TONY EASTLEY: More evidence is emerging of sophisticated attacks by criminals and foreign governments on Australia's computer networks.
Government officials from the spy organisation ASIO as well as Federal Police and computer security experts have joined forces with the top secret Defence Signals Directorate since July to form what's called the Cyber Security Operations Centre.
It's discovered that attacks on company information, apparently conducted by organised crime, turn out to have national security implications.
National security correspondent Matt Brown reports.
MATT BROWN: The Cyber Security Operations Centre has brought experts safeguarding the business sector, police investigating cyber crime and their colleagues from the super secret realm of defence signals intelligence out of their bunkers.
They've all been working under the one roof for the past few months and the cyber security policy chief in the Attorney General's department Mike Rothery says they've already tracked attacks crossing those traditional boundaries.
MIKE ROTHERY: The information that comes in whether it comes in from say a law enforcement source, but where it's determined that the threat may be an espionage case and that information is then passed across to ASIO for them to take the lead.
MATT BROWN: And in those examples that you're talking about, what was the target?
MIKE ROTHERY: We are certainly seeing a targeting of information from the corporate sector that can be commercialised. There has been an acknowledgement from intelligence agencies that some of the operations being conducted by intelligence services from overseas are targeting commercial information from the private sector; information that could be of strategic importance to an economy.
MATT BROWN: The police, spies and anti-hackers need to work together because that's what their enemies have been doing for years.
MIKE ROTHERY: Even though you might suspect that it's an organised crime network that's seeking the information, it could be that they're putting it on the open market to the highest bidder and that could be another government that's actually ending up being the recipient for that information.
MATT BROWN: And it's not just the big end of town that's at risk. Jill Eckhaus, from the US based data industry group AFCOM says many of the world's data centres - privately run information warehouses - are surprisingly vulnerable.
JILL ECKHAUS: Every type of data that you can think of is stored in these centres from military information, government information, personal information, credit card information. It can be scary if attacked.
MATT BROWN: AFCOM has just published an international survey, including responses from 16 Australian centres which shows the industry is underprepared for a cyber terrorist attack. Only a third have factored cyber terrorism into their disaster recovery plans and only a fifth do training to prepare for such an attack.
JILL ECKHAUS: It doesn't matter how unlikely it is. If it happens it's exponential the damage that it can do to not just the corporation but your customers.
MATT BROWN: Mike Rothery from the Attorney General's department says a terrorist attack on a data centre is unlikely. But his alternative focus is hardly more comforting. He's been concentrating on defending simple software that could trigger a nightmare scenario.
MIKE ROTHERY: It's the type of software that actually remotely turns on and off valves and opens gates in dams and controls the power grid and so forth.
MATT BROWN: A group of private sector employees has just returned from training with the US Department of Homeland Security to thwart attacks on these critical systems. They're the fourth to be sent in the past three years. The Government is confident they're learning fast. But like the hacking tools and the viruses they deliver, their efforts are a work in progress.
TONY EASTLEY: National security correspondent Matt Brown reporting.
Government officials from the spy organisation ASIO as well as Federal Police and computer security experts have joined forces with the top secret Defence Signals Directorate since July to form what's called the Cyber Security Operations Centre.
It's discovered that attacks on company information, apparently conducted by organised crime, turn out to have national security implications.
National security correspondent Matt Brown reports.
MATT BROWN: The Cyber Security Operations Centre has brought experts safeguarding the business sector, police investigating cyber crime and their colleagues from the super secret realm of defence signals intelligence out of their bunkers.
They've all been working under the one roof for the past few months and the cyber security policy chief in the Attorney General's department Mike Rothery says they've already tracked attacks crossing those traditional boundaries.
MIKE ROTHERY: The information that comes in whether it comes in from say a law enforcement source, but where it's determined that the threat may be an espionage case and that information is then passed across to ASIO for them to take the lead.
MATT BROWN: And in those examples that you're talking about, what was the target?
MIKE ROTHERY: We are certainly seeing a targeting of information from the corporate sector that can be commercialised. There has been an acknowledgement from intelligence agencies that some of the operations being conducted by intelligence services from overseas are targeting commercial information from the private sector; information that could be of strategic importance to an economy.
MATT BROWN: The police, spies and anti-hackers need to work together because that's what their enemies have been doing for years.
MIKE ROTHERY: Even though you might suspect that it's an organised crime network that's seeking the information, it could be that they're putting it on the open market to the highest bidder and that could be another government that's actually ending up being the recipient for that information.
MATT BROWN: And it's not just the big end of town that's at risk. Jill Eckhaus, from the US based data industry group AFCOM says many of the world's data centres - privately run information warehouses - are surprisingly vulnerable.
JILL ECKHAUS: Every type of data that you can think of is stored in these centres from military information, government information, personal information, credit card information. It can be scary if attacked.
MATT BROWN: AFCOM has just published an international survey, including responses from 16 Australian centres which shows the industry is underprepared for a cyber terrorist attack. Only a third have factored cyber terrorism into their disaster recovery plans and only a fifth do training to prepare for such an attack.
JILL ECKHAUS: It doesn't matter how unlikely it is. If it happens it's exponential the damage that it can do to not just the corporation but your customers.
MATT BROWN: Mike Rothery from the Attorney General's department says a terrorist attack on a data centre is unlikely. But his alternative focus is hardly more comforting. He's been concentrating on defending simple software that could trigger a nightmare scenario.
MIKE ROTHERY: It's the type of software that actually remotely turns on and off valves and opens gates in dams and controls the power grid and so forth.
MATT BROWN: A group of private sector employees has just returned from training with the US Department of Homeland Security to thwart attacks on these critical systems. They're the fourth to be sent in the past three years. The Government is confident they're learning fast. But like the hacking tools and the viruses they deliver, their efforts are a work in progress.
TONY EASTLEY: National security correspondent Matt Brown reporting.
as posted here
