According to WikiLeaks cables published by The Age newspaper this week, in 2008 one of Australia’s peak intelligence organisations was concerned that the national intelligence community was “hard pressed” to understand the full extent of the cybersecurity threat.
In a meeting held in Canberra (according to the US cable published online, and first publicised by iTnews), in October 2008, US assistant secretary of State for Intelligence and Research (INR), Randall Fort, met with director of the Australian Defence Intelligence Organization (DIO), Major General, Maurie McNarn, and his deputy Michael Shoebridge.
They discussed the trilateral United States/Japan/Australia task-force employed against countries of mutual concern: that is to say North Korea and its weapons of mass destruction, and China’s naval capabilities, for example.
The INR had recently visited Tokyo and compared its views on Japanese intelligence with the DIO’s. McNarn said he agreed the Japanese Intelligence Community gave encouraging signs of collaboration against the concerning-countries, but that major problem of compatibility with respect to security standards were also arising.
Then US ambassador to Australia, Robert McCallum, appeared to write in the cable that McNarn and Shoebridge sought Fort’s comments over INR’s role leading the US intelligence community efforts within the Comprehensive National Cybersecurity Initiative (CNCI).
The reason, according to McCallum, was that Australia’s defense seniors feared the national intelligence community was so “hard pressed to understand the full extent of the threat” with respect to the cybersecurity environment and could not lead the coordination of any inter-agency mitigation efforts.
McNarn said, according to the cable, that the Defense Signals Directorate (DSD) was leading Australia to tackle the issue, but was looking backwards to “traditional intelligence collection/counterintelligence themes”, concluding Australian intelligence should stay engaged with the US to improve its cyber-knowledge.
A response is being sought from the Defence Signals Directorate.
The news comes as this year, the Department of Defence has started hiring cyber-security staff in bulk, to be part of its Australian Defence Force Computer Security Incident Response Team, based in Canberra. It has also been hiring for its newly opened and separate Cyber Security Operations Centre. Defence Minister John Faulkner opened the CSOC in mid-January (pictured), describing the move as a major step in meeting Defence’s commitment to understand online threats.
The position of the CSIRT and CSOC within Defence, in addition to existing groups such as the Defence Signals Directorate and the Australian Government Computer Emergency Readiness team (CERT Australia) within the Attorney-General’s Department — as well as the existing non-profit and non-government AusCERT, means Australia now has a plethora of electronic security organisations to handle serious electronic threats.
As several of these have been created recently, it remains unclear thus far what the exact levels of jurisdiction are between their operations. The various state and Federal branches of Australian police forces also operate significant e-crime units.
Image credit: Department of Defence