Pages

17 June 2019

Intelligence agency could be used for 'offensive cyber' operations in Australia

By David Wroe

Australia's electronic intelligence agency could smash the computer networks of criminals domestically using "offensive cyber" operations presently confined to overseas targets under proposals being discussed among national security officials.

The Australian Signals Directorate (ASD) could also sit within the networks of major Australian power, water, telecommunications and other critical infrastructure companies to help defend them against foreign cyber attacks.

The Sydney Morning Herald and The Age can reveal that a greater domestic role for the ASD remains a live consideration for the Morrison government despite the political firestorm that has erupted since police raided a journalist's home to investigate a top-secret leak of the ASD proposals.

Senior officials have repeatedly stated that the proposal never amounted to spying on Australians - a position strenuously underscored by multiple sources in recent days.

Any changes would mean an expanded role for the ASD domestically, though the agency - which is part of the Defence portfolio - would always be acting in co-ordination with a domestic partner agency.

The ASD would more closely co-ordinate with Home Affairs Minister Peter Dutton's portfolio, within which ASIO and the Australian Federal Police (AFP) sit. Discussions focus around which agency would have the lead in situations where a computer network hosting criminal activity such as child exploitation, terrorism propaganda or drug smuggling needed to be disrupted.

Under scenarios discussed, the AFP or ASIO would still be the investigators, but could turn to the ASD if they wanted to disrupt online criminal activity that couldn't be stopped using traditional law enforcement or investigation methods.

The ASD currently carries out so-called "offensive" cyber operations against overseas threats, for instance if hackers in inaccessible legal jurisdictions are attacking Australian networks or if terrorists in war zones pose a danger to Australians. Under the proposals, the agency could also do this domestically.

The changes are intended to recognise that in the age of cloud computing, virtual private networks, proxy servers and encryption, the distinction between onshore and offshore networks and data has become blurred.

There is also deep concern within the government that Australia's critical infrastructure is vulnerable to a major cyber attack, especially from a foreign government.

The computer servers of Australia’s major political parties have been hit by a cyber-attack with a “sophisticated state actor” suspected to be behind the plot, says the prime minister.

Currently the ASD advises the private sector, including critical infrastructure operators, on how to protect itself. One option now being canvassed is for the ASD to be able to sit within firms' computer networks - with the firms' knowledge - to help protect them.

The ASD collects foreign communications or "signals intelligence", but it is also charged with protecting critical Australian networks against cyber threats. The collection side of the agency's role would not be affected by any changes.

Mr Dutton said last year after the original leak to News Corp: "If we had a capacity to disrupt, for example, the live streaming of children being sexually exploited, would we explore ways that we could do that within the law? Of course we would. So we will have a look at all of those options."

A government spokesman said this week: "The government's position has not changed since statements were made on this matter last year."

Mr Dutton's Home Affairs Department boss, Mike Pezzullo, explained the proposals in broad terms last year after the leaks, saying the only "potential new powers and functions" concerned whether ASD might be used "in the disruption of cybercrime where the whole, or parts, of the relevant cyber network are hosted on Australian telecommunications infrastructure" and "in the active defence of certain critical national networks".

It is understood a key part of the continuing internal bureaucratic discussion is around what kinds of protections would be required, such as warrants, ministerial authorisations and oversight by the intelligence watchdog, the Inspector-General of Intelligence and Security.

No comments:

Post a Comment