Cybersecurity minister Dan Tehan
When it comes to cybersecurity, it seems, Australians can engage in macho posturing with the best. As the most recent outbreak of ransomware, Petya, circulates around the globe, our government was assembling a new division of cyber warriors. “An unprecedented legal directive,” wrote The Australian’s ever-amusing Simon Benson, would allow the Australian Signals Directorate to “shut down and destroy foreign criminal networks, including those responsible for recent global ransomware attacks”. Those attacks, Benson noted, “shut down a Cadbury’s factory in Tasmania”.
Mess with our chocolates, at your peril, hackers!
In an “exclusive”, at the ABC, we had a similar story. “A new information warfare unit … will be tasked with defending Australian military targets from cyber attacks and preparing to launch its own assaults on foreign forces.”
Get Crikey FREE to your inbox every weekday morning with the Crikey Worm.
Meantime, cybersecurity minister Dan Tehan was calling the ransomware attacks a “wake-up call”.
“We are in contact with our Five Eyes partners … It appears to be the same vulnerability as Wannacry,” Tehan said on Wednesday, referring to the previous major ransomware attack in May. Tehan called that attack a “wake-up call”, too. In fact, virtually every cyber attack is called a “wake-up call”, stretching back decades, as NPR noted in the US.
If it was a genuine wake-up call, Tehan would acknowledge that it is our “Five Eyes partners” who are to blame for both Wannacry and Petya, because both use a vulnerability in a Microsoft operating system that the NSA either discovered for itself or purchased, and then kept quiet about, rather than alerting Microsoft about the flaw. The NSA, presumably, thought it too useful for its commercial espionage to bother alerting Redmond that there was a serious problem in its software. Until, that is, someone stole it from the NSA, and the NSA belatedly decided to might be a good idea to contact Microsoft and tell them to patch it.
The problem with this macho posturing stuff on cybersecurity is that it simply repeats exactly that cycle. How will the ASD “destroy foreign criminal networks”, especially those with the gall to go after our lollies? Why, using vulnerabilities discovered by the Five Eyes network or purchased by them, and then hoarded, rather than fixed. Inevitably, those vulnerabilities will be stolen from agencies, just like the NSA’s and CIA’s troves of vulnerabilities have been stolen, or they’ll be discovered by foreign agencies or criminals, and because they haven’t been fixed, exploited by them as well.
The ASD, along with its counterparts at the NSA, and at GCHQ, and in Canada and New Zealand, makes us all less safe with their approach to cybersecurity. That is the wake up call. But we’re too busy talking rubbish about cyber wars to hear it.