Thursday, May 23, 2013

Need for Australian Cyber Security White-paper

The Australian Government released a Defence White Paper 2013 (May 2013). This highlights the risk of cyber attacks on defence, government and  commercial information networks. The paper claims that the Cyber Security Operations Centre (CSOC) has "allowed the development of a comprehensive understanding of the cyber threat environment and coordinated responses to malicious cyber events that target government networks". However, this addresses only government networks, not essential services provided by the private sector and on which government and defence depend. The paper envisages participation of key industry and private sector partners, but no further details are provided.

In September 2011 the Australian Department of Prime Minister and Cabinet (PM&C) issued a discussion paper “Connecting with Confidence, Optimising Australia’s Digital Future” , with the aim of releasing a cyber security policy white paper in mid 2012. The Australian Computer Society assisted PM&C with consultations, including arranging a meeting in Canberra, 18 October 2011. The ACS released a Submission for the Australian Cyber Policy White Paper. But in a speech October 2011, the Prime Minister said that she thought the Cyber White Paper should be broadened to a "digital White Paper" ("Closing Remarks to the Digital Economy Forum", Speech, Julia Gillard, Prime Minister of Australia, 5 October 2012). No Cyber White Paper has been released. As a result Australia's national infrastructure remains vulnerable to cyber attack. The Australian government needs to revive the cyber security white paper process.


2.82 The 2009 Defence White Paper acknowledged that national security could be compromised by cyber attacks on defence, government or commercial information networks. Cyber security continues to be a serious and pressing national security challenge. The seriousness of the cyber threat was affirmed in 2011 when Australia and the US confirmed the applicability of the ANZUS Treaty to cyber attacks. This further emphasised the need for capabilities that allow us to gain an advantage in cyberspace, guard the integrity of our information, and ensure the successful conduct of operations.

2.83 Australia, advantaged by the cyber dimension of our international strategic partnerships, should find that the rise of cyber power has at least as many pluses as minuses. But the net effect on Australia’s position will depend on how well we exploit cyber power, including working with partners and integrating cyber power into national strategy and a whole-of-nation effort.

2.84 The potential impact of malicious cyber activity has grown with Defence’s increasing reliance on networked operations. Reducing Defence’s vulnerability to cyber attacks or intrusions in a crisis or conflict will remain a high priority. This includes protection of deployed networks and information systems. In a future conflict or escalation to conflict, an adversary could use a cyber attack against Australia to deter, delay or prevent Australia’s response or the ADF’s deployment of forces. This would probably include the targeting of information systems, networks and broader support infrastructure perceived to be integral to the ADF’s decision-making and war-fighting capabilities. Once deployed, our forces will need to operate as a networked force in a contested environment.

2.85 It is equally important to protect information in peacetime. Australia’s national security, economic prosperity and social wellbeing now depend on the internet and the security of information. Compromise of Australian Government information could allow an adversary to gain economic, diplomatic or political advantage over us. Compromise of commercial, government or private citizens’ information would undermine public and international confidence in Australia as a secure digital environment.

2.86 Defence capability would be seriously undermined by compromised sensitive information on command and control, operational planning, platform design or weapon system performance. Additionally, without effective mitigation and protection measures in place, the costs to Defence of addressing cyber intrusions could far outweigh the effort expended by an adversary.

2.87 Understanding of the cyber threat has increased markedly since the 2009 Defence White Paper.

The establishment of the Cyber Security Operations Centre (CSOC) within the Defence Signals Directorate (DSD) – to be renamed the Australian Signals Directorate – has allowed the development of a comprehensive understanding of the cyber threat environment and coordinated responses to malicious cyber events that target government networks. Through the CSOC, Australia has increased its intrusion detection, analytic and threat assessment capabilities, and improved its capacity to respond to cyber security incidents.

2.88 Within Defence, there is also a significant body of work to be done to ensure the security and resilience of defence systems in this environment. Network and system management, along with personnel and physical security need to be strengthened as part of our response.

2.89 Australia works within the framework of its traditional defence and intelligence and broader national security relationships to counter cyber threats. More broadly, Australia believes that the existing framework of international law, including the UN Charter and international humanitarian law, applies to cyberspace. Australia is participating in international efforts to achieve a common understanding of these laws.

2.90 In January 2013, the Prime Minister announced the establishment of a new Australian Cyber Security Centre to improve partnerships between government Agencies and with industry. The Centre will bring together cyber security capabilities from across the national security community, fully located in one facility. DSD’s CSOC, other elements of DSD’s Cyber Security Branch, the Attorney-General’s Computer Emergency Response Team Australia, the Australian Security Intelligence Organisation’s Cyber Espionage Branch, elements of the Australian Federal Police’s High-Tech Crime Operations capability and all-source-assessment analysts from the Australian Crime Commission will be co-located. This will facilitate faster and more effective responses to serious cyber incidents, and provide a comprehensive understanding of the threat to Australian Government networks and systems of national interest. The Centre will be overseen by a Board, led by the Secretary of the Attorney-General’s Department, with a mandate to report regularly to the National Security Committee of Cabinet.

2.91 Additional capability will be enhanced through participation of key industry and other private sector partners. Defence will play the principal role in the operation of the Centre and will continue to dedicate significant expertise to this important national capability.

From Defence White Paper 2013, Pages 20 and 21, Australian Government, May 2013

No comments: