The Weekly Cybers #14
New defence strategy to boost cyber and space capabilities, AFP runs into AN0M problems, and Chinese hackers target think tank ASPI.
Welcome
The new national defence strategy dominates this week, with billions more to be spent on cyber capabilities, space, and upgraded the defence ICT infrastructure.
Meanwhile Chinese hackers have been at work, as always.
The AFP has run into trouble prosecuting people arrested after Operation Ironside looked into the secure smartphones that the cops themselves had provided.
And in surprising twist, I agree with Mike Pezzullo. About one thing, anyway.
Defence strategy to spend more on new technology
The Australian Government has released the 2024 National Defence Strategy (NDS) and the 2024 Integrated Investment Program (IIP). Here’s all the documents.
While there’s been screeching in some quarters about OMFG $50 BILLION MORE! It should be remembered that this is spread over the next decade, and as 9News wrote, “Of the extra $50.3 billion in funding, $5.7 billion is for the next four years”.
The funding boost will see Australia spend 2.4% of GDP on defence by 2033-34 — about 0.3% [they mean percentage points] higher than previously planned.
That’s roughly on par with the likes of the United Kingdom and India, far lower than the US’s 3.5%, and comfortably higher than what members of NATO are required to spend at 2%.
As iTnews noted, “Defence is looking at an investment in enterprise data and ICT of up to $11 billion through to mid-2034, though only a fraction of that — $1.5 billion — is considered ‘approved’.”
The program is also said to contain a boost for cyber capabilities, with $3.3 billion of spending approved, and up to $17 billion more potentially earmarked.
Add in space and electronic warfare capabilities and for “tech stuff” the total comes to $36 billion, reports InnovationAus — though once again that total is for an entire decade, and includes whatever spending was already in the federal Budget.
It also includes up to an additional $400 million for the Advanced Strategic Capabilities Accelerator (ASCA) and $1.1 billion for Australian drone and counter-drone capabilities.
Detailed analysis of the strategy is beyond the scope of this humble newsletter. However it’s worth noting that most nations’ views of their defence needs have changed dramatically in the last two years, what with the invasion of Ukraine and the war on Hamas now escalating, and lessons having already been learned.
The increased emphasis on new technologies — drones, cyber warfare, AI, and so on — seems appropriate. But it’ll be the strategy’s detailed planning and implementation that will really matter.
For further background, can I suggest the defence minister’s speech to the National Press Club, and Julian Bajkowski’s analysis at The Mandarin.
Wait? I agree with Mike Pezzullo?
It’s not often I’m on the same page the disgraced Mike Pezzullo, but here we are.
“Former secretary of the home affairs department recommends preparation of a ‘war book’ to allocate roles in the event of conflict,” reported the Guardian.
More than a few people interpreted this, and his comment about the need to “focus the national mind” on the possibility of future conflict, as Pezzullo talking up the inevitability of war, or maybe even hoping for it — something he denies.
But all he’s suggesting is that if a war does break out, we should have already figured out who’d be responsible for what. No squabbling, just open the playbook and get on with it.
The most surprising thing for me is not that the news media reported the views of a disgraced public servant, which you’re welcome to have views about, but that such a book apparently doesn’t already exist.
Chinese hackers target think tank ASPI
The Australian Strategic Policy Institute (ASPI) has been targeted by Chinese hackers, according to The Nightly, the new news outlet from Seven’s Kerry Stokes that’s backed by billionaires Katie Page, Chris Ellison, and Gina Rinehart.
Withdrawing funding for the institute was among 14 demands to the Australian Government released by the Chinese embassy in 2020.
Among its other grievances was “thinly veiled allegations against China on cyber attacks without any evidence” and a rebuke of the Australian government it repeated as recently as last fortnight when a Chinese Foreign Ministry spokesperson said “China firmly opposes and combats all kinds of cyber attacks”.
ASPI is an independent think tank funded in part by the Australian defence department, with around a quarter of funding coming from the defence industry. Unsurprisingly, it does quite a bit of work on China.
The ASPI has contracts to deliver military research and training to the Department of Defence and cyber intelligence agency the Australian Signals Directorate.
The Nightly has published some of the internal chats from the Chinese hacker group, including complaints about being told to work faster while being tasked with disrupting “a big asset in two days”.
As an aside, ASPI’s The Strategist is a solid analysis and opinion site, and their Daily Cyber and Tech Digest newsletter is a must-read for anyone who’s been reading this far.
AFP Operation Ironside could be sunk by the High Court
A few years back the Australian Federal Police (AFP) ran Operation Ironside, part of an international collaboration in which secure smartphones with a modified version of the encrypted messaging app AN0M were distributed and used to access alleged criminals’ communications.
Around 250 people were charged in Australia, with more than a thousand being arrested worldwide.
In Australia these prosecutions are now likely to be challenged in High Court, because the evidence gathered by AN0M may be inadmissible in court.
Currently that admissibility is the subject of a lengthy trial in South Australia, and we won’t know the answer until a least the middle of next year.
Why not forward this email to a friend?
Well, why not? The more people this reaches, the more inspired I am to keep doing it.
Also in the news
- The AFP has arrested a man for allegedly developing and selling the Firebird hacking tool. Also, Five Australians arrested in global raid on phishing kit seller LabHost, which has reportedly been used to steal the personal information of 94,000 people.
- “Social media pages ‘infamous’ for spreading misinformation have been taken down after the Wakeley church stabbing attack, the New South Wales premier, Chris Minns, said on Thursday, while expressing alarm at the ‘wildfire’ of rumour and graphic content still proliferating on tech platforms,” reported the Guardian.
Inquiries of note
Nothing new this week.
Elsewhere
- Barbeques Galore starts work on AI roadmap, because flogging barbecues really needs AI-assisted... something? I guess Kool-Aid™ and snake oil go well with a nice steak.
- It’s not directly related to this newsletter’s zone of interest, but the Senate committee looking at a Royal Commission into COVID-19 has delivered its report including proposed terms of reference.
What’s next?
Parliament is currently on break until Budget Night on Tuesday 14 May, unless of course something dramatic happens.
On Wednesday 24 April more agencies will be giving evidence to the Inquiry into the failed visa privatisation process and the implementation of other public sector IT procurements and projects.
Any questions or comments? Just reply to this email. Cheers.
The Weekly Cybers is a personal look at what the Australian government has been saying and doing in the digital and cyber realms, on various adjacent topics, and whatever else interests me, Stilgherrian, published every Friday afternoon (nearly).
If I’ve missed anything, or if there’s any specific items you’d like me to follow, please let me know.
If you find this newsletter useful, please consider throwing a tip into the tip jar.
This is not specifically a cyber *security* newsletter. For that that I recommend Risky Biz News and Cyber Daily, among others.