Slashdot Mirror

← Back to Stories (view on slashdot.org)

Aussie Spies Spooked By Cyberwar

Posted by ryuzaki0 on from the what-is-it-good-for dept.

An anonymous reader writes "Wikileaks cables released overnight revealed that Australia's top cyber spy agency (akin to the NSA) was unprepared for cyberwar in the view of other intelligence agencies in 2008. Australian agencies were so concerned they asked US intelligence to provide the framework to defend the country's critical information infrastructure, modelling on the Comprehensive National Cybersecurity Initiative. Spooks also discussed how Israel was preparing to take down Iran's nuclear program and how to stay relevant when so much information that was classified was now open source and available to anyone."

72 comments

  1. This isn't surprising. by Pax+the+Evil · · Score: 2

    We have the only submarines on the planet that can be heard from Alpha Centauri. It's not surprising we're sh*t-scared of cyberwar.

    1. Re:This isn't surprising. by naz404 · · Score: 3, Insightful

      Uhh... Does this mean Australia could have been taken down by Anonymous? They should have asked for help from Amazon instead :P

      --
      http://www.object404.com
    2. Re:This isn't surprising. by MichaelSmith · · Score: 2

      Actually I think the subs are pretty good. Didn't they pwn a US carrier fleet a few years back? But I wouldn't trust the DSD to secure my backups or lock my front door. That would be silly. Describing them as our top cyber spy agency is a bit like describing the Victorian public transport corporation as our top electronic ticketing agency.

      --
      http://michaelsmith.id.au
    3. Re:This isn't surprising. by dwarfsoft · · Score: 4, Funny

      Australia would freely admit that they could be taken down by Anonymous, and therefore Anonymous would leave us alone.

      It's only if we were to taunt them that we would be in real trouble...

      --
      Cheers, Chris
    4. Re:This isn't surprising. by syousef · · Score: 4, Funny

      Australia would freely admit that they could be taken down by Anonymous, and therefore Anonymous would leave us alone.

      It's only if we were to taunt them that we would be in real trouble...

      Sounds like Anonymous Cowardice to me ;-)

      --
      These posts express my own personal views, not those of my employer
    5. Re:This isn't surprising. by The+Fanta+Menace · · Score: 1

      Anonymous seems to mostly go for websites, however (although they did manage to take out Mastercard's transaction server, which was an interesting touch).

      If they only went for Australian government websites, it's no big loss. I don't know why the press went so nuts last year when the Dept of Comms webserver went down - meh, it's hardly important.

      --
      -- Even if a god did exist, why the fsck should I worship it?
    6. Re:This isn't surprising. by Anonymous Coward · · Score: 0

      It's the first time I hear they hit the transaction server. Source?

    7. Re:This isn't surprising. by Anonymous Coward · · Score: 0

      You rang?

    8. Re:This isn't surprising. by Anonymous Coward · · Score: 1

      It is more serious than that.

      Some of the actual details of Australia's "unpreparedness" are common knowledge trhought the industry at least in telecoms. 2008 is _AFTER_ the disastrous outsourcing of most of the backroom functions of Telstra to Satyam.

      It is a very rude awakening for the so called security forces to suddenly wake up and realise that the switch for the nation's communications infrastructure is located in company in another country, that company is a fraud and on top of that key functions have been further subcontracted god knows where else.

      It is nice to see that the Aussies have actually _AWOKEN_ here and asked what to do. That awakening is yet to happen in many other places.

      Anonymously - for obvious reasons as I am in a country which is in a deeper sh*t as its telco has bought off the Satyam leftovers through a similarly Satyamish company it operates for its needs.

    9. Re:This isn't surprising. by Anonymous Coward · · Score: 1

      They are quite good. They had a few very expensive glitches when they started out, predominately computer related if memory serves me correctly, however the subs are very quiet even with being one of the largest, if not the largest, diesel electrics in the world.

    10. Re:This isn't surprising. by The+Fanta+Menace · · Score: 1

      Ok, I'm not quite right, it's Securecode that went down: http://www.bbc.co.uk/news/technology-11935539. Apparently prevented some web transactions from going through.

      --
      -- Even if a god did exist, why the fsck should I worship it?
    11. Re:This isn't surprising. by Sulphur · · Score: 1

      It's the first time I hear they hit the transaction server. Source?

      Maybe they have source now.

    12. Re:This isn't surprising. by __aaeuwj6541 · · Score: 1

      since when did the DSD become the main stay of our internet security, and why the hell are we asking americans for help with internet security?

    13. Re:This isn't surprising. by Anonymous Coward · · Score: 0

      ...what?

