Turnbull asks ASD to brief party leaders on election cyber threat

Prime Minister Malcolm Turnbull has asked the Australian Signals Directorate to brief the country's political party leaders on the security threat to Australia's elections following Russia's alleged hacking of the US national vote.

The Minister assisting the Prime Minister on cyber security, Dan Tehan, today revealed Turnbull had called a meeting of political party heads with government cyber security experts to "make sure they're fully briefed on what they need to be doing to ensure their systems are safe".

However, he admitted there had been no signs "whatsoever" that Australia's electoral systems had been compromised.

"But we want to make sure that we are secure," he said.

Tehan said the briefings had been prompted by upcoming state elections; the Western Australia vote will be held in March.

"We have to make sure that [the elections] are protected, that when Australians go to vote, they can have confidence that there is no compromise of our electoral system and democratic process," he said.

Turnbull said the biggest vulnerability was "warmware", or human error.

"You can have flaws in the hardware that provide vulnerabilities, flaws in the software, and as I often say is the biggest vulnerability is the warmware, the humans making mistake, or taking information as Edward Snowden did," Turnbull said.

"The most important thing to be is aware and to practise good cyber hygiene. The ASD sets out some very good principles in this regard. My cyber advisor, Alastair McGibbon, is regularly speaking about this issue and raising awareness.

"The vulnerabilities are there and they are in every computer system potentially but, obviously, the more aware you can be the better your practices are, the less likely you are to be compromised."

Advice to political parties would be provided from the Australian Cyber Security Centre as well as the Prime Minister's cyber security advisor Alastair MacGibbon, overseen by the ASD, Tehan said.

"They will outline the threat which is there potentially for our political parties, and also tell them about the measures they need to put in place to make sure they’re fully protecting their databases and all the materials they might use, not only for their day-to-day business, but also in the lead up to election campaigns," Tehan said.

When pushed on whether the government would provide any resources to political organisations that lacked the appropriate protections against an attack, Tehan said the government's role was more to offer them "the advice they need".

"I don’t see this - at this stage - as a matter of resources. What we want to make sure, and what the Prime Minister wants to make sure, is that the know-how is there, that the political parties have the advice that they need," he said.

"No-one can ever guarantee 100 percent security in this area, but what you can do is make sure that you’ve got the defences in place to give yourself the maximum amount of protection."

Labor slams Turnbull for 'irresponsible' disclosure

Opposition Attorney-General Mark Dreyfus has accused the government of publicising the upcoming security briefings for political advantage.

In a letter addressed to the Prime Minister this morning, Dreyfus slammed Turnbull for 'irresponsibly' putting his own political purposes ahead of Australia's national security.

"There is no reasonable purpose for the government seeking publicity on details of national security matters such as this," Dreyfus wrote.

"The community deserves an explanation as to why you consider this break from convention to be appropriate."

Dreyfus revealed Labor had recently asked for a confidential briefing from the Department of Parliamentary Services on the security of the department's systems.

He argued such briefings must be kept secret to avoid tipping off adversaries to the "operational focus and capabilities of our agencies, and of highlighting areas that may be exploited".

In a press conference this morning, the Prime Minister said he had chosen to publicise the traditionally confidential briefings to promote awareness, what he claimed was a key part of 'maintaining the integrity of our democracy'.

Russian influence?

In late December the US FBI and Department of Homeland Security published a brief [pdf] outlining how they believed Russia infiltrated the US Democractic party.

The intelligence agencies said two hacker groups - Fancy Bear and Cozy Bear - used spear phishing emails to tap into the party's internal systems in order to access and release thousands of stolen emails.

The brief was followed several weeks later by the release of a declassified report [pdf] by the FBI, CIA, and NSA claiming Russia interfered in the election to help Donald Trump win the White House.

However, both reports have been criticised for their lack of concrete evidence. US director of national intelligence James Clapper told a senate committee earlier this month that evidence pointing to Russia needed to remain secret to protect people's lives, according to TechCrunch.

Both US President Donald Trump and Russian officials have rebuked the US intelligence agencies' claims.