Electronic attacks against government and business soaring
by Ernie Davitt, National Affairs Editor, ASM
With an upsurge in global cyber-attacks, including the targeting of Australian government agencies as well as business and the cost of online crime topping $3 billion, the Australian Government has moved steadily to strengthen national e-security. Ernie Davitt reports.
There has been serious concern in law enforcement and intelligence circles about a snowballing effect with increasingly sophisticated electronic attacks – including a wide range of malware from ‘bots’ and Trojans to rootkit infections – aimed at the government and private sector.
A report on e-crime tabled at a British Parliamentary inquiry by UK Police last year estimated the total annual global cost at more than $2.3 trillion and it is expected to pass the $3 billion mark this year.
That represents a loss of around three times the total annual value of the Australian economy.
The report said the problem was not only expanding rapidly, it was also continuously evolving and attacks were becoming more sophisticated.
The UK House of Lords described the internet as a ‘lawless wild west’ in a recent report in which it slammed the British Government for dragging its feet about strengthening national e-security.
Australia’s e-security, law enforcement and intelligence communities have been on high alert for some time after receiving intelligence of the increasing threat of identity and password theft, loss of valuable and sensitive data and denial-of-service attacks.
The situation will be highlighted when the Federal Government acts on the results of a review of national e-security undertaken by the Department of Broadband Communications and the Digital Economy which reported in October.
Federal Attorney-General Robert McClelland and the Minister for Broadband, Communications and the Digital Economy, Senator Stephen Conroy, who were responsible for oversighting the whole-of-government review, will have to drive the development of a national framework for securing Australia’s electronic networks for both business and government.
“New and networked systems increasingly underpin our business and social interactions, but they also provide fertile ground for exploitation by cyber criminals,” Mr McClelland said of the review.
“The e-security review is an opportunity to look at what help the Government can provide to develop a more secure and trusted electronic operating environment for both the public and private sectors.
“The review will also consider whether Commonwealth programs can be better focused to deal with the ever increasing range of online threats.”
Senator Conroy said that the review of e-security was a vital step towards fostering confidence in using the internet for personal and business activities.
“A secure online environment trusted by the community coupled with the Government’s rollout of the National Broadband Network is critical to our nation’s continued social and economic prosperity,” he said.
A multi-agency team – led by the Attorney-General’s Department included representatives of the Defence Signals Directorate, ASIO, the Department of the Prime Minister and Cabinet, the Department of Broadband, Communications and the Digital Economy, the Australian Federal Police and the Australian Government Information Management Office – carried out the review.
The terms of reference for the review took account of both the threat from electronic intrusions into Australian networks and the threat from complementary attacks on their physical, administrative or personnel security arrangements.
The purpose of the review was to develop a new Australian Government E-Security Framework in order to create a secure and trusted electronic operating environment for both the public and private sectors.
The review, which acknowledged that we have ‘an increasingly hostile online security environment, which does not respect traditional jurisdictional boundaries’, also looked at:
- incident response and crisis management arrangements for e-security, including the recommendations from Australia’s participation in Exercise Cyber Storm II;
- emerging e-security issues including those resulting from technological change, including roll-out of the National Broadband Network, and
- identified and considered opportunities provided by international cooperation, including engagement with similar economies and like-minded governments.