    14. Re:This isn't surprising. by Anonymous Coward · · Score: 1

      Actually I think the subs are pretty good. Didn't they pwn a US carrier fleet a few years back?

      What, during the US-Australia War of 2006?

    15. Re:This isn't surprising. by Trent+Hawkins · · Score: 1

      Chicken: these wolves have freaked out, they can creep in and kill us any time they want! Sheep, you got any ideas?
      Sheep: The trick is to stand perfectly still at all times.

    16. Re:This isn't surprising. by Anonymous Coward · · Score: 0

      We aren't part of Anonymous, we are just the people that want Anonymous to leave us alone.
      Thus we say we are cowards, every time, to remind them.

  2. In retrospect... by gandhi_2 · · Score: 5, Insightful

    ...asking the US for tips on information security wasn't probably the best idea.

    --
    THL phish sticks
    1. Re:In retrospect... by rtb61 · · Score: 2

      If you compare the news article to the secret document released, the journalist really, really stretched one paragraph. To quote "Australian intelligence would need to stay engaged with its US counterparts to share lessons learned in the cyber arena", certainly the US has demonstrated many things not to do and Australian Intelligence has likely learned from them.

      Likely Australia is far better off expanding the role of ACMA http://www.acma.gov.au/WEB/HOMEPAGE/pc=HOME, to investigate 'cybercrime' and make use of other authorities, State Police for local action and Interpol, ASIO and ambassadorial staff for overseas actions.

      Internet security is really a civilian thing and done largely in public as a shared effort, firstly to protect people from attacks and secondly to prosecute those carrying out those attacks.

      As far as defence is concerned the US after Iraq has proved that it can't really be trusted where the financial interests of it's defence and oil industry can readily outweigh it's defence treaties and the value it places upon honouring the shared trust with allies. So the big cyberdefence thing is the localised production of electronic components to be used in critical infrastructure as well as the computer software required to make it run, basically in the internet age, 'NO' other country can be trusted. You don't want to be drawn into someone else's idiotic cyber war because an ally decided to compromise your systems to make it look like someone else did (something the US has proved it is quite willing to do with it supplied false intelligence data about the threat from Iraq).

      --
      Chaos - everything, everywhere, everywhen
    2. Re:In retrospect... by TapeCutter · · Score: 3, Funny

      At least the US knows where to find the documents, one of our MP's is still trying to locate them.

      --
      And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
    3. Re:In retrospect... by Anonymous Coward · · Score: 0

      At least the US knows where to find the documents, one of our MP's is still trying to locate them.

      Yeah, mate... put in this light, the US intelligence doesn't sound as an oxymoron anymore.

    4. Re:In retrospect... by thegarbz · · Score: 2

      Sorry but we don't need ANOTHER group with idiotic authorities. The typical evolution of the idea would be:

      1. ACMA (Australian Communications and Media Authority - the FCC of Australia) starts investigating cybercrime.
      2. ACMA lobbies government for more powers to more effectively investigate cybercrime.
      3. ACMA granted powers to wiretap in the name of national security.
      4. ACMA lobbied by the ARIA (Australian Record Industry Association - self explanatory) to investigate copyright infringement.
      5. ??? 6. Profit. For everyone except the people who the original idea was supposed to protect.

      I mean the AFP (Australian Federal Police) have the authority already and also have a dedicated department to handle the issues called the AHTCC (Australian High Tech Crime Centre). What benefit do you gain by moving everyone in that department to the ACMA and passing yet more legislation to give yet another government body more authority to do the same things another government agency already does?

      My head hurts.

    5. Re:In retrospect... by Anonymous Coward · · Score: 0

      If you compare the news article to the secret document released, the journalist really, really stretched one paragraph.

      See, that's why we shouldn't release the cables publicly, but only disclose them to journalists, so that they can digest the information, research it and make informed and insightful articles... FAIL !

      That is exactly why we should release the cables publicly.
      That someone on Slashdot is doing a better job than a journalist just by taking a look at the cable and not trying to make up a juicy story is very telling IMO

    6. Re:In retrospect... by Anonymous Coward · · Score: 0

      Now this link shows account suspended. The tweet was: "Mr Assange should be aggressively interrogated until he reveals the location of the stolen cables, so they can be retrieved." from the account BronwynBishopMP.

      Google Cache: http://webcache.googleusercontent.com/search?q=cache:http%3A%2F%2Ftwitter.com%2FBronwynBishopMP%2Fstatus%2F14139358206492672

      Pastebin of the Google Cache source: http://pastebin.com/5G3JgBMH

      Better luck trying to put the cat back in the bag next time

    7. Re:In retrospect... by Anonymous Coward · · Score: 0

      Heh looks like she removed it.

      g cache is still up though.

