One of Australia’s top national security figures has warned the threat of a cyber attack on Australia’s critical infrastructure is “immediate”, “realistic” and “credible”, and could take down the nation’s electricity network.
- Mike Pezzullo says he is deeply concerned about the threat of an attack
- The government is currently considering new legislation to protect critical infrastructure
- Mr Pezzullo also defended his “drums of war” comments
Home Affairs Department secretary Mike Pezzullo believes the threat posed by sophisticated criminals and hackers acting for other nations is “deeply concerning”.
“Of all the things that keep me awake at night, and there are quite a number, that is the most pressing, immediate concern,” he told Senate estimates.
“COVID has been dreadful, COVID has been terrible given the deaths, imagine trying to do COVID without electricity.
“It’s as immediate, it is as realistic, and it is as credible a threat as that.”
In response to increased cyber attacks, the federal government has proposed new legislation aimed at better protecting assets in critical sectors including water, health, energy and transport.
The new laws would impose greater cybersecurity obligations on operators responsible for the infrastructure in those sectors.
Earlier this year, federal parliament and Channel Nine were the targets of an unsuccessful cyber attack which caused a crippling IT disruption for many staff.
Western Australia’s parliament was also the subject of an attack in March.
Mr Pezzullo’s comments also come after Prime Minister Scott Morrison publicly urged Australian organisations, including governments and businesses, to protect themselves after saying many were currently being targeted by a sophisticated foreign “state-based” hacker.
Federal government agencies believed China was the nation behind ongoing cyber attacks on institutions including hospitals and state-owned utilities.
Australia’s cyber authorities are currently working to establish what has caused a crippling IT disruption at federal parliament that has left many of the building’s occupants without access to email across the weekend.
Mr Pezzullo said without the additional measures, which are currently being considered by parliament’s powerful Joint Committee on Intelligence and Security, Australia faced a “perilous” road.
“We’ve laid information before the parliamentary committee that potentially state actors could take advantage of these vulnerabilities,” he said.
Mr Pezzullo said the increased interconnectedness of software and machinery used by operators could expose businesses to sabotage and ransomware.
“We’re seeing this with hospital systems, we’re seeing it with vaccine data, we’re seeing it with healthcare providers, typically the criminals will chase opportunity in the knowledge that it’s likely to achieve a benefit,” he warned.
“Cyber criminals tend to be very business savvy so they will chase opportunity and typically the more critical a system, the more critical a data set, the more the criminal opportunity there might be.
“That’s before you get to state actors, and also there is a combination effect of state actors operating with criminal actors effectively acting as proxies.”
Pezzullo defends ‘drums of war’ comments
Under questioning from Greens senator Nick Mckim, Mr Pezzullo defended a speech he made in which he warned the “drums of war” were beating.
He said the comments, which formed part of an Anzac Day message to staff, were not a warning of imminent danger.
“It’s a lament for peace and an acknowledgement of the significant price that has been paid by many generations for the freedoms that we have.
“It’s clearly on its face not a statement of policy, that is a matter for ministers to outline, nor I would contend is it an assessment or a warning of imminent danger.”