The Australian Signals Directorate, a grey and dull-looking building in the defence precinct on a hill above Lake Burley Griffin in Canberra, houses the nation's offensive cyber capability.
This power to attack other countries or non-state adversaries digitally – as opposed to merely shielding ourselves against their attacks – was only acknowledged in April when Malcolm Turnbull unveiled his Cyber Security Strategy.
Russia is widely known for the 'quality' of its hacking. Illustration: Michael Mucci
It would be used only in extreme circumstances such as if an enemy posed a serious cyber or other military threat to Australia. But the nation's government agencies and vital industries are routinely being hit by attempted attacks that sit somewhere below that trigger level.
The dilemma of how to respond to these regular jabs from shadowy hackers was underscored for the United States last week when the Democratic National Committee was hacked and information embarrassing to Hillary Clinton released by WikiLeaks. The hackers were widely thought to have been from Russian intelligence and there is a strong suspicion it was done to help Clinton's rival Donald Trump, who for geo-strategic reasons the Kremlin would rather see in the White House come January.
It is feared the surge of cyber attacks may lead to sabotage, manipulation of information and even blackmail of political leaders. Illustration: Stephen Clark
King's College London cyber guru Thomas Rid summed up the view of the security community by branding such a brazen effort by Moscow to interfere in the US's internal politics "a game changer". Yet President Barack Obama's response was mild, saying that if Russia was behind the hack, it would not "wildly" alter Washington-Moscow relations and it was just one more item on a "long list" of differences between the countries.
In the fast-changing world of cyber threats, information is being weaponised in unpredictable ways that are difficult for the victim to respond to.
Cyber attacks are cheaper than armies. They get to ignore geography. They can be conducted in a way that makes it hard for the victim country to prove who did it without revealing its own capabilities.
"They can invest smaller amounts of money and people and asymmetrically get more for it," said Alastair MacGibbon, special adviser to the prime minister on cyber security.
Prime Minister Malcolm Turnbull has pledged $230 million over four years under the Cyber Security Strategy. Photo: Fairfax Media
"The internet gives great scope to nation-states, trouble-makers and various threat actors to do things from their lounge room that otherwise they would have had to do face to face. It's been a great enabler. It knocks down geography and a whole lot of other things that previously would have got in the way."
Canberra has admitted to two major cyber breaches in recent years, one on federal Parliament's email system and the other on the Bureau of Meteorology, which is plugged into other agencies including Defence. Both are suspected of coming from Chinese government hackers.
Hackers struck a blow to the Democratic National Committee when information embarrassing to Hillary Clinton, pictured with Bernie Sanders, was released by WikiLeaks. Photo: AP
Concerns over the security of government information hit the headlines again this week as Australians began filling out the census largely online, with personal details being held on government systems for four years.
Serious cyber attacks are designed for warfare situations – the first shots in a conflict between major powers would be digital, attempting to take out the other side's ability to command and control their forces. But the same capabilities can be used in scenarios well short of war to coerce, intimidate and influence, just as traditional military hardware can be used in the way it is now in the South China Sea.
"The internet gives great scope to nation-states, trouble-makers and various threat actors to do things from their lounge room that otherwise they would have had to do face to face. Alastair MacGibbon, cyber security adviser
Tobias Feakin, a cyber expert with the Australian Strategic Policy Institute and an independent adviser on the government's classified Cyber Security Review, said Russia was already suspected of having used cyber for "political destabilisation and interference in its near region" in the form of attacks on Ukraine and Estonia that weren't wartime operations.
Feakin is one of those who believes the Democratic National Committee case was a "quite dangerous" watershed moment, assuming it was indeed Russia as reported.
Russian hackers are suspected to have struck to help Republican presidential candidate Donald Trump. Photo: New York Times
"It is crossing the boundary around non-interference in a state political process … almost to weaponising that information and making it harmful to another government without having to confront it."
One veteran security insider told Fairfax Media such state-on-state attempts at cyber coercion are likely being done "on a much wider scale than you would think and … certainly than is reported".
The use of hackers may be one of a 'long list' of differences between Russia and the US. Photo: AP
He said there was "potential for this to go seriously astray" with sabotage, manipulation of information and even blackmail of political leaders all becoming possible.
