ITP Techblog

Brought to you by IT Professionals NZ
« Back to Procurement

Aussie goes on the cyber offensive

Peter Griffin, Contributor. 30 June 2020, 10:47 am

Australia will hire 500 additional spies and beef up its offensive cyber capabilities as it responds to a spate of cyber attacks on government departments and some of its biggest companies.

An AU$1.3 billion injection of funding into Australian Signals Directorate due to be announced today by Australia's Prime Minister, Scott Morrison, is the biggest investment in cyber investments to date, according to the Sydney Morning Herald.

It will specifically include AU$31 million to build offensive capabilities, allowing the ASD to go after hackers and cybercriminals offshore. While Australia has been quietly developing such capabilities, it hasn't been a major player when it comes to offensive cyber operations, which are typically the domain of the major global powers such the United States, China and Russia.

But sources within the Australian Defence Force have been lobbying for the development of offensive capabilities for much of the last decade. In a 2015 paper on cyber warfare, Colonel Michael Lehmann CSC, of the Australian Army, wrote that Australia's approach to military power in cyberspace "has been largely that of a victim".

"This strategy advocates, probably unthinkingly, a cyber 'Maginot line', ceding the initiative to any attacker beyond the reach of law enforcement. There is no cyber deterrent and there are no options for government in such an approach," added Lehmann, who has since retired from the army to work in the IT industry.

Military sources have advised the Australian government to work closely with its Five Eyes security allies and the US in particular, which has by far the largest offensive cyber capability of the group of allies.

An unnamed state actor

The nature of the latest wave of cyber attacks seems to have crystallized thinking in Scott Morrison's government on the issue.

"We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the tradecraft used," Morrison said two weeks ago after a blitz of cyber activity was detected and linked to China, though the government didn't officially accuse the Chinese government of being behind the cyber attacks.

The Australian Government did respond with advice to deal with the "Copy-paste compromises" as they came to be known. The new funding will also include AU$25 million to establish a cyber threat-sharing platform, which appears to be similar to both the New Zealand's Cortex system, which offers cyber protection for critical infrastructure and the networks of government departments and large businesses, and Computer Emergency Response Team which is an information sharing and advice service offered by the government to businesses and home internet users.

A further A$118 million will go towards data science and intelligence capabilities to build up Australia's threat identification capabilities over the next decade.

Our own government has been very much focused to date on defensive cyber measures but has seen similar calls, emanating from the military in particular, to build our own offensive cyber capabilities.

"The number of state-sponsored cyber operations is rising and more governments are

openly developing offensive cyber capabilities," Kris Faafoi, the Minister of Broadcasting, Communications and Digital Media notes in the 2019 New Zealand cybersecurity strategy.

Screen Shot 2020-06-30 at 9.37.24 AM.png

Sticking to defence

He acknowledged that "more governments are openly developing offensive cyber capabilities" but there is nothing in the strategy suggesting New Zealand adopt this approach. The strategy vaguely suggests "investing more in skilled people and resources to combat cybercrime and cyber-enabled crime". Funding was allocated in last year's Budget to allow the rollout of that strategy, with CERT receiving a funding to-up too.

The Government's Strategic Defence Policy Statement 2018 makes numerous mentions of the growing cybersecurity challenges facing New Zealand but offers no strategy about developing offensive cyber capabilities. Indeed, it notes towards the end of the document:

"The Defence Whitepaper 2016 set out an increased capability for protecting Defence's networks, but did not expand the range of cyber activities Defence was to be able to undertake."

That appears to have amounted to a pullback in moves towards developing offensive capabilities, which was the favoured approach of the National government and then defence minister Gerry Brownlie.

It seems then that New Zealand will continue to play defence, officially at least, while working with its Five Eyes partners under the cloak of secrecy to benefit from offensive cyber activities that increasingly, will be launched from across the Tasman.


You must be logged in in order to post comments. Log In

Web Development by The Logic Studio