Friday, February 26, 2016

Cyberwar Preparations in Australian Defence White Paper 2016

The Australian Government issues a 2016 Defence White Paper  (25 February 2017). As well as big ticket items, such as twelve of the largest conventional submarines in the world, there is provision for cyber-security. The government proposes  800 new jobs in intelligence, space and cyber security. If well trained these personnel will have more military impact than the 12 new submarines. It happens that earlier in the week I prepared a "Hypothetical on Cyberwar Over the South China Sea" for teaching this workforce.

"New and complex non-geographic security threats in cyberspace and space will be an important part of our future security environment. The cyber threat to Australia is growing. Cyber attacks are a real and present threat to the ADF’s warfighting ability as well as to other government agencies and other sectors of Australia’s economy and critical infrastructure." (Page 17).
"2.5 Cyber attacks are a direct threat to the ADF’s warfighting ability given its reliance on information networks. State and non-state actors now have ready access to highly capable and technologically advanced tools to target others through internet-connected systems and we are seeing greater use of offensive cyber operations. This trend is likely to continue." (Page 53)
"2.51     Cyber threats also have impacts well beyond Defence, with the potential to attack other Australian government agencies, all sectors of Australia’s economy and critical infrastructure and, in the case of state actors, conduct state-based espionage including against Australian defence industry. The Australian Signals Directorate detected over 1,200 cyber security incidents in 2015, including attacks on government agencies and non-government sectors. Australian defence industry was one of the key non-government sectors targeted in that period, along with energy, banking and financial services, communications and transport. Cyber attacks also threaten Australia’s secure access to the global communications system which is critical to Australia’s prosperity." (page 54)
"3.19     To counter the growing threat of cyber attack, the Government is improving our national cyber security capabilities. Defence’s cyber security capabilities will be strengthened to protect the ADF’s warfighting and information networks. Defence will contribute to the Government’s enhanced national cyber security efforts, which include better coordinated cyber security capabilities and working with industry and academia to counter the threat of cyber attack." (Page 75)
"4.19     The Government is committed to ensuring that Australia can address the growing cyber threat including through enhanced cooperation with the United States and our other international partners. Defence makes a critical contribution to Australia’s whole-of-government cyber-security efforts, ensuring the integrity of Australian government information and systems. This includes the invaluable work of the Australian Signals Directorate. Defence will continue to work closely with other agencies to protect Australian interests in the cyber domain, including through the multi-agency Australian Cyber Security Centre.
4.20     The Government will strengthen Defence’s cyber capabilities to protect itself and other critical Australian government systems from malicious cyber intrusion and disruption. Enhancing the resilience of Defence networks, including networks used by our deployed forces, and the capability of the Australian Cyber Security Centre are key areas of focus in strengthening Australia’s cyber defences. This will include considerable new investment in strengthening the Defence cyber workforce, including new military and APS positions and training programs.
4.21     The Government will also establish a research and development capability to help strengthen the defences of the ADF’s military information systems against cyber attack." (Page 90)
"6.17     Within this total workforce of around 18,200 FTE, enhancements to intelligence, space and cyber security capabilities will involve 800 new APS positions. Four hundred new positions will be created in information technology support, simulation, support to Navy engineering and logistics, security, force design and analysis, and strategic and international policy, including civilian policy officers posted overseas." (Page 152)

