Home Affairs chief says cyberattacks threaten ‘everything, everywhere all at once’

Save articles for later

Add articles to your saved list and come back to them any time.

London: Governments are struggling to keep pace with the global disruption caused by rapidly advancing cyberattacks, one of Australia’s most influential public servants has warned, saying the tactics used by criminals and authoritarian states are changing almost daily.

Michael Pezzullo, the long-time secretary of the federal Department of Home Affairs, says the threats to daily life, now we are so digitally connected, are “everything, everywhere all at once”.

Home Affairs department secretary, Michael Pezzullo, says the cyber security challenge is among the most complex Australia faces.Credit: Natalie Boog

The department has reached a critical stage in developing Australia’s strategy for dealing with national security challenges, as the federal government consults with the business and technology sectors on how to best defend against relentless cyberattacks on the banks, hospitals, energy grids and mass communication systems.

Pezzullo’s warnings come as his British counterpart at the UK’s National Cyber Security Centre last week warned that the West cannot afford complacency over the “dramatic rise of China as a technology superpower”, as Beijing aims for technical supremacy over western countries rather than just parity. Leaked intelligence reports in the past week revealed China is building sophisticated cyber weapons to “seize control” of enemy satellites and of a potential a surge in Russia-aligned hackers aiming to “disrupt or destroy” energy facilities such as power stations.

In London to meet with British counterparts, Pezzullo said in an interview that all policymakers would be “wise to take careful note” of what such eminent experts are saying, but the Australian government was widely viewed as a world leader in legislative responses, such as critical infrastructure legislation.

Pezzullo said governments could not completely regulate their way out of challenges, so he believed it was critical governments, law enforcement agencies and the corporate sector aligned their thinking.

“It’s an intrinsically complex policy space, and [we are] always trying to catch up with a problem. Just a few years ago, you’d say at some point, AI will become pervasive in our lives. And we have to think about regulating it, and its ethical use. Well, it’s here.”

Pezzullo said while innovations such as chatGPT, a language processing tool driven by AI technology that allows users to have human-like conversations, could seriously disrupt education, it had potential for major medical advances by poring over a century of medical literature.

“It’s a tool potentially valuable to the adversary – like a ransomware gang saying ‘oh we don’t just have to hit one hospital at a time’… using AI-driven bots, we can hit multiples,” he said. “But equally the defender gets AI going and says hang on, this is going to be able to detect at a faster rate than any machine with a human interface will, so let’s just unleash AI back at their AI.

“So the speed of development and the speed of disruption, even probably a couple of years ago, it’s been measured in months and weeks now has been measured in days.”

Cybersecurity concerns have escalated after a series of high-profile corporate data breaches, including at Optus, Medibank and Latitude Financial.

Pezzullo, who has overseen the department since its creation in 2017, said cybersecurity did not have to be viewed as a burden being imposed on business.

“It kind of makes sense to everyone because we’re all doing it. Google’s thinking about that. Banks are thinking about it, telcos are thinking about it. Governments are thinking about it… what this is really about is bringing some coherence and some integration of effort,” he said.

Pezzullo said such was the pace of change that conventional thinking over cyber warfare had also evolved since initial fears of a potential “cyber Pearl Harbour” at the start of Russia’s invasion of Ukraine.

A Kremlin-backed cyberattack in February last year knocked out service to thousands of Viasat customers in Poland, Italy and Germany, where several hundred wind turbines were affected. The Viasat hack, while sophisticated, involved breaking into the company’s computer systems and sending out instructions to the modems that caused them to malfunction.

Pezzullo said the Ukrainian experience demonstrated that defenders can have an advantage because they can reconfigure their networks.

“It’s evident that the Russians threw a lot at the issue because the Ukrainians themselves were under persistent probing and attacks,” he said

“What the Ukraine experience has shown is that if you’ve got some pre-arranged resilience in your system, if you have practice, rehearsed, run your scenarios, and then you’ve also got a surge … the there’s nothing inevitable about such an onslaught.”

Cut through the noise of federal politics with news, views and expert analysis from Jacqueline Maley. Subscribers can sign up to our weekly Inside Politics newsletter here.

Most Viewed in World

From our partners

Source: Read Full Article