Former ASIO boss warns on energy sector cyber

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

Energy experts and a former ASIO chief have warned that Australia’s critical energy infrastructure was growing in complexity and vulnerability to cyber-attacks, but a commensurate uplift in resilience has not occurred.

Former ASIO director general and current chair of the Foreign Investment Review Board David Irvine said energy was one of many Australian sectors lacking sufficient cyber resilience, and that most local organisations are not “caring enough” about the new “tool of warfare”.

Progress is being made but not quickly enough, and Australia is vulnerable to sophisticated cyber attacks, Mr Irvine told an Australia Israel Chamber of Commerce Business lunch on Friday.

“Nation states are busily working on what we call hybrid warfare; the ability, without actually shooting people, to bring opposing states to their knees.”

Former ASIO director general and current chair of the Foreign Investment Review Board David Irvine

Russia has already deployed hybrid warfare against several countries in Europe, and the tactic now poses a serious threat to Australia, according to the former ASIO boss.

“This is now a threat that is on our horizon, and we really need to work hard because, as I keep saying, the wars of the 21st century are going to be fought in cyberspace before a kinetic shot is fired.”

Those same cyber warfare tools are also increasingly popular weapons for criminal attackers, Mr Irvine said, but Australian industry and governments have been slow to prepare for attacks and how they will respond.

“As a nation, we have to have responses,” he said.  “And we have been, as a nation, very slow to come to the understanding of those needs for responses.”

Mr Irvine said boards now understand the threat of cyber-attacks, much more than they did in 2009 when he worked as ASIO chief, but most are still “grappling” with how to handle an attack.

Governments, too, have improved their cyber posture but more needs to be done, according to Mr Irvine, who is also a non-executive director of the Cyber Security Cooperative Research Centre.

He said the Department of Home Affairs’ Critical Infrastructure Centre had asked the Foreign Investment…