Asia Defense

Australia on the Cyber Offensive

Australia has been using hacker units to go on the offensive. But is its cyber policy up to snuff?

The Financial Review recently revealed that Australia has been using hacker units of the Australian Signals Directorate (ASD) to attack terrorist networks in the Middle East that “are conspiring against Australia.” The Financial Review, citing “multiple intelligence sources,” says that Australia has been building up an offensive “computer network attack” (CAN) capability for the last decade. According to the media, the small team of Australian cyber warriors is developing its own malware (with the support of the Defense Science and Technology Organization), yet uses payloads from the larger repertoire of their allies at the U.S. National Security Agency (NSA) and Britain’s Government Communications Headquarters (GCHQ) to increase the effectiveness of their cyber weapons.  It is understood that Australia is also coordinating cyberspace operations with their other two “five-eyes” intelligence partners — Canada and New Zealand.

The Australian “Information Activities” doctrine outlines the scope of Australia’s military activities in cyberspace (The Australian Army’s “2014 Future Land Warfare Report” and the “2013 Defense White Paper” also deal with military cyber operations) and provides specific guidance for ASD operations. The Sydney Morning Herald cites operations to “’persuade, convince, deter, disrupt, compel or coerce” opponents, offensive “computer network operations,” as well as deception, which includes, “manipulation, distortion, or falsification of evidence … to influence the mind, decisions and actions of the adversary … to form inaccurate impressions about friendly forces, squander intelligence assets, or fail to use other resources to best advantage”, as part of the ASD’s portfolio in cyberspace. The document also notes that, “some information-related capabilities are quite technical in nature and may require long lead times to be able to support the operation.”

The precise nature of Australian cyber-attacks in the Middle East is unknown. However, the Financial Review also cites attacks against a “non-democratic state that was pilfering our public and private secrets.” This involved, “has involved implanting malware on foreign servers that erased data and disabled the cooling systems such that they were ultimately ‘fried,’” according to the article.

Yet, Australia is far from being an effective military power in cyberspace according to some experts. The Diplomat contributor and former Australian intelligence analyst Greg Austin  notes “confusion” in Australia’s cyber defense policies.  In a recent paper, he states that “Australia is falling behind in digital competitiveness. This is reflected in Defense planning in our inability to adjust to the demands of cyber war. We have adjusted well in respect of cyber security, but that is a fragment of the policy spectrum covered by modern concepts of war in the information age.”

He particularly singles out the above mentioned “Information Activities” doctrine as falling short on a number of key issues. Austin argues that it:

“[D]oes not appear to embrace the high end, transformationalist view of cyber power. It limits itself to ‘information activities’ that are ‘are defined as the integration, synchronization and coordination of two or more Information-related capabilities (IRC) that generate and sustain a targeted information advantage.’  The manual contains all of the right concepts, but manifests confusion at the top end of capability between what sounds like the public relations or propaganda aspects of information policy (‘strategic communications’) and the main purpose of high end information operations which is ‘strategic strike’ to defeat or deter an enemy.”

Nevertheless, Australia has been determined to ramp up its activities in cyberspace for a while now. A 2011 recruiting brochure issued by Australia’s Signals Directorate notes, “Our adversaries are often well-resourced, highly skilled and good at concealing themselves. This threat to our cyber and information security is now a top national security priority. (…)Cyber operations in Defence Signals Directorate (DSD) are dedicated to ensuring our government can operate in cyber space with confidence. (…)  This is your chance to be at the forefront of our country’s cyber security and make a real difference.”