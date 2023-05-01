Defence on notice to beef-up its cybersecurity efforts

The Defence Strategic Review (DSR) targets the digital domain as critical to Australia’s defence. It also signals that Defence must boost its cyber capabilities.

Other parts of Australia’s national security infrastructure are already stepping up with a central cybersecurity point of contact in Home Affairs, a cyber capacity for intelligence gathering in ASIO and surveillance and cybersecurity capabilities via REDSPICE at the Australian Signals Directorate (ASD).

Defence has a cyber warfare capacity but has been given a kick in the pants to move faster.

Professor John Blaxland from the ANU says the DSR’s emphasis on cyber capability and the centralisation of cybersecurity functions is an acknowledgement of the key role the digital domain plays in intelligence gathering and modern warfare.

Blaxland believes the focus on centralising and expanding Australia’s cybersecurity capabilities is partly the result of the growth in China’s military strength across its domains, including cyber space.

Cyber capability growth in China – as well as in Russia, Saudi Arabia and Iran – led the declassified version of the DSR to note that Australia’s defence establishment needs to build more capacity, which includes employing more people with the necessary skill sets.

“Defence must enhance its cyber domain capabilities to deliver the required responsiveness and breadth of capability to support ADF operations,” the DSR’s public version reads.

“This must focus on integrating the defence and management of Defence’s C4 networks and architectures; delivering a coherent and, where possible, centralised cyber domain capability development and management function; and building and sustaining a trained Defence cyber workforce.”

Getting an appropriately skilled workforce to meet the DSR’s cyber targets is a priority issue of concern for home affairs shadow minister James Paterson.

Paterson told The Mandarin that government needs appropriately skilled people to fill the demand for cyber experts, which is more complicated for Defence than it is for large public or private corporations looking to lure staff from overseas.

Cyber roles within government institutions have a barrier to entry: the need to meet strict security conditions. Commercial enterprises don’t face that same hurdle.

Cybersecurity firm CyberCX published research last year that showed Australia requires at least 30,000 more skilled professionals to help fight digital-based crime, such as fraud and data theft.

A further area touched on by the review was the need to get Defence adequately tooled up to ensure its cyber capabilities can support other activities.

“To meet the demands of the deteriorating security environment, Defence must invest in the targeting systems and processes required to support the use of advanced and long-range weapons, undersea warfare and integrated air and missile defence,” the review states. “Existing plans should be accelerated including the development of key supporting systems and processing, exploitation and dissemination of intelligence.”

This isn’t the first time the need to develop a fit-for-purpose cyber capacity within Defence has been raised in a strategic review. A 2020 strategic update highlighted the need to build cyber capacity with a lengthy shopping list of potential investments.

“Investments are planned in joint command, control and communications systems, joint electronic warfare and defensive cyberspace operations,” the 2020 update says.

“This investment in systems will be complemented by the establishment of a new counter-intelligence capability, including infrastructure and training equipment.”

It also stated that Defence would invest in offensive cyber and operational cyberspace capabilities for Australian forces and there would be a focus on integrating intelligence, surveillance and reconnaissance programs using new systems.

The director of cyber consulting and cyber training at Soufan Group, Ammar Barghouty, says governments need to establish the right hierarchy and strategy to ensure they have the best possible cybersecurity measures in place.

A key consideration, Barghouty says, is proper coordination so government bodies are not stepping on each other’s turf. It’s also important each body understands when it plans to use offensive tactics against a foreign target.

Barghouty defines “offensive tactics” as cyber capabilities that allow a jurisdiction to damage critical infrastructure.

He said offensive capabilities can be a deterrent that may discourage other nation-states from taking action because they may fear detection and subsequent retaliation of a similar kind.

“[Governments] don’t want different agencies doing their own thing,” Barghouty says. “There really has to be a national priority because some countries may look at an offensive cyber attack in the same way they look at a kinetic attack.

“The key is coordination and policy as to when they can do it, and not to do it without the knowledge of other entities.”

He said that another situation where offensive capability may be used is as a precursor to a planned military attack.

Knocking out radar facilities, utilities and other critical facilities may be a part of a broader strategy to disable and then attack an adversary using military force.

That isn’t something that has necessarily been evident in the Russian war against Ukraine, he says.

“I’m kind of surprised that the Russians were not able to pull off anything major on the cyber front because that was always a concern.”