      "Mr Assange should be aggressively interrogated until he reveals the location of the stolen cables, so they can be retrieved. 6:07 PM Dec 12th via web Retweeted by 100+ people"
      - Bronwyn Bishop

    8. Re:In retrospect... by deniable · · Score: 1

      ASIO is internal only. You may have meant ASIS. The AFP are already doing the cyber-crime thing although some of their budget may have gone to the filter. DSD runs government IT security but they may get replaced by whatever the AusCERT replacement morphs into.

    9. Re:In retrospect... by rtb61 · · Score: 1

      The idea is ACMA remains civilian and thus is a more acceptable place of employment for computer geeks and nerds, rather than the authoritarian structure of military and police forces. So the only thing the do is investigate and analyse system break-ins and suspicion of system break ins, as well as of course assist in the design of secure system.

      The warrants, wire taps et al are still done by the same authorities they just go to ACMA for the technical resource. The main reason to do it that what, is purely and simply to create a more sound employment basis for the type of people required to fulfil the necessary roles (more psychological suitable), to create a suitable training environment to enhance their skills (more readily ties in with that other civilian resource, universities) and to house the necessary technology to analyse the incursions. In the US the FCC could fulfil the same role.

      So strictly speaking a civilian technological resource, which is shared by other military, intelligence and policing resources. It is simply a more sound sensible way of managing it.

      --
      Chaos - everything, everywhere, everywhen
    10. Re:In retrospect... by thegarbz · · Score: 1

      This is a confusing point of view. The ACMA is no different than the police forces. It's the same governmental bureaucracy. The only difference is that there's more of it if you create yet another department with yet more paperwork.

      What makes you think that one place is or isn't an acceptable workplace, and that they can or can't foster the correct training environment? It's all a matter of technical knowhow, and the only thing I can see is downsides given how the AFP is already set up for this kind of thing, already has a trained department, and has no problem sourcing talent (unless you can point to an example to the contrary?)

  3. Same situation by dwarfsoft · · Score: 1

    "...to stay relevant when so much information that was classified was now open source and available to anyone."

    They are now in much the same situation with cables such as this being "open source and available to anyone".

    --
    Cheers, Chris
  4. Heh. by Black+Parrot · · Score: 3, Insightful

    Spooks also discussed how Israel was preparing to take down Iran's nuclear program and how to stay relevant when so much information that was classified was now open source and available to anyone.

    Well, they got *that* part right.

    --
    Sheesh, evil *and* a jerk. -- Jade
    1. Re:Heh. by volpe · · Score: 1

      Spooks also discussed how Israel was preparing to take down Iran's nuclear program and how to stay relevant when so much information that was classified was now open source and available to anyone.

      Well, they got *that* part right.

      They did? What part did they get right? The part about "open source" being synonymous with "leaked"? Or the part about classified information no longer being classified once it's leaked?

    2. Re:Heh. by Anonymous Coward · · Score: 0

      GPL or BSD?

  5. Complete solution in five words by Anonymous Coward · · Score: 0

    Disconnect it from the Internet.

    1. Re:Complete solution in five words by Barny · · Score: 1

      Redundant solution, any of their secure computers are fully isolated from the net, along with protocols in place that no removable media are allowed near them and any old hard drives are put through an incinerator.

      That's not the problem they have, its mainly to do with having the infrastructure that keeps a country 'working' being attacked, power, water, emergency services, etc.

      --
      ...
      /me sighs
    2. Re:Complete solution in five words by MichaelSmith · · Score: 3, Interesting

      I think the root cause with the DSD is that they don't pay very well. I looked at it as a grad and it wasn't too bad. These days grads are probably pretty good in the crypto department but I doubt they get listened too inside the first twenty years. By that time the good ones have left.

      Ask yourself: why didn't they hire Julian Assange? I am sure the cultural reasons will fill several pages for a start.

      --
      http://michaelsmith.id.au
    3. Re:Complete solution in five words by macshit · · Score: 1

      Ask yourself: why didn't they hire Julian Assange? I am sure the cultural reasons will fill several pages for a start.

      Wait... Julian Assange has actual skills?!

      --
      We live, as we dream -- alone....
    4. Re:Complete solution in five words by Nikker · · Score: 1

      Basically if any one "thing" can be turned on or off and any one person has the motivation to flip the switch it will likely be done. The over use of technology is so massively redundant I really doubt there is a way to protect a switch that can be thrown miles away from a coffee shop while reading the daily paper. I bet even if we removed every wire that ultimately influenced the operation of any device the first thing we would do is create a robot that could walk over to the switch and flip it, hell put the web cam on top on facebook for good measure.

