By Zeb Holmes and Ugur Nedim
Defence Force Chief, General Angus Campbell, says he has observed an “extraordinary uptick” in international espionage and opportunistic cyber-theft in Australia, which he asserts is fuelled by an “ineffectively governed” internet.
“The opportunities that the connected world provide are very significant, with the potential for very significant damage, both to companies and to institutions that we hold dear and also to states more broadly,” the General told an international policy institute in Brussels.
“We have seen institutions undermined and we have seen countries shut down.”
He has called upon nations such as Australia, the United States and the United Kingdom to step-up the regulation of the internet with a view to minimising cyber-threats.
Campbell is one of many security leaders encouraging NATO and European Union officials to take a stronger stance against aggressive cyber-activities through more regulation, interference and censorship.
The General has called for “cyber hygiene” programs to clean-up the web and thereby enhance Australia’s ability to secure and protect domestic networks. He says there has been an upsurge in cyber-spying cases in recent years, as foreign governments seek to exploit inadequately protected systems to gain advantages in trade and political affairs.
At the same time, Campbell has acknowledged the need to have some balance between security and the interests of having an internet free from unwarranted interference.
Chinese espionage cases
Late last year, two Chinese nationals were charged in the United States with engaging in a campaign across several continents to achieve large-scale theft of commercial international property.
Prosecutors accused Chinese hackers of obtaining unauthorised access to the computers of at least 45 entities, including commercial and defence technology companies and state agencies such as NASA and the US Navy.
The indictment, which is endorsed by the United Kingdom Foreign Office, accuses individuals of operating under the direction and protection of China’s main intelligence agency, the Chinese Ministry of State Security.
National Cyber Security Adviser Alastair MacGibbon says the group had been targeting IT companies that provide services to medium to large businesses.
“This is audacious, it is huge, and it impacts potentially thousands of businesses globally. We know there are victims in Australia,” Mr MacGibbon stated.
In December 2015, the Bureau of Meteorology reported that China had engaged in a major cyber-attack which compromised the data of several Federal agencies. The Bureau owns one of Australia’s largest supercomputers, which holds highly-sensitive information about a range of agencies, including the Department of Defence.
Late last year, a number of countries issued coordinated denunciations of Russia for allegedly running a global hacking campaign to further its own interests.
The nation was accused of attempting to infiltrate several databases including those of a nuclear power plant, an international anti-doping body and the Organisation for the Prohibition of Chemical Weapons in Prague.
The allegations come in the wake of reports by US intelligence agencies that Russia was responsible for hacking the servers of the US Democratic National Committee (DNC) in 2016 and engaging in the coordinated dissemination of incriminating emails of Hillary Clinton, to ensure she would not win the US Presidency.
And mid last year, Defence Minister Marise Payne confirmed that up to 400 Australian businesses were targeted by suspected Russian state-sponsored attacks as part of a larger cyber-hacking campaign.
The United States, Britain and Australia allege that Russian Government-backed hackers infected computer routers around the world in a cyber-espionage campaign targeting government agencies, businesses and critical infrastructure operators.
In August 2012, the Australian Government passed the Cybercrime Legislation Amendment Act (Cth) (the CLAA) with a view to enabling our country’s accession to the Council of Europe Convention on Cybercrime (Cybercrime Convention), the only international treaty on internet crime.
The CLAA paved the way for meta-data retention laws which require internet service providers to store the personal data of users for at least two years and make it available to a whole host of law enforcement and other government agencies upon request, without the need for them to obtain a warrant.
Sadly but predictably, the legislation has already been used in Australia for a range of purposes that are inconsistent with its stated objectives of combating terrorism and organised crimes.
Since their enactment, federal meta-data laws have been used to target those who have been critical of the government – including doctors and charity groups who have spoken out against human rights abuses at detention centres – to investigate the sexual activities of cadets, to identify those who have failed to comply with their tax requirements and even to track down local council residents who are suspected of illegally dumping rubbish.
So while the defence chief’s calls to increase government regulation of cyber-space may appear to be in the nation’s interests during a difficult and dangerous time, such pronouncements might equally be viewed as merely political rhetoric designed to justify greater state control over the freedom to publish and access information and over the internet – including that which government feels is against its interests.