Subscribe to The Informer for monthly expert analysis, and to Events for advance notice of visiting world leaders and distinguished guests.
You may unsubscribe from Lowy Institute newsletters at any time. For information on our privacy practices and how to unsubscribe, see our Privacy Policy.
The most-pressing world events explained by Lowy Institute experts and global contributors, in your inbox, every Wednesday.
You may unsubscribe from The Interpreter at any time. For information on our privacy practices and how to unsubscribe, see our Privacy Policy.
Defence & security, explained.
About the author
Fergus Hanson
Fergus Hanson was the Program Director for Polling at the Lowy Institute and produced the Institute’s flagship Lowy Institute Poll since 2008.
Topics
The newly released Australian Cyber Security Centre Threat Report contains some fascinating tit-bits and telegraphing of messages. It's the Centre's second report but the first since the Government released its Cyber Security Strategy. Here are my takeaways:
1. Diverting from the approach of our major ally, the US, the report makes clear Australia does not see value in naming and shaming state perpetrators...at this stage. It is extremely coy about naming any countries, even when discussing attacks where the perpetrator is well known. And this is not for want of knowing, as the report clearly telegraphs to states (and criminals) that 'the Government has developed the capability to attribute malicious cyber activity in a timely manner to several levels of granularity - ranging from the broad category of adversary through to specific state and individuals'. Translation: do something bad to us and we will be able to call you out quickly and come after you with the offensive capabilities outlined by Prime Minister Turnbull.

2. Cyber attacks are endemic and costly, but so far Australia has escaped an attack which hits the government's threshold definition of a cyber attack that has 'the effect of seriously compromising national security, stability or economic prosperity', an admittedly high bar.
3. The report is surprisingly confident Australia won't suffer major cyber attacks, but not necessarily because our defences are strong. It concludes 'a cyber attack (hitting the government's above-mentioned threshold) against Australian government or private networks by another state is unlikely within the next five years'. Similarly, 'It is unlikely terrorists will be able to compromise a secure network and generate a significant disruptive or destructive effect for at least the next two to three years'. But it notes, 'a range of states now have the capability to conduct cyber attacks against Australian government and industry networks' so the absence of an attack is contingent on 'the absence of a shift in intent'. [fold]
4. Without calling for it directly, the report spells out the urgent need for a national cyber foreign policy. As the report notes:
5. Private sector losses remain a dark hole and the private sector is not helping itself. The Computer Emergency Response Team (CERT), the Government contact point for major businesses facing cyber attack, responded to some 40 attacks a day (14,804 for the financial year), with 418 involving systems of national interest and critical infrastructure. Because CERT relies on voluntary reporting from companies, the scale of the problem is likely much worse. The consequences for Australia are serious. As the report notes, 'The ongoing theft of intellectual property from Australian companies continues to pose significant challenges to the future competitiveness of Australia's economy'.
The report saves its most pointed words for the private sector, saying it needs to do more to save itself and stop the haemorrhaging of our most precious national asset. It notes 'the private sector's ability and willingness to recognise the extent of the cyber threat and to implement mitigation strategies varies considerably...Those without direct experience of being targeted or a victim may not be aware of the potential economic harm malicious cyber activity can cause their businesses, do not understand the value of the data they hold, and cannot conceive why they would be targeted'.
6. Finally, the report offers cautionary advice to individuals, particularly Interpreter readers. It provides examples of increasingly sophisticated tradecraft and practices like:
Photo: Getty Images/Bloomberg
Fergus Hanson