New guidelines for responding to cyber attacks don’t go far enough



File 20181217 185255 1repzj6.jpg?ixlib=rb 1.1
If Australia’s electricity grid was targeted by cyber attack the fall out could be severe.
Shutterstock

Adam Henry, UNSW and Greg Austin, UNSW

Debates about cyber security in Australia over the past few weeks have largely centred around the passing of the government’s controversial Assistance and Access bill. But while government access to encrypted messages is an important subject, protecting Australia from threat could depend more on the task of developing a solid and robust cyber security response plan.

Australia released its first Cyber Incident Management Arrangements (CIMA) for state, territory and federal governments on December 12. It’s a commendable move towards a comprehensive national civil defence strategy for cyber space.

Coming at least a decade after the need was first foreshadowed by the government, this is just the initial step on a path that demands much more development. Beyond CIMA, the government needs to better explain to the public the unique threats posed by large scale cyber incidents and, on that basis, engage the private sector and a wider community of experts on addressing those unique threats.




Read more:
What skills does a cybersecurity professional need?


Australia is poorly prepared

The aim of the new cyber incident arrangements is to reduce the scope, impact and severity of a “national cyber incident”.

A national cyber incident is defined as being of potential national importance, but less severe than a “crisis” that would trigger the government’s Australian Government Crisis Management Framework (AGCMF).

Australia is currently ill-prepared to respond to a major cyber incident, such as the Wannacry or NotPetya attacks in 2017.

Wannacry severely disrupted the UK’s National Health Service, at a cost of A$160 million. NotPetya shut down the world’s largest shipping container company, Maersk, for several weeks, costing it A$500 million.

When costs for random cyber attacks are so high, it’s vital that all Australian governments have coordinated response plans to high-threat incidents. The CIMA sets out inter-jurisdictional coordination arrangements, roles and responsibilities, and principles for cooperation.

A higher-level cyber crisis that would trigger the AGCMF (a process that itself looks somewhat under-prepared) is one that:

… results in sustained disruption to essential services, severe economic damage, a threat to national security or loss of life.

More cyber experts and cyber incident exercises

At just seven pages in length, in glossy brochure format, the CIMA does not outline specific operational incident management protocols.

This will be up to state and territory governments to negotiate with the Commonwealth. That means the protocols developed may be subject to competing budget priorities, political appetite, divergent levels of cyber maturity, and, most importantly, staffing requirements.

Australia has a serious crisis in the availability of skilled cyber personnel in general. This is particularly the case in specialist areas required for the management of complex cyber incidents.

Government agencies struggle to compete with major corporations, such as the major banks, for the top-level recruits.

Australia needs people with expertise in cybersecurity.

The skills crisis is exacerbated by the lack of high quality education and training programs in Australia for this specialist task. Our universities, for the most part, do not teach – or even research – complex cyber incidents on a scale that could begin to service the national need.




Read more:
It’s time for governments to help their citizens deal with cybersecurity


The federal government must move quickly to strengthen and formalise arrangements for collaboration with key non-governmental partners – particularly the business sector, but also researchers and large non-profit entities.

Critical infrastructure providers, such as electricity companies, should be among the first businesses targeted for collaboration due to the scale of potential fallout if they came under attack.

To help achieve this, CIMA outlines plans to institutionalise, for the first time, regular cyber incident exercises that address nationwide needs.

Better long-term planning is needed

While these moves are a good start, there are three longer term tasks that need attention.

First, the government needs to construct a consistent, credible and durable public narrative around the purpose of its cyber incident policies, and associated exercise programs.

Former Cyber Security Minister Dan Tehan has spoken of a single cyber storm, former Prime Minister Malcolm Turnbull spoke of a perfect cyber storm (several storms together), and Cyber Coordinator Alastair McGibbon spoke of a cyber catastrophe as the only existential threat Australia faced.

But there is little articulation in the public domain of what these ideas actually mean.

The new cyber incident management arrangements are meant to operate below the level of national cyber crisis. But the country is in dire need of a civil defence strategy for cyber space that addresses both levels of attack. There is no significant mention of cyber threats in the website of the Australian Disaster Resilience Knowledge Hub.

