News | International
8 Aug 2020 9:01
NZCity News
NZCity CalculatorReturn to NZCity

  • Start Page
  • Personalise
  • Sport
  • Weather
  • Finance
  • Shopping
  • Jobs
  • Horoscopes
  • Lotto Results
  • Photo Gallery
  • Site Gallery
  • TVNow
  • Dating
  • SearchNZ
  • NZSearch
  • RugbyLeague
  • Make Home
  • About NZCity
  • Contact NZCity
  • Your Privacy
  • Advertising
  • Login
  • Join for Free

  •   Home > News > International

    Australia's cyber security watch room is monitoring threats 24/7. Here's what it's like inside

    This Canberra headquarters looks like any other nondescript government building but, a few steps inside the lobby, a lattice made up of zeros and ones provides a clue as to what's going on inside. Here's what happens in Australia's 24/7 cyber security wat

    For a dedicated few, keeping Australia safe online starts in the early hours of the morning. That's when the day shift starts for analysts in the Australian Cyber Security Centre's 24/7 watch room.

    Their Canberra headquarters looks like any other nondescript government building but, a few steps inside the lobby, a lattice made up of zeros and ones provides a clue as to what's going on inside.

    Now more than ever, Australians are living their lives online. And every connection for work, school or leisure creates a new vulnerability.

    Prime Minister Scott Morrison's unusual press conference in June declaring that Australia was under sustained attack came after months of warnings that the COVID-19 pandemic was providing a valuable opportunity for criminals.

    If a determined attacker did try to turn the lights out in Sydney, or tie up a hospital's files with ransomware, the watch room team in the ACSC should be among the first to know.

    "Defence is always the best offence," according to Abigail Bradshaw, the agency's head.

    "To the extent that we can … help Australians lift their defences, the better they are in terms of surviving the attempts of those that are trying to do them harm."

    One call every 10 minutes

    Based in the Australian Signals Directorate, the country's intelligence and security agency, the ACSC was set up in 2014 and leads Government efforts to improve Australia's security online.

    In the watch room, someone is always on deck — but we can't tell you their names or show you their faces.

    Five teams work an unusual schedule of shifts: two days, two nights, and then a few days off. And there's an order to things. A handover in the early hours of the day, a daily briefing for the executive and continuous triaging of the incidents that come their way.

    They try to keep on top of all the ways Australians may be targeted online, as well as working with staff from the Australian Federal Police and the Australian Criminal Intelligence Commission.

    Their information may come from public sources like online forums following the activities of hackers and criminal groups, from the briefings of security partners overseas, or calls from local businesses to the hotline.

    All this allows the team to make "the best picture that they possibly can", Ms Bradshaw said, of cyber-criminal tradecraft and tactics, as well as spotting where vulnerabilities may emerge across industries and the country.

    Overall, the team handles hundreds of daily communications from partners and industry, as well as a new cybercrime report every 10 minutes on average.

    And each day, the centre identifies and responds to multiple security incidents.

    That could be reports of scanning and reconnaissance activity, when attackers look for unguarded ways to access a network, such as passwords that have never changed from the factory setting.

    Then there could be phishing activity — emails or text messages that encourage people to click a link or open an attachment, allowing an attacker to get their first foothold on the network.

    The COVID-19 threat

    The COVID-19 pandemic has been a busy time for the ACSC. The past few months have been marked by an uptick in cybercrime, and even warnings from the Australian Government directed at nations who were using the upheaval to hack healthcare companies.

    The massive, nationwide shift to working from home brought new security challenges. Fear and confusion also offered an opportunity to exploit.

    It was in late March and early April that analysts started to spot COVID-19-themed websites designed to support phishing campaigns, seeking to steal personal details or install malware.

    "We've seen COVID 19 themed phishing campaigns trying to attract people to click a link related to … government stimulus measures [and] COVID-19 testing," said Commander Chris Goldsmid, who leads cybercrime operations for the AFP.

    "They're just pivoting to COVID-19 as a way of getting people's attention, getting them to click those links and open those attachments."

    In response, the ACSC identified IP addresses associated with the scam websites and handed them over to law enforcement. They also asked telecommunication companies to block certain IP addresses as they popped up.

