FiledIMAGE - Fotolia
Australia to invest a record A$1.35bn in cyber security
The Australian government is making its largest ever investment in cyber security over the next decade to identify cyber threats, disrupt foreign cyber criminals and build new capabilities
The Australian government is making its largest ever investment of A$1.35bn in cyber security over the next decade to fend off cyber attacks that have intensified in recent months.
Dubbed the Cyber Enhanced Situational Awareness and Response (Cesar) package, the investment will help Australia identify cyber threats, disrupt foreign cyber criminals and build industry partnerships, said Australian prime minister Scott Morrison yesterday.
Noting that malicious cyber activity undermines the government’s efforts to protect Australia’s economy, national security and sovereignty, Morrison said the record investment will ensure the country has the tools and capabilities to fight back.
Of the total investment, over A$31m will go towards enhancing the ability of the Australian Signals Directorate (ASD) to disrupt cyber crime offshore, taking the fight to foreign criminals that seek to target Australians, and helping federal, state and territory law enforcement agencies.
In addition, over A$35m will be used to build a new cyber threat-sharing platform, enabling industry and government to share intelligence about malicious cyber activity, and block emerging threats in near real-time.
With telco networks on the frontline of efforts to mitigate cyber attacks, over A$12m will also go towards enabling the ASD and Australia’s major telcos to block known malicious websites and computer viruses at speed.
To enhance understanding of malicious cyber activity so that emerging cyber threats can be identified and responded to quickly, the ASD will receive over A$118m to expand its data science and intelligence capabilities.
Read more about cyber security in Australia
- The Australian government is reviewing the nation’s cyber security strategy, but is it looking at the right issues?
- Australia’s Royal Melbourne Institute of Technology has teamed up with Amazon Web Services to launch a Cloud Innovation Centre to solve cyber security challenges.
- Australian enterprises are navigating “a train-smash” of legislation and regulations on cyber security.
- Australia’s data breach notification rules have largely been complied with, but some quarters are calling for more clarity on the reporting threshold and tougher action against errant firms.
On the cyber security skills development and jobs front, the package includes a A$470m investment to expand Australia’s cyber security workforce, with the creation of over 500 new jobs within ASD.
Morrison said the remaining details of the Cesar package will be detailed in Australia’s upcoming 2020 cyber security strategy.
Australia’s minister for defence Linda Reynolds said the massive investment will “put our nation on the front foot in combatting cyber threats and our investment in a cyber security workforce will help ensure we have the people we need to meet future cyber challenges”.
“This package is one part of our A$15bn investment in cyber and information warfare capabilities that will form part of [the department of defence’s] 2020 Force structure plan to address the rapidly evolving cyber threat landscape.”
Home affairs minister Peter Dutton said the Australian federal police and other home affairs agencies are confronting increasingly brazen cyber criminals and other online threats. “This investment will significantly strengthen our agencies’ ability to tackle these threats,” he said.
On 19 June 2020, Morrison revealed that Australian organisations across a range of sectors, including all levels of government, essential service providers and operators of critical infrastructure, are being targeted by a sophisticated nation-state threat actor.
Sean Duca, vice-president and regional chief security officer at Palo Alto Networks Asia-Pacific and Japan, said the sophisticated attacks are similar to those have been aimed at other organisations around the world.
“The ‘Copy-paste compromises’ is the result of the actor’s heavy use of proof-of-concept exploit code and other tools that is almost identical to the open source. From our analysis, there is similarity in the code reuse as the attacks made in February 2019 targeting the Australian parliament house,” Duca said.
“Cyber security risks hold a level of uncertainty; however, this demonstrates the importance of a public-private partnership and how it will enable a new level of flexibility and strength through the opportunity of knowledge sharing as cyber threats become more sophisticated,” he added.