The Australian Cyber Security Centre (“ACSC”), an Australian Government initiative for public and private sector cooperation and collaboration on cyber security, has released its first report. The report describes the cyber adversaries targeting Australian networks, both government and public, and explains the types of activities designed to compromise network security. The report also provides a number of mitigation strategies to defend against cyber threats.
The ACSC is made up of government agencies including the Australian Crime Commission, Australian Federal Police, Australian Security Intelligence Organisation, Australian Signals Directorate, Computer Emergency Response Team (“CERT”) Australia, and the Defence Intelligence Organisation. Although the partner agencies are all in the public sector, the ACSC serves as a hub for both public and private sector organizations to collaborate and share information in a joint effort to combat malicious cyber activities threatening Australian networks. According to the report, the ACSC is actively reaching out to industry to establish partnerships to improve collective understanding of the cyber security and threat landscape.
Cyber Adversaries and the Threat Environment
As Australian business and government become increasingly reliant on the internet to conduct everyday dealings, its networks also become more prone to malicious cyber activity such has cyber espionage, cyber attack, and cybercrime. The ACSC defines a cyber adversary as “an individual or organization (including an agency of a nation state) that conducts cyber espionage, crime or attack.”
The report specifies three types of cyber adversaries:
- Foreign state-sponsored adversaries tend to have the most advanced and sophisticated tools to conduct malicious cyber activity, and are likely seeking information related to economic, defense, foreign policy, and security that will provide a strategic advantage.
- Serious and organized criminals are financially motivated criminals that exploit systems for financial gain.
- Issue motivated groups and individuals with personal grievances, include hacktivists, individuals and groups that aim to gain publicity for their causes, as well as themselves.
The report further identifies the different types of threats to networks, and provides specific examples of malicious cyber activity that has targeted Australian networks in the past.
- Cyber espionage is defined as an “offensive activity designed to covertly collect information from a user’s computer network for intelligence purposes.” The ACSC recognizes the damaging impact cyber espionage can have on its national security as well as its economic prosperity. Most importantly, Australia’s geopolitical posture (a member of the Five Eyes) and abundant resources (uranium, iron) make it a prime target.
- Cyber attack is defined as a “deliberate act through cyber space to manipulate, destruct, deny, degrade or destroy computers or networks, or the information resident in them, with the effect, in cyber space or the physical world, of seriously compromising national security, stability or prosperity.” The ACSC does not find the likelihood of a cyber attack to be very high, unless Australia is engaged in “heightened tension or escalation to conflict” with another country. It goes on to explain that although non-state actors may also have the tools to conduct such attacks, these groups are more likely to continue with activity that merely attracts attention such as vandalism.
- Cybercrime is defined as “criminal acts that involving the use of computers or other information and communications technology (“ICT”).” The ACSC divides cyber crime into two categories. First, pure cybercrimes which are directed at computers or other ICT such as gaining unauthorized access to a computer or modifying data contained within a system. The second, technology-enabled crimes, are crimes where computers serve an integral role such as online identity theft and fraud or child pornography.
The ACSC encourages greater collaboration and cooperation between public and private sector organizations, and even suggests that a relationship of information sharing is necessary to develop effective cyber security.
The full ACSC 2015 Report can be found here.
Leave a Reply