Home' Defence Magazine : Issue 8 2010 Contents Never before has cyber and information security
been more crucial to Defence than it is now.
DEFENCE SIgNALS DIRECTORATE
By Mathew Hinge
In 2008, one USB stick infected with malicious
software compromised the US Central Command
information systems in the Middle East.
The USB was inserted into a laptop resulting
in malicious code moving from the unclassified
network to classified systems. This was a
serious breach of US Military computers, and
could potentially have resulted in the large
scale theft of classified information by a foreign
This year in Australia, the Australian Parliament
House website became unavailable for
approximately 50 minutes due to a coordinated
effort to crash the site by individuals belonging to
the Anonymous group.
Anonymous is a community of internet users who
protested against the Government’s proposed
internet website filter by flooding the Parliament
House site with more communication requests
than it could handle. Anonymous also targeted the
Prime Minister’s website in this intrusion, and sent
spam emails to departmental staff.
The cyber security threat is not an emerging
problem; it is here with us now. Cyber threats
to Defence and wider government information
systems are real, and evolving at a dramatic rate.
Operating in cyberspace exposes government
information and systems to serious security risks
and appropriate measures must be taken.
The Defence Signals Directorate (DSD) is at the
frontline of Australia’s defence in the cyber realm.
It does this by helping to detect, prevent and
guard against threats from cyberspace. DSD
also provides vital support to Defence and other
Government departments to help improve and
maintain the security of information.
DSD’s First Assistant Secretary for Cyber and
Information Security, Mike Burgess, warns that if
an organisation is connected to the internet, it is
susceptible to computer intrusion.
DSD is a key player in the Australian Government’s
Cyber Security Strategy. The strategy aims to
maintain a secure, resilient and trusted electronic
operating environment that supports Australia’s
national security and maximises the benefits of the
DSD plays a strong, collaborative role in the
partnership approach to cyber security across all
Australian governments, the private sector and the
broader Australian community.
“Cyber and information security is a vital area
in DSD, relying on unique skills and intelligent
people. This is highlighted by the establishment
of the Cyber Security Operations Centre, or
“CSOC” as it is known across Australian
government,” Mr Burgess said.
The CSOC was established in accordance
with the 2009 Defence White Paper and is the
centrepiece of Defence’s Cyber Security efforts.
It provides situational awareness with an
enhanced capacity to detect and rapidly respond
to cyber security incidents. Like a hospital
emergency room, it brings together the resources
and expertise required to counter a crisis.
While this capability resides within DSD and
provides cyber warfare support to ADF operations,
it is not solely a DSD operation. It brings together
capabilities of Defence, ASIO, the AFP, and the
Attorney-General’s Department. Each agency
brings different expertise to work in partnership to
respond to critical incidents.
The centre is staffed by DSD’s highly-skilled
information security experts, software engineers,
analysts and computer scientists.
Staff also represent many areas of
Defence including members of the ADF,
the Defence Science and Technology Organisation
and the Defence Intelligence Organisation. It
also works closely with the Defence Network
Operations Centre to support Defence operations
Through the CSOC, DSD is aware of
intrusion activity against Australian Government
networks that have led to the loss of information
in some cases.
To combat this, DSD devised “Strategies
to Mitigate Targeted Cyber Intrusions”, a list
of 35 strategies in order of effectiveness.
At least 70 per cent of the cyber intrusions
DSD responded to in the last 12 months could have
been avoided if organisations had implemented
the top four DSD mitigation strategies.
There is no single magic bullet for cyber security.
As Australia’s information is at risk from cyber
exploitation, it is essential that we have an
effective cyber defence capability. DSD is working
with Government and industry to ensure that cyber
security is now a top priority for Australia.
How to avoid cyber intrusions
DSD’s top four tips:
1. patching operating systems and applications using auto-updates
2. patching third-party applications such as PDF readers, Active X objects and web browser plug-ins
3. restricting admin privileges to users who need them, and
4. white-listing approved applications to prevent unapproved programs from running.
is a vital area in DSD,
relying on unique skills
and intelligent people.
This is highlighted
by the establishment
of the Cyber Security
or CSOC as it is known
– DSD’s First Assistant Secretary
for Cyber and Information Security,
LefT: Defence Signals Directorate Cyber Security Operations Centre, located in the Defence Signals Directorate,
was officially opened on 15 January 2010.
Photo: Bryan Doherty
defence magazine ›
Links Archive Issue 1 2011 Issue 7 2010 Navigation Previous Page Next Page