We haven't had a real cyber attack: ACSC

The cybersecurity industry and the media are too liberal with the use of their term “cyber attack”, and by the more accurate definition Australia has never been the target of such an attack, according to the Australian Cyber Security Centre.

The organisation’s second Threat Report notes that by the Australian government’s definition of cyber attack, Australia is unlikely to fall victim to one within the next five years.

Under the government’s definition, which is used to underpin provisions of the ANZUS treaty dealing with mutual information exchange, a cyber attack must be a deliberate act to “manipulate, disrupt, deny, degrade or destroy computers or networks, or the information resident on them, with the effect of seriously compromising national security, stability or economic prosperity”.

While a wide number of nation states have the capability of launching such an attack, unless there is a shift in intent, one is unlikely to occur in the short term.

But the ACSC did note that increasing occurrences of disruptive or disruptive incidents in other markets, and the ongoing absence of repercussions for the perpetrators, may embolden some nation-state actors to continue their efforts. A shift in intent to target Australia with a cyber attack could also occur relatively quickly.

In contrast with cyber attacks, Australia continues to be “a target of persistent and sophisticated cyber espionage”, the report states.

More and more foreign states have acquired or are acquiring cyber espionage capabilities, and a range of “state-based adversaries” are attempting to infiltrate Australian systems.

While ACSC is continuing to build its knowledge of the adversaries targeting Australian systems, the number of detected and reported incidents of cyber espionage in non-government networks are likely to be a fraction of the total.

But the ACSC was dismissive of the potential threats posed by cyberterrorism — at least for now.

“Terrorist groups that seek to harm Western interests currently pose a low cyber threat. Apart from demonstrating a savvy understanding of social media and exploiting the internet for propaganda purposes, terrorist cyber capabilities generally remain rudimentary and show few signs of improving significantly in the near future,” the report states.

“They will continue to focus on DDoS activities, hijacking social media accounts, defacing websites, the hack and release of personal information and compromising poorly secured internet-connected services. It is unlikely terrorists will be able to compromise a secure network and generate a significant disruptive or destructive effect for at least the next two to three years.”

Image courtesy of Christiaan Colen under CC