Juha Saarinen: Australia to cyber the world

On the one hand, there are signs that politicians finally understand at least some of the wide-ranging consequences of internetworked technology - as happened across the Tasman, where the Turnbull government officially updated Australia's IT security policy (

)

It's hard to see how you could build a society and economy with IT increasingly entrenched at the core of both, without taking security seriously and acknowledging data and privacy breaches so that they can be dealt with.

On the other hand, it seems a shame to warp that understanding with an enormous amount of "cyber", a term that used to be a geek joke, but which is now a cover-all for anything networked.

Where you go "stop the bytes, I want to get off" (with apologies to Stilgherrian, who wrote a very good take on the new initiative) is when Turnbull goes on about how Australia can strike back in case of cyber attacks.

The Chinese are being singled out again, with some justification, but it'd be silly to think Australia would respond to hack attacks from the Middle Kingdom with fusillades of internet data packets from fortified routers or something.

There are no doubt skilled hackers in Australia who can hack back and cause damage on Chinese systems.

Also, there is long-established tradition in information warfare that's reached new heights through the internet as is evident from NATO, which just finished its annual Locked Shields exercise where teams from 26 countries tried to hack each other, and to defend against the networked attacks.

That sounds really dramatic until you realise that the main point of Locked Shields is information sharing on new vulnerabilities, defenses against these, and technological developments, between the different NATO countries involved in the manoeuvres.

It means skilled geeks getting together, chatting about things and staring at computer screens, trying to spot the non-obvious vulnerability in the matrix and working out what to do with it.

Related articles:

Simple mistake led to Houston Astros hack

21 Jul, 2016 6:10am

2 minutes to read

This isn't to say it's trivial or not important, because it is.

We depend on the internet for information flows and control of infrastructure, and keyboard warriors have already been deployed for sabotage and misinformation.
Still, it's mundane IT security work that makes normal people's eyes glaze over in seconds, so dressing it up as "Locked Shields" is done to ensure political support and further funding.

At first, it seemed strange that NATO would openly advertise its IT security capabilities with Locked Shields because it'd make more sense to keep them secret for when they're really needed - but then you realise that it's a public relations exercise as well, and posturing to show foes that they can cyber them back (in theory at least).

Gung-ho talk notwithstanding, nobody should start cybering around willy-nilly.
The way the open internet is designed and architected, going berserk with "offensive cyber capabilities" would result in an enormous amount of collateral damage. Any half-skilled hacker knows how to hide the origin of attacks so that it looks like they're coming from somewhere else — usually innocent parties, with vulnerable systems.

You could argue that taking out those exploitable systems is doing the world a favour, but such an approach would quickly backfire on the Australians or anyone else having a go.

If it was easy to work out who exactly does what and from where on the internet, we wouldn't have this cyber security discussion at all.

How the whole cyber security thing across the Tasman pans out remains to be seen, but a quarter of a billion dollars is being sunk on the initiative.

Already, I've had an avalanche of emails from security vendors welcoming the cyber security policy, no doubt hoping for a slice of the action. Now's probably a good time to consider a career in infosec in other words.