefer, it's the price of a single F-35 Joint Strike Fighter, or about one-twelfth of a submarine.

None of this should detract from seeing the Cyber Security Strategy as a good thing, however. The idea of positioning Australia as cyber innovator and educator builds on our strengths, and could well help the economy. It gives a much-needed focus to the innovation hand-waving.

Establishing the Academic Centres of Cyber Security Excellence in universities is a great idea -- though the label "Cyber Smart Nation" for this and the community cybersafety programs is embarrassingly cheesy.

It's a solid, coherent strategy, based on proper stakeholder consultations.

The challenge will be in the execution, however. That in turn will depend on both government competence and industry cooperation. Watch this space.

One curious aspect for me was Turnbull's historical allusions.

"In the First World War both the United Kingdom and United States governments had arrangements with international telegraph companies to obtain copies of communications for intelligence purposes," Turnbull said in his speech.

"Authorised working relationships between governments and private-sector partners were unfortunately damaged in the release of documents by Edward Snowden, and we recently saw in the exchanges between Apple and the FBI the difficulty that modern encryption poses for law enforcement.

"It is important in healthy democracies to have debates about the balance between civil liberty and national security. Few issues are more important. But in certain very specific circumstances government will work with the private sector within agreed legal frameworks and appropriate oversight to fight serious online crime and extremism, and to thwart terrorists and others who seek to hide their illegal activities online. This will not diminish our responsibility to ensure that we are protected from cybersecurity threats, and to ensure that trust and privacy remain paramount in the online environment."

I assume that's all framing for the forthcoming debate over the Telecommunications Sector Security Reforms (TSSR).

So what does this all mean for the federal election on, we all assume, July 2? Malcolm Turnbull could never ape Tony Abbott's bare-chested "Stop the Boats" sloganeering, even though daddy-as-strong-leader posturing always works in the polls. Perhaps he can achieve a similar effect with this "Stop the Bytes" policy.

But remember, apart from a few specific new measures, it's mostly existing plans frocked up in a coordinated suit of new cyberclothes for the pre-election ball. Not that that's a bad thing.

Editorial standards