Table of Contents

 Minister’s Introduction 9
Executive Summary 13
Strategy 14
Australia’s strategic outlook 14
Australia’s defence strategy 17
Capability 18
A more capable, agile and potent future force 18
Australian defence industry and innovation 20
Shipbuilding 21
Defence posture – more active and internationally engaged 21
International engagement 22
Defence preparedness 22
People 23
Resources 24
Reform 24
Funding 24
Implementation 25
Chapter One: The Government’s Approach to Defence 29
The purpose of this Defence White Paper 29
Why now? 30
Managing strategic risk 32
Chapter Two: Strategic Outlook 39
Australia’s security environment 39
The United States and China 41
The rules-based global order 44
The threat of terrorism and foreign terrorist fighters 46
State fragility 48
Military modernisation 49
Cyber and space 51
Regional security environments 53
Australia’s borders and offshore territories 53
Our immediate neighbourhood 54
South East Asia 56
Indonesia 59
North Asia 60
South Asia and the Indian Ocean Rim 61
The Middle East 63
Weapons of Mass Destruction 64
Chapter Three: Australia’s Defence Strategy 67
Australia’s Strategic Defence Framework 68
Strategic Defence Interests 68
A secure, resilient Australia, with secure northern approaches and
proximate sea lines of communication 68
A secure nearer region, encompassing maritime South East Asia
and the South Pacific 69
A stable Indo-Pacific region and a rules-based global order 70
Strategic Defence Objectives 71
Deter, deny and defeat attacks on or threats to Australia and its national
interests, and northern approaches 71
Make effective military contributions to support the security of maritime
South East Asia and support the governments of Papua New Guinea,
Timor-Leste and of Pacific Island Countries to build and strengthen
their security 74
Contribute military capabilities to coalition operations that support
Australia’s interests in a rules-based global order 75
Implications for force structure and force posture 77
Chapter Four: The Future Australian Defence Force 83
Designing the future force 84
Capability priorities 86
Intelligence, Surveillance and Reconnaissance, Space, Electronic
Warfare, and Cyber Security 86
Maritime Operations and Anti-Submarine Warfare Forces 89
Strike and Air Combat 94
Land Combat and Amphibious Warfare 97
Key Enablers 100
Air and Sea Lift 106
Industry, innovation, research and development 108
A new approach to Australian defence industry policy 108
A new approach to defence innovation 111
Shipbuilding 113
Chapter Five: Positioning Defence for Tomorrow’s Challenges 117
International engagement 117
International defence relationships 120
The Australia-United States Alliance 121
New Zealand 124
Indonesia 125
The South Pacific 126
Timor-Leste 128
South East Asia 128
North Asia 132
South Asia 134
Global relationships 135
Defence preparedness 140
Current operations 141
Chapter Six: People 145
Growing the integrated Defence workforce 146
Permanent Australian Defence Force 146
Reserves 148
Australian Public Service 149
Recruiting the people we need 150
Developing our people 152
Retaining our people 153
Defence culture 154
Looking after our people 156
The Defence community 159
Delivering the future workforce 160
Chapter Seven: Reform of Defence 165
The First Principles Review – The Government’s reform program 165
A strong strategic centre 168
Capability development life cycle 170
Corporate and military enablers 172
Implementing the First Principles Review 174
Chapter Eight: Funding Defence 177
The Government’s plan for funding Defence 177
The funding model 177
How will Defence funding be spent? 181
Budgeting in Defence 182
Chapter Nine: Implementing this Defence White Paper 185

Monday, February 22, 2016

Battery Storage of Energy for Heating Canberra Homes

Greetings from "Creating Energy Efficient Cities in Switzerland and Australia" at the Australian National University in Canberra, where a representative from the ACT's Environment and Planning Directorate, is outline their next generation renewables strategy incorporating an innovative pilot program of distributed energy storage using home battery storage. What was curious is that the winter peak electricity use in Canberra is for space heating, which conventional wisdom says is not a good use for battery storage of energy. The storage of heat directly has been the usual way to provide space heating storage. The drop in the cost of PV panels has resulted in these now being cheaper than use of direct solar water heaters for domestic supply, however, even hear storage as hot water is used.

It would be interesting to see if the ACT Government would consider energy saving options as an alternative to provision of PV panels and storage. That is, if technology can be used to reduce or shift energy consumption, at a lower cost than generation or storage, then that should be used. This approach was taken up by Ms Martina Blum, Energy Officer, City of Zurich in a talk on the "2000-Watt society – Zurich’s path to sustainable energy use". Zurich’s approach to reduce energy use could usefully supplement the ACT's renewable energy approach.

Dr Andreas Luzzi, CEO Laros Technologies, will then speak on "Passivhaus brought to Canberra". This is an example of a home designed for the 2000-Watt-Society  initiative.

