As Russia gets pinged throughout the western world for going rogue on cyber, Australia’s freshly minted Cyber Ambassador has called for greater international cooperation on punishing malicious cyber activity.
The Australian Cyber Security Centre (ACSC) yesterday warned of Russian state sponsored actors targeting Cisco routers worldwide, including Australia, to try and extract configuration files from routers and switches.
The entry point was Cisco’s Smart Install feature and the ACSC post included instructions on how to lock down the exploit.
Meanwhile Minister for Law Enforcement and Cyber Security Angus Taylor went on the offensive saying that Australian intelligence agencies in consultation with our allies had determined that Russian state sponsored actors were responsible for the attacks on Cisco equipment which happened during 2017.
Mr Taylor said a “significant” number of Australian organisations had been attacked but there was no indication that Australian information had been compromised. There were no figures given for the number of Australian organisations affected.
“This attempt by Russia is a sharp reminder that Australian businesses and individuals are constantly targeted by malicious state and non-state actors, and we must maintain rigorous cyber security practices,” Mr Taylor said in a statement.
The attacks were “unacceptable” and he said Australia called on all countries, including Russia not to employ cyber attacks that could damage critical infrastructure.
Mr Taylor is in the US meeting with government counterparts there, including Secretary of Homeland Security Kirstjen Nielsen and Department of Justice and Federal Bureau of Investigation officials to discuss cyber security and law enforcement and how to respond to cyber threats.
“A strong alliance between Australia and the United States is crucial if we are to prevent and develop strong defences to state-sponsored cyber incidents,” Mr Taylor said.
Australian Cyber Ambassador Tobias Feakin, who was speaking at the ACSC Conference 2018 last week, said the country had cyber challenges that if not addressed could unravel all the progress made so far.
“We are in the midst of a digital revolution the likes of which we have never seen before. It’s a fundamental part of everything we do, a key part of our economic engine that we are growing now and into the future.
“But we also face some pretty severe challenges and if we don’t address those challenges then we are going to unravel everything we are trying to achieve,” Mr Feakin said.
Nations have battled over land, sea and air in the past and now the internet has emerged as a new plane of warfare.
“The internet has become a contested strategic space between states,” said Mr Feakin.
“We are getting to the point we there is scarcely an international issue that we are dealing with that doesn’t have an overt or a covert cyber component to it from election interference to sophisticated global criminal networks … to more positive elements like the digital economy and trade.
Looking back at his twelve months in the role of Australia’s first Cyber Ambassador, Mr Feakin said he been struck that this region was on the “cusp of a remarkable explosion in digital economic growth.”
But his office was also readying itself on how to respond when states or their proxies broke the agreed rules in cyberspace.
“Law applies in cyberspace as much as it does in the physical space and we are not dealing with an ungoverned space
“It would be easy to think that just because we are seeing so much nefarious activity that (cyberspace) is akin to the wild west
“That’s simply not true. We already have laws that are applicable in this environment,” he said.
International law regarding cyberspace was largely squared away under a UN agreement in 2013.
“The entirety of the UN Charter applies in cyberspace,” said Mr Feakin, adding that the Charter made it clear that it was unlawful to use ICT as a force to impugn the territorial integrity of a nation.
So countries which have been under cyber-attack from another country have the right to react in self-defence, either singly or collectively.
This piece of international law was “pertinent” to some recent events, he said.
Rewriting international law to encompass cyberspace, as some countries have suggested, was a waste of time.
“Some countries have argued we need to go back to first principles and redraw everything that has occurred so far in the international legal system and try and renegotiate new conventions for cyberspace – rip up what’s there and start from a blank sheet of paper.
“We feel as Australia that is totally unnecessary. It would be a comprehensive waste of time and unravel all the things and hard work we have done in the international system so far.”
Redrafting international cyber law would take multiple decades while technology advances during the process would make the rejig out of date before it was enacted and allow bad actors free rein.
“Rather than tying ourselves in those knots of renegotiation and drawing up a new treaty and scrapping everything we’ve done we need to deepen our understanding of how international law applies in cyberspace in a more precise manner.”
The UN had already agreed on eleven “norms” for how countries should behave in cyberspace. Australia through its International Cyber Engagement Strategy had already committed to the entirety of those agreed norms of behaviour.
“That includes norms suggested by countries we normally wouldn’t agree with,” said Mr Feakin.
Examples included countries agreeing to refrain from any type of online activity that damaged critical infrastructure.
There needed to be an enforcement stick for these already agreed cyberspace laws and behaviour norms.
“What have we seen? Certain countries who have signed up to these norms and legal understandings in the blink of an eye have conducted activity which directly contravenes the agreements they have just signed.”
This problem has raised the issue of cyber deterrence, especially against nations such as Russia that have violated cyber agreements.
“Deterring malicious cyber activity is really important to preserving the stability of cyberspace.
“What we are looking at now is how do you increase the cost of inappropriate behaviour and malicious activity
“Recent events are suggesting to us that malicious actors believe their activity in cyberspace is completely immune to any kind of punishment,” Mr Feakin said.
He said some countries needed to think twice before pressing the go button on harmful cyber action.
The response to a malicious state actor did not have to be via cyber means, Mr Feakin said. They could involve a range of measures including legal, political, economic, diplomatic or military.
The civilised cyber world needed to improve its co-ordination in responding to bad state actors.
“Unilateral actions just aren’t quite working so we need to do more on that collaborative piece,” he said.