Battle to protect Australia’s defence data from spies

Cyber experts from the nation’s top defence companies are meeting regularly in Adelaide to thwart the rise of unfriendly nations hunting for weaknesses in Australia’s military networks.

Mar 06, 2023, updated Mar 07, 2023
Director General Mike Burgess outside ASIO headquarters in Canberra. Photo: AAP Image/Mick Tsikas

Director General Mike Burgess outside ASIO headquarters in Canberra. Photo: AAP Image/Mick Tsikas

BAE Systems, Northrop Grumman and Boeing Defence Australia are among those working together to battle a growing number of defence sector cyberattacks, with ASIO chief Mike Burgess recently saying it now feels like “hand to hand combat”.

The primes meet monthly through the Adelaide node of the Australian Cyber Security Centre which one member says is now “considered the defence” branch.

Australian Security Intelligence Organisation (ASIO) director general Burgess said in his annual threat assessment a few weeks ago, that more Australians are being targeted for espionage and foreign interference than at any time in Australia’s history.

“More hostile foreign intelligence services, more spies, more targeting, more harm, more ASIO investigations, more ASIO disruptions,” he said, adding that there is a growing awareness the nation must secure its systems.

Companies and governments are stepping up their work to tackle the threat.

Last week, the Federal Government announced the $1.7 billion cyber security plan set up under the former Scott Morrison government in the aftermath of high-profile hacks of Optus and Medibank is being overhauled.

Under the new strategy, a new national cyber office led by a national coordinator of cyber security is being established under the Home Affairs Department.

Lot Fourteen-based AustCyber group executive Jason Murrell is backing a collaborative approach.

He told a recent business lunch in Adelaide that Australia needs a volunteer community – much like the SES or CFS – to run toward the danger of cyberattacks as they are “coming in and harder and faster all the time.”

“We know what to do in a bushfire and flood. Everyone, loads of people, you know, the volunteers, go running toward those incidents,” Murrell said

“But when it’s a cyber incident, this is exactly what happens: we put the shutters down, get behind the curtains, bunker down and don’t really take help from anyone.

“Where in the (cyber) community we should be all running toward that person or that business and those people and helping them like we do in a bushfire or a flood.”

Adelaide-headquartered BAE Systems Australia is already working with other defence primes and SMEs to ensure cyber security networks protect highly sensitive data.

BAE Systems head of cyber security in Australia Gus Campbell said the company meets other primes mainly in Adelaide each month, working with the government’s central security centre that monitors cyber threats across the globe 24 hours a day, seven days a week.

Campbell said BAE Systems has its own dedicated department working to educate employees, conduct password defence and actively protect sensitive data.

InDaily in your inbox. The best local news every workday at lunch time.
By signing up, you agree to our User Agreement andPrivacy Policy & Cookie Statement. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

“Active defence is the threat hunting, actively searching in your networks or estate for threats,’ he said, adding that the company established its Tonsley hub with Flinders University to reduce risk by testing technologies outside of the network.

The company works on some of the nation’s largest and most complex defence projects and is currently building nine advanced anti-submarine warships known as the Hunter class frigates at the Osborne Naval Shipyard in South Australia.

Campbell said BAE Systems recognises the threat to sensitive data right through the supply chain, companies working on its national defence projects range from larger entities like Saab Australia to “Mum and Dad” businesses.

Among them is Lonsdale-based REDARC Defence and Space, the company partnering with UK company MARL International in a $23 million contract to supply 12,600 LED lights for the Hunter class warships.

BAE Systems partnered with Saab Australia, industry and government to develop a Cyber Framework for the Defence Industry so all supply chain companies can better measure and increase cyber resilience.

The company’s chief information and digital officer Michael Salas said it would also support more SMEs wanting to get into the supply chain by ensuring they have “cyber maturity”.

During his address in Canberra, Burgess said ASIO is busier than any time in its 74-year history, singling out the repercussions of the trilateral security pact between Australia, United Kingdom and United States Alliance announced in September 2021.

Under the AUKUS pact, the US and UK will help Australia acquire nuclear-powered submarines, an announcement by the Federal Government on its Future Submarine project is expected this month.

“Since the announcement of AUKUS, there’s been a distinct uptick in the online targeting of people working in Australia’s defence industry,” he said.

“Spies are also turning more attention to non-government employees, as well as former clearance holders.

“These individuals do not have the same security support and reporting obligations as someone who works for ASIO, for example – and are therefore more vulnerable.”

Local News Matters
Copyright © 2024 InDaily.
All rights reserved.