      --
      A loop, by its nature, continues. If that didn't make sense, start reading this sentence again.
    5. Re:Complete solution in five words by MichaelSmith · · Score: 4, Informative

      Ask yourself: why didn't they hire Julian Assange? I am sure the cultural reasons will fill several pages for a start.

      Wait... Julian Assange has actual skills?!

      Yes [1] [2]

      --
      http://michaelsmith.id.au
    6. Re:Complete solution in five words by Dhalka226 · · Score: 1

      I imagine the fact that he is a felon in Australia with a history of mental breakdowns would top the list. And no, I'm not talking about anything to do with Wikileaks.

    7. Re:Complete solution in five words by MichaelSmith · · Score: 1

      I imagine the fact that he is a felon in Australia with a history of mental breakdowns would top the list.

      Hasn't always been the case. The fact is that the brightest people don't go to places like the DSD.

      --
      http://michaelsmith.id.au
    8. Re:Complete solution in five words by Anonymous Coward · · Score: 4, Insightful

      why didn't they hire Julian Assange

      Any organization that deals with information security has an obvious (and paradoxical) problem when hiring talent: The most talented (if not experienced) people in information technology as well as security are hackers. Hackers are young, curious, idealistic, independent and anti-authoritarian. The very traits that comprise their talent also make them a potential liability in a rigid command structure.

    9. Re:Complete solution in five words by Anonymous Coward · · Score: 0

      Ask yourself: why didn't they hire Julian Assange? I am sure the cultural reasons will fill several pages for a start.

      Because he can't keep a secret?

    10. Re:Complete solution in five words by Anonymous Coward · · Score: 2, Insightful

      Ask yourself: why didn't they hire Julian Assange? I am sure the cultural reasons will fill several pages for a start.

      He most likely never applied?

      Intelligence agencies are arguably disadvantaged with hiring because of the high level of secrecy involved. Some thoughts on why this may be the case:

      • Candidates have little knowledge of their role and responsibilities until they've completed the application process and ~12 month vetting process.
      • Other organizations can offer scholarships and internships to attract new graduate talent with little cost and risk involved. Intelligence agencies on the other hand will have a lengthy wait for security clearances and will be exposed to the non-recoverable processing costs.
      • Applicants have a degree of uncertainty about career progression in an intelligence agency due to the lack of public visibility.
      • Applicants may incorrectly assume that something in their past would disqualify them from a position.
      • The application processes used by intelligence agencies are lengthy and invasive. It is much easier for candidates to apply for related jobs in a no/low security environment.
      • There exists a perception in some circles that public sector workers are inferior to their private sector counterparts.
      • Successful applications are making a life long commitment.
      • Successful applicants are limited in what they can discuss about their job and skills in public (and to acquaintances in the private sector). There isn't much glamor or fame to be had.

      Note that many of the points I highlighted above may in fact be desirable in their ability to filter out undesirable candidates. These issues may reduce the size of the pool of talent available when compared to a private sector organisation so there may be less talent to pick from.

  6. Didn't read-- by Anonymous Coward · · Score: 0

    Didn't read--cable 08CANBERRA1157 classified secret and marked not for foreign eyes.

    Dang.

  7. Complete solution in one word by PatPending · · Score: 1

    Analysts were required to be efficient intelligence processing units whose effectiveness was "determined by the speed and efficiency by which [they] can sift through the volume to highlight 'what is important' and put it into context for decision makers"

    Perl

    --
    What one fool can do, another can. (Ancient Simian Proverb)
    1. Re:Complete solution in one word by Anonymous Coward · · Score: 0

      best xkcd ever!

  8. Wikileaks releases stuff about Australia by unity100 · · Score: 1

    are you right wing americans happy now ? peace ?

    --
    Read radical news here
    1. Re:Wikileaks releases stuff about Australia by MichaelSmith · · Score: 1

      I don't follow you.

      --
      http://michaelsmith.id.au
    2. Re:Wikileaks releases stuff about Australia by zaphirplane · · Score: 1

      so we all need to work together to get rid of him, how about we frame him for a crime, lock him up a bit
      To give the american gov time to come up with something to charge him with ....

  9. Australian CompSec Students and DSD by Anonymous Coward · · Score: 0

    Nice to know that all those DSD guys promoting themselves, saying they're on the cutting edge of IT Security, near the graduation of us Australian ITSec students were full of shit.

  10. Commit Crime with Impunity by dark+grep · · Score: 1

    MHO of what you need to commit cyber crime with impunity in Australia is; a computer and Internet access. As long as you are not a total moron, I think it would be very difficult for the AG to win a case without substantial (FBI) international help.