"We've created a new monster that will allow people to manipulate information for political gain," the insider said.
The Australian Cyber Security Centre in Canberra reports a growing range of cybersecurity threats. Photo: Bryan Doherty
In a similar vein, MacGibbon noted everyone has information they wouldn't want to be made public.
"I can guarantee you I've got some of that stuff. I'm suspecting you do as well, whether it's about my personal life, or my personal finances. Could people release that for the purposes of embarrassment and causing resignation? Absolutely. Would it be nation-states or just malicious people who do it? Yes, it could be anyone."
China, along with Russia, is considered one of the major culprits for cyber attacks on countries such as Australia. Photo: Reuters
A spokesman for the Australian Cyber Security Centre, housed in ASIO's headquarters in Canberra, said the centre was seeing a "variety of intrusion activity based on a growing range of cybersecurity threats".
"Foreign state-sponsored adversaries are targeting the networks of the Australian government (including state and territory), industry and individuals to satisfy requirements for economic, foreign policy, defence and security information, to gain advantage over Australia," he said.
He declined to say where the attacks came from, saying that would "jeopardise ongoing investigations, monitoring of incidents and the ability to protect information and networks".
"The more that is disclosed about cyber incidents, the more that the perpetrators will know about our capability and the methods we have for detecting cyber threats."
Everyone in the business knows China and Russia are considered the major culprits in attacks on countries such as Australia. Feakin said Russia was known for the quality of its hacking, China for the quantity.
Both use proxies, hackers who are outside the countries' intelligence agencies but do their bidding.
Where Russia is more about political destabilisation, China has a tradition of economic espionage.
There isn't any obvious looming scenario in which another country such as China might try to influence or destabilise Australia politically, Feakin said.
But he said that amid the great strategic change going on in our region and as a major US ally, there would be strong interest "in how powerful players are thinking, what future actions might be taken".
"The political cycle is always of interest for countries that might be non-aligned with us strategically."
The Turnbull government has pledged $230 million over four years under its Cyber Security Strategy for new staff and resources. The Defence White Paper put a heavy focus on cyber with a further $400 million over 10 years, noting there were more than 1200 attacks on government agencies and nationally critical sectors such as defence industry in 2015 – a steady rise on previous years.
MacGibbon said in the 15 years he's been working in cybersecurity, as a federal police officer, a consultant and a government adviser, there's been a "progressive realisation by agencies" in government that they are vulnerable.
"I would not be so churlish as to say to you that we've reached Nirvana in terms of agencies accepting that they need to mitigate those risks really aggressively," he said.
"We have a way to go, there's no doubt. But I would tell you that in 2016, we are better placed than we were in 2006."
But he adds that no security will ever be perfect. Foreign cyber operations will get through.
This means countries including Australia need to figure out ways to respond, Feakin said. Hitting back needn't necessarily be done digitally. The US for instance has considered economic sanctions against Chinese hackers. Diplomatic responses are also an option.
But eye-for-an-eye responses are unlikely when it's hard to prove who was behind the hack without exposing one's own classified capabilities. China and Russia are "some of the worst offenders" when it comes to using criminal and hacktivist groups as proxies to carry out attacks, Feakin said.
"Without the categorical, 100 per cent proof, it becomes almost impossible to take action."
Turnbull said on revealing the ASD's offensive capability in April that by finally going public on a capability whose existence had long been assumed, he was adding "a level of deterrence".
So why don't we just surreptitiously hit back in kind whenever we are attacked? Turnbull noted that Australia would only use offensive cyber lawfully and consistent with "the international rules-based order".
In other words, we have better standards. The Inspector-General of Intelligence and Security – a watchdog on spy agencies – Margaret Stone addressed this question to an audience of intelligence officials and experts this week. In short, she said Australia is not Russia. But this raised a looming problem – do we have to lower our standards to keep up? Stone said she didn't think so but acknowledged it was a challenge.
"The task that our intelligence agencies, particularly in the international area, are being asked to do, is becoming increasingly complex and increasingly difficult. But the demand is greater," Stone said. "So does that lead to a push for lower standards? ... I think that that is a real issue."
TNT Price at posting:
14.5¢ Sentiment: Buy Disclosure: Held