Sunday, August 04, 2013

Australian CyberWarfare Battalion

This is to propose the Australian Defence Force (ADF) raise an Australian CyberWarfare Battalion (ACWB) of 300 personnel, to protect Australia's national information infrastructure. All but a small cadre would be reserve military personnel who have full time jobs as computer security professionals.

After very basic military training, personnel would be issued with secure communications and return to their workplace. Personnel would remain in touch with each other monitoring computer security threats. In the event of a large scale attack, most of the Battalion would stay in their workplaces to protect  infrastructure,  while a small number would deploy to industry, government and military centers (including any Cyber Security Operations Centre)
to coordinate operations.

Compared to an infantry battalion,  a cyberwarfare battalion would be fast to raise and inexpensive to maintain. Personnel would receive the minimum of military training, sufficient for them to be able to work alongside regular personnel in a headquarters. Use would be made of the facilities and expertise in Australia's universities, including the University of NSW Cyber Range and the Queensland University of Technology Industrial Control System Security Course.

There is provision for the ADF to work alongside the civilian administration, as described in: "Civil-Military Operations", Australian Defence Doctrine Publication (ADDP) 3.11, 1 April 2009.

Without an effective form of cyber-defence Australia could expect its government and civilian infrastructure to be crippled within a few hours of the commencement of a major on-line attack. The ADF would then be required concentrate on aid to the community, with a reduction in its capacity to undertake conventional military operations.

2 comments:

Jeff M said...

(Note - re-posting my comments from DNA):

Arguably a worthy initiative, but I would pose the initial question: does this need to be a military (ADF) led initiative?

Given the ambiguities associated with attribution of even significant attacks, is an ab initio military response (even if defensive in nature) appropriate?

Further - by locating such a capability within the military - I would argue that one runs the risk of alienating members of the very community of practice/knowledge upon which such an initiative is critically reliant. Belonging to the military, members of this prospective organisation would be subject to the DFDA (military law) and military command: how would this be reconciled with the distributed organisational framework described above? On what basis would response effort be prioritised (national or local/immediate organisational focus)?

Might I therefore propose - drawing on the model of the Australian Civilian Corps fostered by AusAID - a looser arrangement which centres on CERT Australia, and leverages existing relationships between government, private sector and academic entities that already exist - at least to a point - within the TISN arrangements.

Tom Worthington said...

Greg Austin, from tghe Australian Centre for Cyber Security at UNSW Canberra has proposed an Australian Cyber Corps (24 June 2016), along the lines I suggested in 2013.