Government officials have outlined their priorities for Australia’s cybersecurity efforts following a major reorganisation of the country’s cybersecurity agencies. These include a national assessment of Australian cybersecurity, and collaboration with major internet service providers to address known problems.
“The time for incremental shift is over,” said Alastair MacGibbon, the National Cyber Security Adviser and head of the Australian Cyber Security Centre (ACSC), at the ACSC Conference in Canberra on Wednesday.
“We’re doing things faster, and with more ambition to achieve change for the Australian people, and for the Australian economy. It doesn’t come without some pain, but it comes with an amazing opportunity for us to achieve those changes.”
MacGibbon said that “bumps in the road” have led to changes in strategy since the Australia’s Cyber Security Strategy was launched in 2016.
“The first one came pretty quickly in August 2016 with the eCensus falling over from some very small denial of service attacks. Very small. But that led to the discussion of resilience, and what happens when government systems don’t perform the way the public rightly expects them to perform,” he said.
“That helped change the political dialogue in this town very, very significantly, and the pressure on us to deliver resilient systems.”
Following the recommendations of the 2017 Independent Intelligence Review, the ACSC is moving from the Attorney-General’s Department (AGD) to the Department of Defence, and will become part of the Australian Signals Directorate (ASD), taking with it CERT Australia and a “small contingent” from the Digital Transformation Agency (DTA).
Meanwhile, on 1 July the ASD will become an independent statutory authority. While it will still be part of the Department of Defence, this change puts it on an equal footing with the Australian Security and Intelligence Organisation (ASIO), which has AGD as its parent agency, and the Australian Secret Intelligence Servvice (ASIS), whose parent agency is the Department of Foreign Affairs and Trade (DFAT).
Mike Burgess, the ASD’s Director-General Designate, said that he’s “absolutely certain” that the new structure will increase the potential for collaboration at the ACSC, as well as a change of emphasis, and a change in the centre’s scope of engagement.
The ASD will have a new role in countering cyber-enabled crime. Its remit is also being expanded to provide advice and proactive assistance to community and businesses, in addition to government. That latter change gives it a similar role to the UK’s National Cyber Security Centre, part of their ASD equivalent, the Government Communications Headquarters (GCHQ).
“The ambition and expectations of our ministers is higher, and I’d be confident that ambition and expectation from you [the cybersecurity community] is equally as high. I can assure you Alastair, his team, and the rest of the Australian Signals Directorate and myself will be focused on this,” Burgess said.
“Cyber-enabled crime would include pure-play cybercrime, that is, hacking for criminal purposes, and in that regard I would include nation-state actors in this. In addition, it will also include cyber-enabled serious crime…
“ASD’s focus on nation-state actors, that is, countering cyber-espionage, interference, and attack, will continue and remain important. However, ASD’s focus will shift and broaden. And when I refer to ASD in this context, I mean the whole of my organisation. The centre’s focus will cover community, businesses, and governments. And it will be backed by the full support of the Australian Signals Directorate. Alastair will now have the full support of the ASD, not just his part of the organisation.”
Burgess said his key priorities for the next 12 months include a national assessment of the nation’s cybersecurity, focusing initially on critical infrastructure; collaboration with major internet service providers and critical infrastructure providers to “drive out known problems, and equally important, identify and first see new threats”; executing counter-cybercrime campaigns; and outreach and influence.
“My expectations for the centre [ACSC] include comprehensively understanding the cyber threat to Australia, providing timely proactive advice and assistance that makes a real difference across the community, businesses, and government. The centre’s work must lead to an improvement in the identification and management of the cybersecurity risk to all Australians.”
MacGibbon repeated his message that cybersecurity is a “team sport”. Australia is “hugely benefited” by some of the “very close” international alliances, and not just with our Anglosphere friends in the US, UK, Canada, and New Zealand.
“We have amazing regional links, and a common threat. We certainly have a common threat when it comes to criminal groups. There’s not a nation-state around that likes criminal groups preying upon their community, and there is a common language between nations that goes to cooperating on those [criminal] groups,” MacGibbon said.
“In fact, you’ll often see that some of the first diplomacy conducted between nations that are adversarial in other ways is often around criminal threats.”
Australia’s Special Adviser to the Prime Minister on Cyber Security has taken a positive stance on the 2016 Census debacle that was labelled a ‘confluence of failure’, calling it the wake-up call the nation needed.
Straight-faced, a Department of Human Services representative told a Senate committee its data-matching ‘robodebt’ project went well, because it produced savings.
A probe into the digital delivery of government services has revealed 54 government websites were pulled for maintenance over one weekend, without backups in place for citizens to still access services.
The Australian government’s habit of losing filing cabinets full of confidential documents is merely a symptom of much deeper problems, in both policy development and implementation.
The DTA’s CEO Gavin Slater has told Senate Estimates he ‘absolutely’ wants the capability back in-house, after a machinery of government change removed the cybersecurity team from his agency last year.
Mozilla said the current ‘online advertising economy is broken and easily bent to fraud and abuse.’
Ransomware was the cause of 39% of malware-related data breaches, more than double that of last year, according to Verizon’s annual Data Breach Investigations Report.