Australian Cyber Security Centre Releases First Cyber Threat Report

The Australian Cyber Security Centre (“ACSC”), an Australian Government initiative for public and private sector cooperation and collaboration on cyber security, has released its first report.  The report describes the cyber adversaries targeting Australian networks, both government and public, and explains the types of activities designed to compromise network security.  The report also provides a number of mitigation strategies to defend against cyber threats.

The ACSC is made up of government agencies including the Australian Crime Commission, Australian Federal Police, Australian Security Intelligence Organisation, Australian Signals Directorate, Computer Emergency Response Team (“CERT”) Australia, and the Defence Intelligence Organisation.  Although the partner agencies are all in the public sector, the ACSC serves as a hub for both public and private sector organizations to collaborate and share information in a joint effort to combat malicious cyber activities threatening Australian networks.  According to the report, the ACSC is actively reaching out to industry to establish partnerships to improve collective understanding of the cyber security and threat landscape.

ACSC Report

Cyber Adversaries and the Threat Environment

As Australian business and government become increasingly reliant on the internet to conduct everyday dealings, its networks also become more prone to malicious cyber activity such has cyber espionage, cyber attack, and cybercrime.  The ACSC defines a cyber adversary as “an individual or organization (including an agency of a nation state) that conducts cyber espionage, crime or attack.”

The report specifies three types of cyber adversaries:

  • Foreign state-sponsored adversaries tend to have the most advanced and sophisticated tools to conduct malicious cyber activity, and are likely seeking information related to economic, defense, foreign policy, and security that will provide a strategic advantage.
  • Serious and organized criminals are financially motivated criminals that exploit systems for financial gain.
  • Issue motivated groups and individuals with personal grievances, include hacktivists, individuals and groups that aim to gain publicity for their causes, as well as themselves.

The report further identifies the different types of threats to networks, and provides specific examples of malicious cyber activity that has targeted Australian networks in the past.

  • Cyber espionage is defined as an “offensive activity designed to covertly collect information from a user’s computer network for intelligence purposes.”  The ACSC recognizes the damaging impact cyber espionage can have on its national security as well as its economic prosperity.  Most importantly, Australia’s geopolitical posture (a member of the Five Eyes) and abundant resources (uranium, iron) make it a prime target.
  • Cyber attack is defined as a “deliberate act through cyber space to manipulate, destruct, deny, degrade or destroy computers or networks, or the information resident in them, with the effect, in cyber space or the physical world, of seriously compromising national security, stability or prosperity.”  The ACSC does not find the likelihood of a cyber attack to be very high, unless Australia is engaged in “heightened tension or escalation to conflict” with another country.  It goes on to explain that although non-state actors may also have the tools to conduct such attacks, these groups are more likely to continue with activity that merely attracts attention such as vandalism.
  • Cybercrime is defined as “criminal acts that involving the use of computers or other information and communications technology (“ICT”).”  The ACSC divides cyber crime into two categories.  First, pure cybercrimes which are directed at computers or other ICT such as gaining unauthorized access to a computer or modifying data contained within a system.  The second, technology-enabled crimes, are crimes where computers serve an integral role such as online identity theft and fraud or child pornography.

The ACSC encourages greater collaboration and cooperation between public and private sector organizations, and even suggests that a relationship of information sharing is necessary to develop effective cyber security.

The full ACSC 2015 Report can be found here.



Tags: , ,

Leave a Reply

You must be logged in to post a comment.


Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Ryan D. White

Ryan D. WhiteRyan is currently a third year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic. Full biography

Shelby E. Mann

Ryan D. WhiteShelby is a second year law student at the Syracuse University College of Law. During her final year at the University of Missouri, she served as a full-time news producer for ABC 17 News. Shelby spent her first summer of law school at the Shelby County District Attorney General's Office in Memphis, Tenn., in the Public Corruption and Economic Crimes Unit. She is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and the senior editor for the Syrian Accountability Project. Full biography

Christopher w. FolkChristopher W. Folk

is a 2017 graduate of SU College of Law. A non-traditional student, Christopher returned to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering. Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Anna Maria Castillo

Anna Maria Castillois 2016 graduate of Syracuse College of Law. She also holds a Master of Arts in International Relations from Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She served as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a 2015 graduate of Syracuse College of Law and is a prosecutor. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She was a member of the Syracuse National Trial Team and was awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She wrote for this blog when a student. She is now a member of the U.S. Army Judge Advocate General's Corps.

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography