Thursday 16 Aug 2018 | 20:13 | SYDNEY
Thursday 16 Aug 2018 | 20:13 | SYDNEY

Cyber spookiness


Graeme Dobell

6 August 2010 14:42

Getting hard numbers about cyber espionage is nearly as hard as identifying the cyber snoopers.

Credit, then, to Australia's Defence Minister, John Faulkner, for one solid number about the growing cyber challenge Australia faces. The reality revealed by Faulkner is that Australia's Defence networks are attacked, on average, 6.5 times a day by hackers, spies, tech-heads or industrial snoopers.

Computer security: how not to do it.

After opening the new Cyber Security Operations Centre (CSOC) in Canberra in January, Faulkner told reporters that in 2009, 'Defence investigated approximately 200 electronic security incidents on its own networks per month.' The Defence Minister tallied it all up for the Financial Review's 'State of Security' piece last week, as discussed in the previous column on ASIO. Faulkner said that in 2009, DSD had detected 2400 'incidents' on networks considered to be of 'medium to high risk'.

A check with the Minister's office confirms that the figures are from the same set: 200 times a month equals the total for last year of 2400 incidents on Defence networks. Faulkner also said in January that Defence is aware of another 220 incidents last year on other Australian government networks.

Such numbers are the basis for the change in language and tone of Australia's national security complex, as illustrated by the Rudd national security statement in December, 2008. The Rudd statement saw the relative demotion of terrorism and the elevation of a range of scourges such as cyber attacks and the challenge from people smugglers and organised crime.

In his January speech, Faulkner said cyber intrusions on government, critical infrastructure and other information networks are a real threat to Australia's national security and national interests: 'Already we have evidence of sophisticated cyber intrusions onto networks in Australia, both government and private. Not all are successful, but some have been – on a range of networks.'

Canberra knows it is being threatened and has tried to respond in ways that reach from the dark arts of Defence to the business secrets of Australian industry. At the heart of this effort is the considerable computer muscle of CSOC, inside the Defence Signals Directorate, just across the road from the new ASIO HQ.

CSOC provides the firepower for the Computer Emergency service, CERT, which the Attorney Generals' Department offers to all Australian companies and networks. CERT and DSD's Cyber Centre can give Australian businesses and other organisations a matrix of mitigation strategies, ranked by effectiveness, to detect and prevent targeted electronic intrusions. The offer to business comes with this counsel:

At least 70 per cent of the targeted cyber intrusions that the Defence Signals Directorate responded to in 2009 could have been prevented if organisations had implemented the first four mitigation strategies.

In this maze of mirrors, where does cyber snooping cross the line to attack? The US is still pondering what can be attacked and what should be off limits in a cyberwar. For instance, what about an international agreement by nations not to target banks and electricity grids?

The cyber security speech the other day by ex-CIA chief Michael Hayden sought to draw some distinctions between state and non-state purposes. China, he said, was not waging war, in that it had not destroyed data, harmed physical facilities or cost lives.

The Financial Times quoted Hayden's view that China is a formidable force in the contest for superiority on the internet. 'As an intelligence professional, I stand back in absolute awe and wonder,' he said of the Chinese campaign to wrest industrial and defence secrets from major Western companies. 'It is magnificent in its depth, its breadth and its persistence.'

That necessary coolness points to a fact that isn't always mentioned when the cyber threat bogey is running around scaring people and boosting budgets. Certainly, the threat is real and growing. But just as certainly, the West has been in this game longer than anybody else and has formidable intellectual and technical resources to throw into the contest. Remember that if electronic eavesdropping and computer snooping were Olympic sports, the Chinese would face tough competition to take the gold.

Photo by Flickr user formalfallacy, used under a Creative Commons license.