This is a completely new form of civil defence, and it may need a new form of organisation to carry it forward. A new, dedicated arm of a existing agency, such as the State Emergency Services (SES), is another potential solution.

One of us (Greg Austin) proposed in 2016 the creation of a new “cyber civil corps”. This would be a disciplined service relying on part-time commitments from the people best trained to respond to national cyber emergencies. A cyber civil corps could also help to define training needs and contribute to national training packages.

The second task falls to private business, who face potentially crippling costs in random cyber attacks.

They will need to build their own body of expertise in cyber simulations and exercise. Contracting out such responsibilities to consulting companies, or one-off reports, would produce scattershot results. Any “lessons learnt” within firms about contingency management could fail to be consolidated and shared with the wider business community.




Read more:
The difference between cybersecurity and cybercrime, and why it matters


The third task of all stakeholders is to mobilise an expanding knowledge community led by researchers from academia, government and the private sector.

What exists at the moment is minimalist, and appears hostage to the preferences of a handful of senior officials in Australian Cyber Security Centre (ACSC) and the Department of Home Affairs who may not be in post within several years.

Cyber civil defence is the responsibility of the entire community. Australia needs a national standing committee for cyber security emergency management and resilience that is an equal partnership between government, business, and academic specialists.The Conversation

Adam Henry, Adjunct Lecturer, UNSW and Greg Austin, Professor UNSW Canberra Cyber, UNSW

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Advertisements

Former leader Bob Brown attacks Greens senator Rhiannon’s behaviour on schools



File 20170625 13446 cwhtat
All nine of Lee Rhiannon’s federal colleagues co-signed a letter of complaint that was sent to the Greens’ national council.
Mick Tsikas/AAP

Michelle Grattan, University of Canberra

Former Greens leader Bob Brown accused Lee Rhiannon of “perfidious behaviour”, as the defiant Greens senator fought back against united condemnation from her parliamentary colleagues.

The other nine parliamentary Greens, including eight senators and lower house member Adam Bandt, have written to the party’s national council complaining about Rhiannon who, when the Greens were negotiating with the government on the schools bill, authorised a leaflet urging people to lobby senators to block the legislation.

Brown, a long-time critic of Rhiannon, repeated his previous description of her as “the Greens’ version of Tony Abbott”, and his call for the NSW Greens to replace her at the election with someone more popular and constructive.

He said that while he did not disagree with the Greens ultimately voting against the legislation – because Education Minister Simon Birmingham had done a special deal with the Catholics – the Greens in their negotiations had obtained $A5 billion in extra money.

Education was not Rhiannon’s portfolio – and for her to advocate against the Greens leader Richard Di Natale and its education spokesperson, Sarah Hanson-Young, was “untenable”, Brown said.

The Greens letter said: “We were astounded that senator Rhiannon was engaged with [the leaflet] production and distribution without informing party room at a time when we were under enormous pressure from all sides as we considered our position on the bill”.

It said the leaflet had the potential to damage the negotiations that Di Natale and Hanson-Young were having with the government about billions in extra funding for underfunded public schools.

The Greens’ parliamentary partyroom will consider Rhiannon’s action.

Despite prolonged negotiations with the Greens, the government finally concluded a deal with ten of the other crossbench senators to pass the bill. But the Greens had done much of the heavy lifting to obtain a series of amendments. This included the additional money, which takes the planned total extra federal government spending on Australian schools to $23.5 billion over a decade.

In a statement on Sunday Rhiannon said she rejected allegations she had derailed negotiations and breached “faith of the party and partyroom”.

“I am proud the Greens partyroom decided to vote against the Turnbull government’s school funding legislation. It’s clear that public schools would have been better off under the existing Commonweath-state agreements than they will be under the Turnbull package.”

She said that at all times her actions on education had been faithful to the party’s policy and process, and her work had not impacted on the negotiations.

She defended the leaflets she authorised, saying they were “a good initiative of Greens local groups.

“They highlighted the negative impact the Turnbull funding plan would have on their local public schools.

