Australia Labor Party wants a dedicated cybersecurity minister: Would it help?

An election win for Australia’s Labor Party opposition could see cybersecurity elevated to become a front-bench ministerial role, opposition leader Anthony Albanese has said as he lays out plans for the complex cybersecurity climate he will inherit if—as polls now suggest is likely—his party finally unseats the government of incumbent prime minister Scott Morrison.

“Australia has already been the target of state-sponsored cyberattacks, aimed at political parties, government departments, universities, and corporations,” Albanese said during a speech at think tank Lowy Institute, where he outlined his strategy for national security in an era of global upheaval and a vicious war that is actively challenging the world order.

Given a long history of working with the government on a bipartisan basis to support initiatives such as new national-security legislation and the controversial AUKUS multinational deal, Albanese proclaimed that “national security is above politics”—and then went on to call out deficiencies in the Morrison government’s approach to cybersecurity.

Recognising the importance of cybersecurity and data protection to Australia’s economy and national security, in 2019 Albanese created a role of Shadow Assistant Minister for Communications and Cyber Security, currently held by Gellibrand MP Tim Watts.

The election of an Albanese-led government would elevate the cybersecurity ministry to Labor’s front bench, giving the area a strategic independence that would stand in stark contrast to the approach of Morrison, who has managed cybersecurity responsibilities as one of many responsibilities for ministers covering defence and related issues.

“Lifting cyber resilience across the nation, across public, private and civil systems, requires political leadership,” Albanese said. “That’s why I kept a dedicated role for cybersecurity. Cybersecurity needs to be someone’s day job, not the last item on another minister’s to do list.”

Inheriting a global cyberwar

Appointing a dedicated cybersecurity minister is a key sign that Australia is serious about its capabilities and role on the world stage, said Ian Yip, CEO of security consultancy Avertro. “Our cyberresilience as a nation is critical to our way of life,” he said, but “policies and regulation are only part of the puzzle. Nothing proves to independent observers that something is truly important than having the right people in place with the appropriate focused set of responsibilities,” he said, noting that the government’s previous decision to axe the cybersecurity minister role was “a step in the wrong direction. It is high time that we had a government that truly understand how critical cybersecurity is and is willing to take the necessary steps.”

If Labor does win the election—whose date is still up in the air but must be called by 18 April—the new cybersecurity minister will step into a role that has rapidly escalated in importance to become a key aspect of Australia’s infrastructure integrity and national defence.

It’s a challenge that Watts presaged during a speech to the recent Australian Information Security Association (AISA) annual conference, where he warned that “the contest between democratic and authoritarian values is now utterly pervasive in the technology sector. … The digital global village is being divided and enclosed. Tools of cyber-enabled foreign interference threaten to undermine Australia’s sovereignty. In this new environment of cyber-enabled foreign interference, the resilience of our democracy is now a national-security imperative.”

How the Russia-Ukraine conflict tests Australia’s cybersecurity defences

Weeks into the Ukraine conflict, Australia’s cyberresilience is being tested by online cybersecurity activities that have —thanks to Australian sanctions and support of economic action by other Western countries—put Australian businesses and institutions in the firing line of cybercriminals.

Security threats, stemming from rapid changes such as Russia’s shift to a domestic TLS Certificate Authorityand paranoia about using Russian-made security products, have surfaced amidst an explosion in cybersecurity activity that includes new attacks like the LokiLocker ransomware, allegations that China is China is crippling Ukrainian drones, and evidence of subspecialisation amongst cybercriminal actors with long lists of grievances and even longer lists of possible targets.

And while Albanese promised to counter threats to Australia with “better and smarter cybersecurity”, the collective weight of today’s combative cybersecurity environment—security researchers recently uncovered the third new destructive ‘wiper’ malware launched at Ukraine in recent weeks—risks becoming the next headache for Australian CISOs if they are drawn into an increasingly chaotic online climate.

“There are all kinds of social causes coming out of the woodwork, not the least of which is upcoming elections,” Mike Hamilton, said former CISO of the US city of Seattle and founder of cybersecurity consultancy and service provider Critical Insight, said during a recent webinar on the Ukraine invasion.

Noting the flood of cybercriminal actors that have ramped up their online activities in the weeks since Russia’s invasion of Ukraine, Hamilton warned that “a lot of people feel right now that it’s fair game to start shooting at Russia, and this has the potential to jump the fence and really get out of control. The first shot that gets fired [at a NATO country], even if it’s a cyber shot—that could blow up.”

Citing the 2017 NotPetya incident—in which Ukrainian accounting software was infected with Russian malware that rapidly spread, causing global disaster for companies like shipping giant Maersk—Bryan Hurd, chief of office at Aon Cyber Insurance (Stroz Friedberg) and founder of the US Navy’s NCIS Cyber CI Program, said the latest conflict risked cybersecurity damage that the world can’t afford.

“We have many clients who either have staff in the Ukraine and are trying to protect them,” he said, advising CISOs to be hardening their infrastructure against collateral damage to ensure any attacks don’t rapidly escalate out of control,” he said. “They’re locking down and putting further watertight compartments in the organisation to make sure any weapons targeting Ukrainian subsidiaries, developers or suppliers don’t accidentally come up the wire.”

Now that Russia has been economically isolated from the rest of the world, Hamilton warned, sanctions-hit Russia is likely to turn to cybercrime to raise funds—and that could pose problems for Australia and every other country that has publicly come out against Russia.

“They need the money, and there is an infrastructure that’s already there,” he said. “Are they going to take down the electrical grid? No—they’re going to steal money. And if you’re a financial institution, or anybody that has money, cybercrime is going to go way up.”