By 2030 an estimated 21 billion devices are expected to be connected to the global internet.
Abigail Bradshaw, Head of the Australian Cyber Security Centre (ACSC) emphasised the shared responsibility for cyber security across Australian communities, industries, and government.
During her speech to the Institute of Public Administration Australia, earlier this month Bradshaw said Australia’s 2020 Cyber Security Strategy builds on the foundations of the 2016 strategy, on the strong and capable leadership of my predecessors, and history of providing excellent cyber security advice and assistance.
Like the 2016 strategy, the 2020 strategy continues to emphasise the shared responsibility for cyber security for community, industry and for government, and the criticality of close partnerships to realise our shared objective.
Bradshaw noted the cyber landscape has evolved. It’s escalated and it’s expanded quite significantly. It is indisputable that the scale, frequency, and sophistication of malicious cyber activity is on the rise.
Professionally organised and transnational cyber criminals, as well as state-based actors, are exploiting vulnerabilities and developing viruses, Trojans, and more sophisticated ransomware for the purpose of stealing money and sensitive data.
New technologies like the Internet of Things will bring tremendous benefits. But they will increase the threat surface that adversaries will seek to exploit. By 2030 an estimated 21 billion devices are expected to be connected to the global internet, with some estimating an eye-popping 64 billion by 2035.
“Since the pandemic onset more than six months ago, the ACSC has observed a sharp rise in email phishing, message scams and ransomware attacks targeting COVID-19 services and stimulus and welfare programs,” she said.
Cyber criminals have demonstrated organised and informed capability to amend their scams to align with government assistance schemes, tailoring them quickly with their lures to resemble messages from those we trust – like government welfare or health providers.
Over the last financial year our Report Cyber reporting tool received almost 60,000 cybercrime reports. That’s about one report every 10 minutes and each one of those was worth on average about A$5,000.
Over the same period, we have observed sophisticated state-based actors targeting all levels of government, private organisations, and industry.
Globally there’s have seen a rise in devastating ransomware attacks on businesses and services, and attacks on critical infrastructure, including devastating disruption to energy and health services, noted Bradshaw.
“The costs of these malicious activities are grave,” she said. “There are the obvious financial costs of lost revenue and business, the loss of market position, opportunity and strategic advantage that arises from the theft of IP or sensitive commercial information.”
The loss of amenities and essential services and privacy is real. Less obvious – but equally significant – is the potential to undermine the confidence of Australians to live life and prosper through digital means.
Consistent with that vision and emphasis, the strategy is underpinned by the government’s investment of A$1.35 billion in ASD’s Cyber Enhanced Situational Awareness and Response – or CESAR – package.
“Speed, scale, volume, and impact – and wherever possible achieving this through automation and machine speed – have all been objectives of my predecessors,” she said. “They remain as relevant today as they have ever been the operational investment in CESAR will assist us in achieving that goal.”
According to Bradshaw, the key components of CESAR that we will bring to life over the next decade include:
- A new partner portal coupled with a multi-directional threat-sharing platform. This will enable ACSC to share indicators of compromise at speed and scale, and in machine-readable format, with all out partners. Importantly, the multi-directional capability will enable holdings to be enriched by the insights of business, industry and our partners.
- Expand and uplift our Joint Cyber Security Centres all throughout Australia, improving their capacity to receive and share classified information.
- Roll out a national exercise program, expanded, focussing on our partners in critical infrastructure and ensuring readiness to respond when our worst cyber day happens.
- Extend and expand offshore cybercrime disruption, continuing to work closely with our law enforcement partners, and establish a countering foreign cybercrime capability within the ACSC.
- Employ and progress technologies that block threats automatically – partnering with industry to mitigate at scale – like protective DNS system that will enable partners to automatically block a range of malicious content, with the effort of a couple of lines of code.
- Expand our customer engagement channels, extending our 24/7 cyber security help desk to service the needs of small business and families.
- Develop and enhance our awareness and education communication, working with government partners to ensure Australians have access to a singular authoritative and trusted government voice on cyber security.
- Continue to bolster cyber resilience, particularly with critical infrastructure and government, through our uplift, Cyber Hygiene Improvement Program, and vulnerabilities assessment services.
- Collectively leverage partnerships with federal, state and territory governments, with critical infrastructure providers and industry, to build a national situational awareness capability that can share at speed, scale and, wherever possible, automatically, to assist in the protection of all Australians.
- And where entities are unable to mitigate threats and continue to deploy incident response capabilities and specialists to assist.
CESAR is not an investment in ASD or ACSC alone. The operational capability will belong to all Australians, available to defend, assist and to uplift the cyber resilience of government agencies, Australian businesses, and communities.
Importantly – it will assist us to make our collaboration with the AFP and the ACIC more potent, impactful, and frequent.
Together with ACIC and AFP this year, we have used our collective capabilities to successfully disrupt the business model of key foreign cybercrime syndicates targeting Australians through COVID-19-themed SMS phishing campaigns.
“Under the 2020 Cyber Security Strategy, and with the benefits of the operational investment in CESAR, we seek to replicate our recent exemplar partnership with Telstra and Services Australia which successfully identified and rejected illegitimate phishing text messages that are impersonating myGov and Centrelink, before they reach Telstra customers,” explained Bradshaw.
“This partnership pilot demonstrates how government and industry can work together better to protect Australians from cyber threats.”