“Producing such materials are a regular feature of Greens campaigns. These leaflets urged people to lobby all senators to oppose the bill.

The Conversation“I was proud to stand with branches of the Australian Education Union, particularly as the Turnbull school funding plan favoured private schools,” she said.

https://www.podbean.com/media/player/ivb89-6c3c98?from=site&skin=1&share=1&fonts=Helvetica&auto=0&download=0

Michelle Grattan, Professorial Fellow, University of Canberra

This article was originally published on The Conversation. Read the original article.

Looking at terror attacks ‘per capita’ should make us rethink beliefs about levels of risk and Muslims



File 20170530 23692 1ysnhcu
In the fight against terrorism, seemingly easy conclusions may be drawn too quickly.
Reuters/Jon Super

Michael Jetter, University of Western Australia and David Stadelmann, Bayreuth University

Recent events in London, Manchester and elsewhere highlight that Western societies are vulnerable to terrorist attacks – and political decision-makers need to find solutions.

Two key questions to consider are:

  1. How likely are you to fall victim to terrorism?

  2. What increases or decreases that likelihood?

Our natural way of thinking about the first question should be similar to considering crime (murder or robbery, for instance), mortality (infant mortality at birth, or cancer), car accidents, or other threats. And the salient point is not so much the total number of murders in a large country, but rather the total number in relation to the size of the population.

Put simply, we should consider the number of affected people on a per-capita basis – that is, murder rates, or mortality rates.

For example, from a policy perspective, it makes sense that ten murders in a populous country like China (which has 1,371,000,000 citizens) would be much less significant than ten murders in a tiny country like Liechtenstein, with its 37,000 citizens.

Terror per capita vs total terror

However, when it comes to terrorism, almost all the knowledge that drives policy decisions comes from studies analysing the total number of terror casualties in a given country and year.

India is a good example. It ranks fourth on the list of terror-prone countries since 1970, with 408 deaths from terrorism in an average year.

But the average Indian need not be particularly worried about terrorism. The country is home to 1.27 billion people, and terrorism kills only one in 2,500,000 people – or 0.0000004% of the population – per year, once we translate total terror deaths to terror deaths per capita. The likelihood of dying from crime or in a road accident is far higher.

India ranks only 82nd in the world when we compare terrorism victims per capita.

So, although India has a relatively high number of terrorist attacks, an individual’s likelihood of dying in such an attack is minimal – because India has such a large population.

Once we switch from focusing on total terror deaths (or attacks) per country to terror deaths per capita, relevant conclusions about what drives terrorism change dramatically. And thus potential policy reactions also change when focusing on terror deaths per capita.

Democracy, Muslims and terrorism

A somewhat baffling conclusion from a long list of research articles states that terrorism is more likely to emerge in democracies, rather than non-democracies. This idea is difficult to reconcile with our intuition of democracy giving people political (and usually religious) freedom – so why should we see terrorism in such free countries?

It turns out that once we analyse terror per capita, democratic nations are less likely to witness terrorism. Again, take India, a large democracy that, at first glance, suffers a lot from terrorism. But, in per-capita terms, terrorism becomes less important.

Another popular belief states that countries with a sizeable Muslim population – such as Pakistan, Indonesia, Bangladesh or Nigeria – are experiencing more terrorism than non-Muslim countries. This is true when looking at the total numbers of deaths.

But that result is also overturned once we consider terror per capita. A larger share of Muslims in a given country relates to marginally less terrorism. Pakistan (202 million people), Indonesia (258 million), Bangladesh (156 million) and Nigeria (186 million) all feature exceptionally large populations.

This result is informative for the current policy debate. More caution is needed before classifying certain countries as more prone to terrorism based on their religion.

Another – admittedly simplistic – way of considering the link between Islam and terrorism comes from comparing the share of terror attacks conducted by Muslim groups with the share of the world population identifying as Muslim. If Muslims were more likely to be terrorists, we should expect the latter figure to be lower.

Approximately 23% of the world population identifies as Muslim. But, since September 11, Islamist groups have conducted about 20% of terrorist attacks worldwide. Thus, terrorist attacks are – historically and today – less likely to be conducted by a Muslim than by a non-Muslim group.