Failure of the War on Terror

Greetings from the Australian National University in Canberra, where David Kilcullen, is speaking about his book "Blood Year: Islamic State and the Failures of the War on Terror". He started with the bold claim that the US invasion of Iraq was as a strategic mistake as Hitler's invasion of the USSR. He argues that the invasion created ISIS. The USA then failed to take the opportunity with the disarray on the death of Osama bin Laden, to eliminate
al-Qaeda. With the failure of the
Arab Spring and reintroduction of autocratic governments, liberation movements were required to turn to
al-Qaeda. Similarly the withdrawal of the US forces from Iraq removed curbs on the government and forced opponents into the hands of al-Qaeda. Kilcullen argued that the USA's having  Russia assist in the removal of Syria's chemical weapon emboldened Russia to later intervene militarily. The intervention of Iran then caused problems for countries in the region who see this as much of a threat as ISIS.

Kilcullen then attributed the introduction of a transit visa by
Republic of Macedonia, and call-up of Syrians for military service, causing the refugee influx to Europe. He does not seem to see this as a military threat to Europe, just something which has finally got the attention of European government about Syria.

I asked if a US "President Trump" would understand how to take a patient long term approach to building democratic structures in middle eastern countries, Kilcullen commented that he was more worried about a President Cruz or Clinton.

Friday, February 19, 2016

Japan, Australia and regional security architecture

Greetings from the Australian National University in Canberra where I am attending a panel discussion on "Japan, Australia and regional security architecture". Dr Amy King (ANU), with Professor Mie Oba (Tokyo University of Science), Associate Professor Ryo Sahashi (Kanagawa University), and Professor Nick Bisley (La Trobe University) are discussing Japan and Australia's role in regional security institutions, including  ASEAN Regional Forum, ASEAN Defence Ministers Meeting Plus, and East Asia Summit. But it quickly become evident that the real topic was what Japan and Australia could do about China claims to islands in the region. The claim was made by one of the panelists that Australia is not directly involved in the dispute. However, I suggest it is, in that RAAF aircraft are flying over some of the islands, in a direct military challenge to China's claim of sovereignty. I am not a foreign policy expert, but it seems to me that one effective initiative for Japan and Australia is to build more submarines. Forums, Meetings and Summits have no effect, unless they can be backed by a credible military force.

Australia to Lead Next step in Securing Cyberspace

Fred CateGreetings from the last public session of  "Securing our Future in Cyberspace" at the Australian National University. Professor Fred Cate from Indiana University has proposed Australia should act as a bridge between western nations security academics and officials and those in China. 

Thursday, February 18, 2016

Role of Cybersecurity in Chinese Foreign Policy

Greetings from the Australian National University in Canberra, where Professor Jon Lindsay from University of Toronto is speaking on "The role of cybersecurity in Chinese foreign policy". Professor Lindsay, has written several papers and is editor of the book "China and Cybersecurity: Espionage, Strategy, and Politics in the Digital Domain" (2015). He pointed out that the US Government makes a distinction between industrial and security espionage, which China does not necessarily follow. Somewhat more controversially he suggested the term "Advanced Persistent Treat" could be applied to USA's NSA, as well as its Chinese equivalent.

Professor Lindsay contrasted NSA's covert attempts to obtain information on-line with overt moves by China to ensure the Internet is not used internally for anti-state political activities. He pointed out that Chinese law imposes severe limits on what the Internet can be used for.

Professor Lindsay characterized Internet regulation as fragmented. The central state regulation body is under the propaganda ministry, concerned with the content. He commented that as a result cyber-crime, provided it is for economic gain, is less of a priority for government.

Professor Lindsay quipped that there are two sorts of organizations in the USA: those who have been hacked by China and those who do not realize they have. Admitting attributing attacks is difficult, he pointed out that phishing attacks align with the Shanghai working day (where PLA Unit 61398 is based), suggesting this is an industrial scale activity.

Professor Lindsay pointed out that a sophisticated system was needed to handle large amounts of information obtained through industrial espionage. He said that information on how this is done in China is obviously not freely available. However, information on collecting and processing overseas open access information. He made the point that China has been greatly increasing expenditure on the absorption of information, rather than just collection.

Professor Lindsay pointed to a PLA documentary on cyberwar "The Cyber storm has arrived" (2011), which features a fictitious attack on a Falun Gong group in the USA. The point being that a religious group is seen as a threat to the state. His implication was that this is different to western military doctrine. However, this reminds me that one of the US presidential candidates has proposed banning immigrants based on religion, on the assumption they are a threat to the state.

