Today Australian Prime Minister Malcolm Turnbull announced a AU$230 million Cyber Security Strategy (see PDF for full report) to beef up the country’s defensive measures after admitting government agencies have repeatedly fallen victim to cybercrime in the past.
In addition to improvements in defense, Turnbull also revealed that Australia houses significant offensive cyber attack capabilities – a measure that the government hopes will add an additional “level of deterrence”.
“Acknowledging this offensive capability […] adds to our credibility as we promote norms of good behaviour on the international stage and, importantly, familiarity with offensive measures enhances our defensive capabilities as well”, Turnbull said.
So far, the prime minister has refrained from detailing what Australia’s offensive capability might include, but he explained that, “[t]he use of such a capability is subject to stringent legal oversight and is consistent with our support for the international rules-based order and our obligations under international law”.
The plan will materialize over the next four years and will see the government spend $39 million to finance the relocation of the Australian Cyber Security Centre to a more accessible destination and $47 million for building joint public-private threat intelligence sharing centres in the country’s major cities to streamline information exchange.
The investment in cyber security aims to anticipate a possible surge in online attacks as Australia’s internet based economy is currently growing at a very fast pace – twice as rapidly as the rest of the global economy, according to the PM’s report.
Cybercrime is estimated to cost Australians over $1 billion each year, but the actual impact on the nation’s economy could be around $17 billion annually, the report further says.
With this move towards enhanced defensive and offensive capabilities, the Australian government hopes to prevent future incidents like the massive breach its Bureau of Metereology suffered back in December 2015.
Australia is not the only country looking to improve cyber security. Following severe cyber attacks from Russia in 2007, Estonia is routinely running anti-cybercrime trainings in anticipation of the next big attack. The UK too set up its own Joint Cyber Reserve unit back in 2013 to ward off and – if necessary – strike back against potential cyber threats.
via The Register