The Weekly Cybers #30
Lots of small items this week, because we’re in the calm before the storm of Parliament’s spring sitting — except for myGov fraud, Centrepay, and some routine reports.
Welcome
It’s the calm before the storm! Normally I find a few things to write about at more length, but this week it’s just a collection of smaller stories under “Also in the news”.
If you want to go digging, I reckon the Commonwealth Ombudsman’s report on myGov fraud, the first item listed, would be well worth your time.
Next week, Dear Reader, it’ll be way busy! And we’ll be back at our usual length of around 1,700 words.
A special welcome to The Sizzle readers
If you’re a reader of Anthony Agius’ newsletter The Sizzle after this week’s plug, a double welcome. I hope you find this useful.
I should warn you that this newsletter is about Australia and particularly about “what the Australian government has been saying and doing in the digital and cyber realms, on various adjacent topics, and whatever else interests me”.
I’m especially interested in staying ahead of government decisions, while there’s still time for us mere citizens to make a difference.
This is not a cyber security newsletter. For that that I recommend Risky Biz News. Nor do I cover the technology itself or consumer electronics. Plenty of people do that already.
This newsletter is not for everyone, and I’m OK with that.
Did last week’s edition not arrive? Technical weirdnesses prevented some of you being sent last week’s newsletter, and possibly others before that. The lovely people at Buttondown and I believe the problem has been fixed. Meanwhile you can always check the web archive late Friday afternoons — and let me know if you have problems.
Also in the news
- Services Australia is planning a sweeping security uplift for myGov. That’s because the Commonwealth Ombudsman published a scathing report on fraud via the platform, Keeping myGov secure (PDF). Tl;dr: It was rubbish.
- PM Anthony Albanese says social media companies shouldn’t “ride free” on the backs of traditional media, whatever that means. So it’s looking more and more like the big platforms will be hit with a tax of some sort. Sorry, a “levy”.
- A Senate committee has released its report on the Criminal Code Amendment (Deepfake Sexual Material) Bill 2024. The recommendations are mostly about technicalities, but they include continuing the work “in relation to development of harmonised offences across Australian jurisdictions”.
- In sharp contrast to the robodebt debacle, the government is doing something about the abuse of Centrepay, the system through which companies can deduct money directly from people’s Centrelink payments.
- Defence is trialling four containerised computer rooms. I’m fairly sure various other armed forces have had these for some time.
- We have a government response to the committee review of the Digital ID Bill 2023 and the Digital ID (Transitional and Consequential Provisions) Bill 2023, but since those bills are now law this is just a procedural thing.
- We also have a government response to the inquiry into media diversity. It’s only just been posted, late on Friday afternoon, so it’s either totally boring or totally controversial.
- Accenture has scored a $10.5 million contract and former PwC consultants Scyne Advisory a contract worth $12.8 to roll out IT to implement the new Aged Care Act, due to start operating on 1 July 2025.
Data breaches and hacks of note
- Geelong-based specialist engineering firm Kempe Engineering has suffered a data breach.
- Australian furniture retailer Early Settler has confirmed a data breach.
Elsewhere
- This is big. A US judge has ruled that Google has built an illegal monopoly over the online search and advertising industry by making multibillion-dollar deals. Will those agreements evaporate?, wonders the Guardian.
- This is less big. ASIO has raised the National Terrorism Threat Level from POSSIBLE to PROBABLE. Since this isn’t tied to any specific precautions or actions or advice apart from hand-waving, “Australians should be aware, but not afraid”, you can probably proceed as usual. (This is not security advice.)
- CrowdStrike has released the root cause analysis of its recent massive outage. Some people reckon it’s a beginner’s level mistake. You ay also like this nerdful commentary from a cybersecurity expert. Meanwhile the company is being hit with plenty of lawsuits, including from its own shareholders.
- Australian science magazine COSMOS, now owned by CSIRO, has been publishing AI-generated articles, making people unhappy.
- On Thursday I spoke about the COSMOS story and other things on ABC Radio’s RN Drive: TikTok and body image, COSMOS using AI to publish articles. I also spoke briefly about the next item.
- From 404 Media, Where Facebook’s AI slop comes from ($). “Facebook itself is paying creators in India, Vietnam, and the Philippines for bizarre AI spam that they are learning to make from YouTube influencers and guides sold on Telegram.”
Inquiries of note
- Treasury has launched a consultation on the Consumer Data Right Rules in relation to consent and operational enhancement. Submissions close 9 September.
- The Australian Competition and Consumer Commission (ACCC) has issued a consultation paper on changes to the Internet Activity Record Keeping Rules. sounds exciting? Well one issue, reports iTnews, is adding Elon Musk’s Starlink as a reporting entity. Apparently Starlink has more than 200,000 customers here. Submissions close 30 August.
What’s next?
Parliament returns from its long winter break this Monday 12 August and will run for two weeks. We already have the draft legislation program.
In the Senate we can expect to see debate on the Criminal Code Amendment (Deepfake Sexual Material) Bill 2024 mentioned above, and the Telecommunications Amendment (SMS Sender ID Register) Bill 2024.
The Treasury Laws Amendment (Consumer Data Right) Bill 2022 is also listed as “non-controversial legislation”, which means it should go straight to the vote.
In the House of Representatives there’s a range of stuff related to the Future Made in Australia program.
Any questions or comments? Just reply to this email. Cheers.
Vale 2 August 2024
The Weekly Cybers is a personal look at what the Australian government has been saying and doing in the digital and cyber realms, on various adjacent topics, and whatever else interests me, Stilgherrian, published every Friday afternoon (nearly).
If I’ve missed anything, or if there’s any specific items you’d like me to follow, please let me know.
If you find this newsletter useful, please consider throwing a tip into the tip jar.
This is not specifically a cyber *security* newsletter. For that that I recommend Risky Biz News and Cyber Daily, among others.