Professor Lindsay pointed out cyberwar increases the "fog of war". Even well resourced nation states will have difficulty conducting such a war. He suggested China had less experience at this than the USA. However, China has very expert IT professionals (I train some of them at ANU in Canberra). It has to be assumed the Chinese military train their IT professionals well. Also China has a military doctrine which is more accommodating of cyber-warfare.

This seminar is part of this week's conference "Securing our Future in Cyberspace", which ends Friday with "Securing our future in cyberspace - next steps".

Wednesday, February 17, 2016

ACT Chief Digital Officer Outlines His Vision for the Future of Canberra

Jon Cumming, the new (and first) ACT Chief Digital Officer (CDO) talked at an Australian Computer Society meeting in Canberra last night. He outlined the ACT Digital Strategy he has proposed to government:
  1. Growing the digital economy
  2. Delivering digital services
  3. Foundations for digital services
As Jon explained, the first of these aims is outward looking, the other two about government.

What struck me was there was no mention of education and training. The ACT Government is doing good things in this area and perhaps should highlight them. The best example is the Canberra Innovation Network (CBRIN) promoting business startups. More could be done in ACT schools implementing the national digital curriculum.

One point of confusion was exactly what was the role of a CDO. I had assumed this was just a new term for the CIO and Jon was the new head of IT for the ACT Government. But it appears this more a role like the Australian Government's Digital Transformation Office (DTO), to encourage adoption of IT. This is a difficult role as it involves advocating use of IT to improve services (and particularly the public face of services) without getting bogged down in implementation details. There is a risk that those designing digital initiatives will attempt to implement complex IT systems. There are many IT systems which sound like a really good idea, but which have not been built because either they can't be built reliably, or, on closer inspection really are not a good idea. An important part of the job of an IT professional is to say to their client: "NO: that is not a good idea".

Jon mentioned Estonia's success with digital government. However, what he did not mention was that E-Estonia was subject to cyber-attack in 2007 which has a serious effect on government operations. In response the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) was established in Estonia. Canberra is a national capital and so a prime target for cyber-war. While such attacks by nation states, or non-state groups, will be primarily directed against Australian Government agencies in Canberra, the ACT Government will also be a target. The ACT Government needs to plan to keep services operating while under sustained on-line attack for months, or years. Every digital service the ACT Government implements needs to take this risk into account.

Tuesday, February 16, 2016

International Innovation Competition from Shenzhen

At the last Canberra Innovation Network meeting, I was handed a brochure for the First Innovation competition of International Talents. While this is being hosted in  Shenzhen (China), participants can enter for free from anywhere in the world and there is an Australian division to the competition (as well as USA, Japan, Germany, and Israel). Entries close 29 February 2016.

There are three rounds to the competition:
  1.  1 – 15 Mar 2016 online review 
  2. 5 Apr 2016 on-site reviews 
  3. 14 – 18 Apr 2016 Championship final in Shenzhen (finalists get a trip paid for).
The Grand Final First Prize is US$80,000, with smaller prizes for rounds (plus extra prizes for those intending to go into business in Shenzhen).

Exactly what the competitors have to produce is not clear from the website, but I assume it is a typical innovation competition, where competitors produce a pitch and business plan for a product or service.

ps: I whizzed through Shenzhen last year on a fast train.

Saturday, February 13, 2016

Has a National Wind Farm Commission Been Established?

News reports indicate that the public is having difficulty finding the website for the Australian Government's National Wind Farm Commission. Perhaps the "National Wind Farm Commission" can't be found because it does not exist. The Department of Environment does not use that term. They instead refer to the "Office of the National Wind Farm Commissioner".

A Google search for "National Wind Farm Commission" brought up as the first hit "Appointment of National Wind Farm Commissioner". This includes "For current information on the National Wind Farm Commissioner, see" which that redirects to "National Wind Farm Commissioner".

If the Department of Environment want web searches to find the "National Wind Farm Commission", then they just need to use that term on a web page. Environment has competent information professionals who I am sure know this, as does the Digital Transformation Office (DTO). It may be that someone in government forgot to do the paperwork to create the Commission and it does not exist.