    Coronavirus-related scams appear to have tailed off somewhat for now. But before COVID-19, it was bushfire scams. And next month, it will be something else.

    Attribution — identifying the attacker — is notoriously complicated by the fact that both criminals and nation states often use the same tools.

    And it all goes on and on because, in the words of one watch room officer, "people keep clicking the link".

    Bringing Australia's cybersecurity up to scratch

    While the watch room tries to keep on top of online threats, Australia's overall preparedness for malicious internet activity or even cyberwarfare is hotly debated.

    "There's a constant game or constant pattern of attack, defend, attack, defend," said Lesley Seebeck, chief executive of the Cyber Institute at the Australian National University

    In her view, we must ensure cybersecurity does not become defined as only a question of national security, but also one of protecting civilians and business.

    "We need to be able to give people, individuals, the tools they need to look after themselves," she said.

    A Department of Defence review, recently obtained by the ABC, suggested Australia was unprepared for cyberwarfare, among other threats. And regular audits of the cybersecurity preparedness of government departments shows they need improvement.

    In fact, the Commonwealth Cyber Security Posture in 2019 report, prepared by the ACSC, found that most Commonwealth entities had only "ad hoc" or "developing" compliance with the government cybersecurity mitigation framework.

    Australia's new and much-anticipated four-year cyber security strategy is overdue, but the Government recently announced $1.35 billion in funding allocation to beef up Australia's online security, including $470 million for 500 new jobs at the Australian Signals Directorate.

    But given Australia's skill shortage in this area, Peter Coroneos, international vice president of Cybersecurity Advisors Network, assessed that goal as "very difficult".

    "Where do you pull 500 cyber experts out of nowhere?" he asked.

    "We need to think very creatively around the whole skills and education approach."

    Ms Bradshaw acknowledged that getting these new employees through the door is one of her biggest challenges.

    "You might be part of a team that's pulling apart a piece of ransomware," she said.

    "Or you might be a person that's preparing really practical advice for … people at home just trying to get on with their lives online."


    © 2020 ABC Australian Broadcasting Corporation. All rights reserved

     Other International News
     08 Aug: India's biggest slum has so far nailed coronavirus COVID-19. Here's how they did it
     08 Aug: Bad weather is being blamed for a fatal plane crash in India, that's now claimed at least 20 lives
     07 Aug: Liberal MP Craig Kelly said Victorian Premier Daniel Andrews could be jailed for his stance on hydroxychloroquine. An expert says there's 'zero chance'
     07 Aug: Twitter will label state-affiliated media, as well as government accounts from China, US, France, Russia and UK
     07 Aug: Young Australians avoid COVID-19 news so traditional health messaging doesn't work
     07 Aug: Scientists create brightest-known fluorescent materials in existence
     07 Aug: Coronavirus is running rampant on Java, but 2.4km across the sea, Bali is faring much better
     Top Stories

    Crusaders coach Scott Robertson's singing the praises of one of his bench players ahead of Sunday's Super Rugby Aotearoa match against the Highlanders More...

    A University of Leeds report has revealed the global reduction in travel and industrial activity is doing little to stop global warming More...

     Today's News

    A decision has been made over the women's 50-over cricket World Cup to be staged in New Zealand 8:56

    A massive result in the context of the finals of netball's ANZ Premiership 8:46

    Priyanka Chopra and Nick Jonas "have to be even more careful" during the coronavirus pandemic 8:44

    Rugby League:
    After a week of off-field discussions, the Warriors have made a statement on it 8:16

    Ellen Pompeo chose "money" over "creative acting roles" 8:14

    A University of Leeds report has revealed the global reduction in travel and industrial activity is doing little to stop global warming 8:06

    Health & Safety:
    India's biggest slum has so far nailed coronavirus COVID-19. Here's how they did it 7:56

    Rugby League:
    Warriors coach Todd Payten's praised the composure of young half Chanel Harris-Tavita following their victory over Manly in the NRL 7:56

    Living & Travel:
    Bad weather is being blamed for a fatal plane crash in India, that's now claimed at least 20 lives 7:46

    Ferne McCann "needed" to get healthy to save herself after making "some silly decisions" 7:44

     News Search

    Power Search

    © 2020 New Zealand City Ltd