Prime Minister Scott Morrison has issued a warning on the threats posed by foreign interference, cyber-attacks and disinformation in the Indo-Pacific region, as the federal government prepares to unveil its new cybersecurity strategy.
In a virtual address to the ASPEN Security Forum on Wednesday, Mr Morrison flagged the growing threat from cyber-attacks and misinformation campaigns as a key issue facing the Indo-Pacific region.
“Today, the Indo-Pacific is the epicentre of strategic competition. Democratic nations face new threats from foreign interference. Cyber-attacks are increasing in frequency and sophistication. Disinformation is being used to manipulate free societies,” Mr Morrison said in the speech.
“It’s fair to say that in 2020, our ‘international society’ is under strain.”
While some have seen this leading to the “weakening of the rules-based international order”, Mr Morrison flagged a more cooperative approach in the region to work with other nations in order to combat these growing risks.
“We want to see international engagement framed by agreed rules and norms, not crude economic or political coercion. But nor do we practically think longing for the past amounts to a strategy,” he said.
“The configuration of power in global politics has changed. We have to deal with the world as it is, not as we’d like it to be.”
These new networks of cooperation are “absolutely vital” for trade, science and technology, defence and security and people-to-people exchange, the Prime Minister said.
The speech was another signpost cybersecurity moment from Mr Morrison, with the federal government recently ramping up its focus on the topic, and particularly its intersection with defence, in recent months, after remaining largely silent on it earlier this year.
The government had been expected to launch its new 2020 Cyber Security Strategy before the planned May budget, but this has been delayed due to the ongoing COVID-19 pandemic. The strategy is now expected before the delayed budget in October.
The escalation in cyber rhetoric has come mostly from the Prime Minister himself rather than the responsible minister, Home Affairs Minister Peter Dutton, who has remained largely silent on the issue.
In mid-June Mr Morrison fronted a hurriedly called press conference early in the morning to warn that Australian businesses and governments have been targeted as part of a sustained cyberattack by a “sophisticated state-based cyber actor”, widely believed to be originating in China.
The attack was making use of already known vulnerabilities with available fixes, with businesses advised to install patches and implement two-factor authentication.
This warning was quickly followed by the largest ever funding commitment to cybersecurity from the government, with $1.35 billion in reappropriated Defence funding to go towards cybersecurity capabilities over the next decade.
The Cyber Enhanced Situational Awareness and Response Package includes increased efforts to identify more cyber threats, disrupt more foreign cybercriminals and build more partnerships with industry and government.
A large portion of this funding remains uncommitted and is expected to be revealed in the upcoming cyber strategy.
The government’s industry advisory panel for the strategy delivered its report to government late last month, with 60 recommendations in total.
The panel, consisting largely of telcos and larger corporations, called for new initiatives and policy reforms urgently to combat the growing threat of cyber-attacks and to improve the resilience of the economy.
It’s urgent recommendations included a focus on critical infrastructure, digital supply chains and public sector cyber resilience. The panel also said that there should be more clear consequences for malicious cyber actors found to be targeting Australia, including through law enforcement, diplomatic means and economic sanctions.
The government should more willingly publicly attribute these cyberattacks, the panel recommended.