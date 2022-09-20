Agencies must be agile and well-resourced to combat cyber criminals

“We’ve seen a transformation of the way society operates from being web-enabled to being web-dependent to web-vulnerable,” says Professor John Blaxland. “We’re more dependent on the web and vulnerable on the internet than ever at a time when it has been subject to malevolent actors on an industrial scale seeking to exploit it for commercial and strategic purposes.”

Blaxland specialises in intelligence studies and international security at the Strategic and Defence Studies Centre at the Australian National University. He has spent significant research time looking at how intelligence agencies and other government organisations gaze into their crystal balls, trying to determine what bad or malevolent actors might do online.

Blaxland says the situation has become so serious that bodies such as the Australian Signals Directorate (ASD) have pulled back their operational curtain a smidgeon. The ASD seeks to advise companies and individuals on better protecting their personal and business data so the bad guys can’t get there.

He says the ASD bears responsibility for signals intelligence but has intensified its activities in educating the community about systems vulnerabilities and solutions to help minimise the risks.

“Society has been transformed,” says Blaxland. “The cyber domain has transformed our lives and the Australian Cyber Security Centre (ACSC) coupled with cyber departments in banking, industry and society are generating a new industry of employment opportunities in technologies that were unimaginable a generation ago.”

The evolution of the web, Blaxland says, means intelligence and law-enforcement agencies are fashioning strategies to cope with the changing environment. The federal government passed laws expanding the number of sectors deemed critical infrastructure to ensure entities providing essential services are forced to limit the possibility of digital entanglements with state-based bad actors or cyber criminals.

Then there’s the evolution of extremist groups, which use technology to radicalise, recruit, plan and execute protests or acts of violence.

Blaxland says governments across the country are providing more resources to agencies such as the ACSC, Australian Criminal Intelligence Commission, AUSTRAC, and state and territory-based services to respond to challenges.

“The problem is you’ve got crime and you’ve got transnational, malevolent government-inspired, endorsed interference,” he says. “It isn’t just one thing, and it isn’t just one jurisdiction, and it isn’t just one agency’s remit to deal with it.

“It’s complicated and multi-faceted. It’s what has driven a reasonable and commensurate desire to muscle up the cybersecurity dimensions of government.”

Multinational approaches to fight cybercrime

One issue that needs attention is how countries establish an agreement on norms that might apply when there’s conflict in the digital frontier. Blaxland says finding consensus on appropriate conduct in cyberspace is difficult because the major players have different views on how to play the digital game.

Rand Corporation expressed a similar view in its related study published earlier this year. A Rand research team found no immediate prospect of agreement.

“While some principles are common to several global aspirational statements, none has achieved formal recognition and promised enforcement by all the major cyber powers, all of whom continue to act with a significant degree of cyber impunity,” the Rand report says.

The Rand team observed a gulf between the three major cyber powers – the United States, Russia and China – with no likelihood of the gap reducing.

“It is not clear whether any of these powers are willing to agree to enough mutual, voluntary restrictions on their freedom of action in cyberspace to make a broader regime of cyber norms possible,” the report says.

Let’s assume there is a set of norms in place. What happens when an incident occurs?

“The nature and complexity of cyberspace … make attribution of actions much more difficult than in other domains, and attribution is a key requirement for imposing costs for any violations of potential cyber norms,” the report says.

A key event driving concerns about cyber threats to US national security was a campaign attributed to the Russians known as SolarWinds in 2020. It’s said to have involved access to government and private-sector computer networks using a third-party software package.

“Although this was a case of cyber espionage, at least so far, and not a direct attack using cyber means, it nonetheless generated multiple calls in the United States to retaliate in some way,” the Rand report says. “The event demonstrated once again the general risk, as well as escalatory potential, of cyber aggression.”

The Rand authors argue that countries must establish behavioural norms in cyber space. In a world where state-based actors engage in espionage and target critical systems, having cyber rules is just as important as laws governing society.

“Well-established norms can alter the perceptions of state leaders regarding the costs they may face if they undertake behaviours that these norms hold to be inappropriate through both international and domestic mechanisms,” the Rand report says.

“Internationally, the costs of violating norms may come through diplomatic isolation, reticence to partner with violating states or other forms of international sanction as other states express their dissatisfaction with the violating state’s behaviour.”