    1. Re:Commit Crime with Impunity by Merls+the+Sneaky · · Score: 4, Funny

      There is more than enough talent being trained in Australia, what we lack is a communication and "digital economy" minister that actually knows something about IT. They guy got locked out of his own iphone FFS.

      http://apcmag.com/how-conroys-daughter-wrecked-his-unsecured-iphone.htm

      They guy is clueless and just keeps pushing his censorship agenda. Oh and the useless NBN.
      http://www.itnews.com.au/News/154249,nbn-useless-without-subsea-investment.aspx

    2. Re:Commit Crime with Impunity by NoSig · · Score: 1

      I hear they guy also can't spell.

    3. Re:Commit Crime with Impunity by Anonymous Coward · · Score: 0

      They guy got locked out of his own iphone FFS.

      They have Marcus Brody as Digital Economy Minister? He got locked out of his own iPhone!

  11. General Jack D. Ripper by Anonymous Coward · · Score: 0

    General Jack D. Ripper: unity100, do you recall what Assange once said about cyberwar?
    unity100: No, I don't think I do, sir, no.
    General Jack D. Ripper: He said cyberwar was too important to be left to the hacktivists. When he said that, 50 weeks ago, he might have been right. But today, cyberwar is too important to be left to politicians. They have neither the time, the training, nor the inclination for strategic thought. I can no longer sit back and allow Wikileaks infiltration, Wikileaks indoctrination, Wikileaks subversion and the international Wikileaks conspiracy to sap and impurify all of our precious bodily fluids.

  12. Huh? by Anonymous Coward · · Score: 0

    They have electricity in Oz? Whodathunkit.

  13. T'was noisy pollies not noisy subs by dbIII · · Score: 4, Informative

    The subs are expensive things that whoever is in opposition likes to complain about and whoever is in government likes to use for pork. Minor problems were blown out of proportion, sometimes even after they had been fixed. Then there were things like expensive modifications were done to allow for extremely dodgy procurement deals which kept the subs out of the water. "Free trade" talks with the USA were not going well and it was difficult to get access to some people in US government, then suddenly there was a plan to buy a lot of surplus torpedoes of a size nobody makes anymore and modify the subs so that they will fit. The talks then went ahead and it was a problem for a later government to modify the subs again once that lot of torpedoes is unusable.
    It's not just subs, there was the purchase of the sprightly old Sea Sprites which were not safe to fly over water and had been considered obsolete in the 1970s. It had to be corruption because stupidity of that level would be inconsistant with making it to an adult age alive.

    1. Re:T'was noisy pollies not noisy subs by LeperPuppet · · Score: 2

      The problems with Australia's Defence procurement aren't due to corruption, but systemic managerial incompetence, paired with a continuing parade of Defence ministers who believe anything said incompetent managers tell them.

  14. So? Good for them. by BitZtream · · Score: 1

    I'm not sure why this is news? They realized a weakness and asked someone they thought had more knowledge for help. Thats what I EXPECT them to do.

    When I know I'm out of my league and well beyond my knowledge base I ask someone else who's been doing it longer or more for some input.

    Go on ya, Aussies, hope we gave you something useful. Maybe one day you can return the favor for some of the things you're better than us at.

    As the song goes, Thats what friends are for.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  15. lol by bazmail · · Score: 0

    Y'see? Chucking shrimp on the barbie will only get you so far "mate" until you have to call in the pros. Silly drongos.

  16. Re:So? Good for them. by zaphirplane · · Score: 1

    except that the "more knowledgable expert", has had their power grid given the how you doing
    Their pentagon email routed to another country and have their confidential files published on the internet.

    kind of like going to a boxer that mike tyson (in his prime), wiped the floor with and asking him to train you .....
    or
    asking GM how to run a successful car making company

  17. cyber here cyber there by alien9 · · Score: 1

    sure we can detect one's unawareness from amount of abuse of the prefix CYBER

  18. Oh come on by scarface71795 · · Score: 0

    Is that supposed to be a pun Spook=spy It wasn't funny at all

    1. Re:Oh come on by eriqk · · Score: 1

      It was cyberfunny.

  19. faith-based security by Thud457 · · Score: 1

    "won't somebody please help me, a dingo stole my packet!"


    Consensus seems to be appointing a knowledgeable minster or whatever they have over there would resolve the problem. Instead they got some dummo with a political agenda to push.

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  20. Haw by Anonymous Coward · · Score: 0

    They're so busy trying to build a firewall to censor web sites that they didn't get around to building a firewall for actual security purposes.