Australia will shift to an acutely more active cyber defence posture that will seek to counter hostile online actors by “blocking known malicious domains” under moves to be announced today by Minister for Cyber Security and Law Enforcement Angus Taylor.
In a significant recasting of the nation’s cyber doctrine to be outlined at the Technology in Government conference in Canberra, Taylor will press the need for the private sector to take greater care in securing its own assets rather than defaulting to the government to set standards.
The head and shoulders of the new agenda has been given a distinctly Home Affairs semi-militarised haircut with a populist nod to previous prime ministers and radio shock jocks.
“Stopping the bots needs to have the same singleminded focus as stopping the boats,” notes from Taylor’s speech obtained by iTnews say.
Despite that tabloid clanger, there is some significant substance in cyber reforms to come.
For starters, the active defence talk is being notably increased in volume and tone. And like stopping the boats, or bots, it’s become a more interdictionist exercise.
“Between the main players in the government and private sector we often know exactly where the threats are coming from. Too many of our attacks are from known sources that we are not shutting down.
“Now let me be clear – we are not talking about an internet filter. This is not blocking based on content - it is about blocking known malicious domains.”
The issue of blocking “malicious” domains has been wracked by polarising controversy after the previous Labor government came under heavy fire over its attempt to try and build a national content filter as a concession to the Christian lobby.
That filter was opposed by the Coalition, although a version of it briefly appeared in election campaign material before being swiftly yanked from view.
The cyber minister’s latest emphasis on threat blocking also reveals a nuanced shift in rhetoric around active defence put first forward by Prime Minister Malcolm Turnbull in 2016.
That cyber strategy, for the first time, acknowledged Australia could and would use defence assets to neutralise cyber attacks aimed at critical national assets.
“We have effectively been debating, in a digital context, the merits of Fortress Australia vs Forward Defence – an isolationist policy versus a more interventionist one,” Taylor’s speech said.
“And I believe we have landed, in the cyber domain, just where we have landed in the physical domain. Australia's national cyber defence must be one of Forward Defence.”
Taylor also stressed the need for the private sector to share threat intelligence to assist the government in domestically whacking and externally blocking adversaries.
“To effectively implement threat blocking we must know who is a threat to our economy and who to go after. This is fundamentally important to the our National Cyber Defence program,” Talor said.
“This threat picture – if it will truly work – must be a coordinated process between Defence, law enforcement, government agencies and the private sector.
“Under this concept we would have a common threat picture, a known target list and a set of priorities that best meet the particular capabilities of each member.”
Taylor's big sell is that cyber defence not only needs a post launch revamp, but needs to be embedded into Australia's infrastructure.
"It is my intention to deliver a new national cyber agenda - we must build a
national cyber defence network. National cyber defence is an integrated strategy that raises the bar across the Australian economy and beyond," Taylor said.
Aside from layered defence and judicious and timely interventions, the "core elements" of Taylor's cyber to-do list looks like this:
- Threat blocking and targeting – both major and criminal
- A framework for strong attribution and response to cyber attacks
- Increased data sharing on threats
- An insurance market that recognises investment in security, and the data
necessary to support this - Effective awareness campaigns, and
- A government that is able to lead by example.
.JPG&w=100&c=1&s=0)
