“We face a time of great global challenge,” said Clare O’Neil, Home Affairs and Cyber Security Minister at the National Press Club on Thursday.
At the event, Home Affairs Minister Clare O’Neil spoke about the rising cyber risks confronting Australia today. Because of the heightened risks, O’Neil announced a ‘major’ program to develop a new cybersecurity strategy for the country, and voiced her wish to make Australia the most cyber secure country in the world by 2030.
“The cyber security strategy will help Australia bring the whole nation into the fight to protect our citizens and to protect our economy.”
“It will help us strengthen critical infrastructure and government networks, it will help us build sovereign capabilities in cybersecurity because this is something Australia must be able to do for itself.”
“This threat is huge, it’s relentless and it’s only getting bigger.”
Clare O’Neil, Home Affairs and Cyber Security Minister
Major cyberattacks
Two of the most serious cyberattacks in Australia’s history happened in September and October this year. In September, the Australian telecommunications giant Optus was subject to a successful cyberattack. The data of about 10 million customers was stolen, which is roughly equivalent to 40% of the country’s population.
Three weeks later, Medibank, one of the largest Australian private health insurance providers, was hacked. Hackers gained access to the data of 9.7 million current and former customers, including 5.1 million Medibank customers, 2.8 million Australians and 1.8 million international customers.
The hackers, who Australian federal police said were located in Russia, wanted Medibank to pay a A$15m (S$10m) ransom. Medibank refused, and the hackers then posted some of the data online, including 1,500 records related to claims on chronic conditions such as heart disease, as well as patient details of people with cancer, dementia, mental health conditions and infections.
The minister said that she was “so proud’ of how the Australian people had acted after the publication, and said that she had found no evidence of republication in either newspapers or on social media.
“We stood up to a bully and we won.”
“The cyber security strategy will help Australia bring the whole nation into the fight to protect our citizens and to protect our economy.”
Clare O’Neil
The minister also pointed out that National Australian Bank and the Australian Tax Office are each respectively subject to 50 million and 3 million attempted attacks each month.
“This threat is huge, it’s relentless and it’s only getting bigger.”
Worst threat since WWII
The former Prime Minister Scott Morrison decided to abolish the cybersecurity ministry when he came to office. Clare O’Neil called the decision an “absolute shocker”, and vowed the Albanese government would “punch back at the hackers” through a collaboration between the Australian Federal Police and the Australian Signals Directorate.
O’Neil passionately argued that the cyber threat is “felt in our economy where we are waking from a cyber slumber, it is felt in our private lives where our identities are under threat and personal information is at risk, it is felt in business and research where Australia’s hard-won innovations are at constant risk of theft”.
“It is felt in our democracy where foreign actors are trying to influence decisions in our parliaments and universities, subjecting Australians to online misinformation and disinformation campaigns which spread like viruses around our communities.”
“Our government’s view is that Australia faces the most dangerous set of strategic circumstances since the Second World War and those circumstances are having a real impact on Australians even when they are at home.”
100-person team
The new strategy will involve a 100-person team who will permanently focus on hunting down people who would seek to do Australia harm, and who would “hack back”.
“It will take some time to get this scene, but when it does, it will change the game for cyber security in our country.”
The minister also indicated that the government had already made some changes to how the country responds to cyberattacks, including legislating a proper penalties regime under the Privacy law.
The cybersecurity project will be led by three experts; Andy Penn, former chief executive at Telstra, Rachael Falk, who helped manage the policy response to the Optus and Medibank hacks, and former Air Force chief Mel Hupfeld.
O’Neil said that their vision is attracting global attention, and that former UK National Cyber Security Centre chief executive and eminent Oxford University Professor Ciaran Martin will also will join the project and lead a global cyber expert panel.
“We got the best minds on the problem.”
The minister also said that this strategy will help Australia strengthen their international engagement, and that Australia will be able to “play a leadership role on the global stage, and work in partnership with our Pacific neighbours to lift cyber security across our region.”
“Our government’s view is that Australia faces the most dangerous set of strategic circumstances since the Second World War and those circumstances are having a real impact on Australians even when they are at home.”
Clare O’Neil, Home Affairs and Cyber Security Minister
O’Neil also argued that, in order to achieve better cybersecurity, all business and citizens must change how they use Internet and behave online.
“We need to prepare for more cyberattacks over the coming years.”
Watch the speech in full here.