Kokoda Report: Online threats a fundamental weakness in Australian security
by Chris Cubbage - Online Editor
A Kokoda Foundation report, Optimising Australia's Response to the Cyber Challenge, released earlier this month, has found that cyber security has become the fundamental weakness in Australia's national security, and that the threat is poorly understood by politicians, business people and the general public.
Authored by former Deputy Chief of Air Force John Blackburn and strategic consultant Gary Waters, the report says that Australia has reached a tipping point where the current trajectory of cyber responses is being rapidly outpaced by the evolving threat.
'A broader understanding of the nature, scale and extent of on-line threats to private information is crucial to the ongoing security of this country,' said Mr Blackburn.
The report concludes that whilst progress in implementing the government’s 2009 Cyber Security Strategy has been laudable, Australia is not keeping pace with the growing threat and as a result our collective and individual security is being placed at risk.
More than a million computers in Australia each year are said to be infected by viruses that can be used to bring down a website or network, while Australia has the fifth-highest level of malware infections in the world.
'This is an issue that is just as important to Mums and Dads and small business operators as it is to governments, bureaucrats and corporations,' said Mr Waters.
According to Paul O’Rourke, Security Lead for Accenture Australia, the issue of security has moved from being just a technical issue, and has risen in prominence within local organisations.
'Security needs to be assessed as a broad-based business problem, and not just a technical issue, as it has reputational and transactional implications which are obviously top of mind for executives and boards,' Mr O’Rourke said.
The Kokoda report warns that such threat could endanger critical infrastructure such as electricity grids, water storage and distribution, aviation and maritime transport and telecommunications networks.
A number of recommendations are made including:
- The assignment of the lead to coordinate cyber-related security issues across government to the Office of the National Security Adviser;
- Appointing a Minister with oversight responsibility for cyber issues, together with a ministerial committee such as a sub-group of the National Security Committee of Cabinet;
- Developing a National Cyber Strategy to provide a 10-year vision of what needs to be achieved in the security and management of cyberspace in Australia; and,
- Disconnecting the power grid and any control system transporting people, managing gas or petrol production or controlling the flow of water from the wider Internet
The report notes that a key consideration regarding any recommended actions is that of timing - the gap between threat and response capabilities is growing.
If we do not increase our focus on cyberspace, the threat will grow faster than our response and the cost of addressing the growing threat gap in the future will increase, possibly exponentially. Any delay in taking action may prove utterly unaffordable in the long-term.
A case in point is the mooted National Broadband Network (NBN). The report notes that once the network is built, taking high-speed broadband services through fibre-optic cable to an estimated 93 per cent of households, responsibility for maintaining cyber security will rest with retail service providers rather than NBN Co.
'The rollout of the NBN offers a significant opportunity to engage the public to better understand the vulnerabilities that exist and that could be exploited through the significantly increased bandwidth that will be made available, and in turn the responsibilities of individuals as well as the ISPs to take appropriate security measures,' the report says.
'This opportunity must be grasped by all relevant parties.'
To order a copy of the report, go to: http://www.kokodafoundation.org