Where to go from here?

Our results suggest it may be time to rethink the way we approach terrorism.

On an average day, terrorists kill 21 people worldwide. On that same average day, natural or technological disasters kill 2,200 people – or more than 100 times as many.

The likelihood of dying at the hands of a terrorist is comparable to the odds of drowning in one’s own bathtub.

This does not mean we should be afraid of bathtubs, nor does it mean terrorism is not among the problems that need to be solved with a high priority.

The ConversationRather, in the fight against terrorism, seemingly easy conclusions may be drawn too quickly – and we should not forget other matters that affect people’s lives far more than terrorism does.

Michael Jetter, Lecturer in Economics, University of Western Australia and David Stadelmann, Chair of Development Economics, Bayreuth University

This article was originally published on The Conversation. Read the original article.

Brussels attacks: why do family members commit terrorism together?


Lazar Stankov, Australian Catholic University

It appears to be increasingly common that terrorist attacks not of the lone-wolf variety involve members of the same family.

Some of them, like the San Bernardino attack last December, are committed by married couples or romantic partners.

But quite a few recent terrorist atrocities – the Charlie Hebdo attack, the Boston Marathon bombings and now Tuesday’s Brussels attacks – have been perpetrated by siblings. So is there a link between within-family radicalisation and acts of terrorism? And is terrorism different from any other crime in this respect?

Family ties and the militant extremist mindset

Both genetics and environment are known to influence criminal behaviour. But the exact nature of these influences and their relative importance are still being debated.

It can be expected, therefore, that genes contribute to terrorist behaviour. But it is wrong to conclude that just because two individuals have a common genetic make-up, one will follow the other if the other becomes a terrorist. Instances of only one family member displaying criminal behaviour are very common.

Nevertheless, there may be environmental factors that contribute to and interact with genetics to cause terrorist behaviour. If so, one would expect to find more terrorist acts than other kinds of criminal acts committed by members of the same family. Family members share both genetics and environment to a greater extent than people in general.

Studies of the militant extremist mindset provide clues to why we can expect to find more siblings among terrorist cells. From the three components of this mindset, only one – “nastiness” – is directly linked to other varieties of criminal behaviour.

Violent criminals of any kind tend to strongly advocate harsh punishment of their enemies. For example, they are more likely than most people to approve of physical punishment for insulting one’s honour.

While both genetics and environment may be implicated in “nastiness”, the other two components of the militant mindset – “grudge” and “excuse” – represent environmental influences to a greater extent. These are usually the focus of recruiters.

An important component of radicalisation is a strong feeling that the group one belongs to is under threat from some other group – that is, the person feels a “grudge” of some kind. A common example is the feeling that the West has exploited and hurt “my” people, and this needs to be avenged.

Sometimes grudge is more general and not oriented towards a particular group. The person simply feels that this world is unfair and full of injustices.

“Excuse” is a dressing-up part of extremism. It relies on religious and ideological “higher moral principles” to justify the feelings of nastiness and grudge.

It follows from the nature of the militant extremist mindset that we can expect to find more siblings among terrorists. This is because such attacks tend to be carried out by people who are more ready for action and are prepared to be vicious in dealing with their enemies. This tends to be a shared characteristic of criminal family members.

Being raised together – and therefore being exposed to the same set of stories about the enemies and the same set of moral, ideological and religious reasons justifying their feeling of hate – is likely to contribute significantly to the same tendency.

And then there is a feeling of trust, due to a common upbringing and feelings stronger than typical camaraderie when you are doing something together with somebody who is close to you. Overall, it is likely that there will be more instances of siblings committing terrorist attacks.

From a security point of view, it may be reasonable to ask whether this tendency calls for a different approach to detection. There is currently an emphasis on internet-based radicalisation, rather than on person-to-person contacts. Family interactions diminish the role of the former and point to the need to maintain traditional policing methods.

The Conversation

Lazar Stankov, Professor, Institute for Positive Psychology and Education, Australian Catholic University

This article was originally published on The Conversation. Read the original article.