Note: Where available, the PDF/Word icon below is provided to view the complete and fully formatted document
Disclaimer: The Parliamentary Library does not warrant or accept liability for the accuracy or usefulness of the transcripts. These are copied directly from the broadcaster's website.
Experts say cyber-terrorism threat overstated -

View in ParlViewView other Segments

Experts say cyber-terrorism threat overstated

Timothy McDonald reported this story on Monday, October 26, 2009 12:41:00

ELEANOR HALL: Online bandits often make headlines by crashing websites and stealing banking
details. But internet security experts are warning today that this amounts to mere thuggery
compared to a cyber-attack that could one day cripple a major piece of infrastructure and they say
that the leaders of government and industry have just a few short years to prepare for that threat.

Timothy McDonald reports.

TIMOTHY MCDONALD: US Government websites crashed, and then a few days later, South Korean
Government websites suffered the same fate. North Korea seemed to be the obvious culprit for July's
attack, but the guilty parties haven't yet been identified. The authorities were surprised, because
the attacks appeared well coordinated and targeted government assets.

But a new paper from the Center for Strategic and International Studies says the attack was more of
a noisy demonstration than cyber-warfare or terrorism. Experts here agree there's a big difference.

Professor Matthew Warren is the head of the school of information systems at Deakin University.

MATTHEW WARREN: What we haven't got, and a lot of it is linked to the development of the
information society, is attacks that would cripple a country in a critical areas. Certainly in
Australia we have what is termed critical infrastructure and there is critical infrastructure
protections where there are key systems, physical systems as well as information systems, in
government and with corporations that if attacked would have a dramatic impact.

TIMOTHY MCDONALD: The distinction is that the attacks didn't cause casualties, loss of territory,
destruction, or serious disruption of critical services. But Professor Warren worries that that is
a genuine possibility for the future.

MATTHEW WARREN: If they are controlled by computer systems that are internet-enabled or have remote
access, in theory yes, because it just means that people can attack the infrastructure or they can
remotely gain access to it.

TIMOTHY MCDONALD: In fact, the paper says it's highly probable that some advanced states have the
capacity to mount cyber attacks but they haven't played a major part in conflicts to date, possibly
for strategic reasons. The opposite is true for terrorist groups who most probably haven't used
them because they don't yet have the expertise.

But there's a stern warning and a lesson to be learned. The world is increasingly moving online and
is therefore becoming more vulnerable. Again, Matthew Warren agrees.

MATTHEW WARREN: A lot of those systems aren't internet-based but this is going to be the risk for
the future because in the future a lot of these systems will be internet-based for financial
reasons, for the development of technologies so there are the future areas, you know, where systems
could be attacked.

TIMOTHY MCDONALD: Is there an argument then for perhaps not putting some of these systems online?
That these things need to be kept secure because they are pieces of infrastructure so maybe it is
better to keep them away from the internet?

MATTHEW WARREN: Ah, but again the counter-argument for that is when you look at power systems that
they are operated by commercial organisations. You know what they are focusing on is costs so what
businesses are looking for, you know, is maximising profits, lowering processing operational costs
and this is the big advantage, you know, that the information society has.

TIMOTHY MCDONALD: Experts say government and industry has a window of opportunity to get the
problem in hand. Professor Warren says time is of the essence, and Australia needs to look overseas
to effectively deal with the problem.

TIMOTHY MCDONALD: It was proposed by the Labor Government before the election that they would have
a Department of Homeland Security that would deal with all aspects of security whether it is
physical and cyber.

They then decided primarily because of the cost factor that it would be too expensive to set up an
organisation. It would be too complex to break down the existing intelligence security apparatus
and replace it with a new one but that is how countries are dealing with it is they are
restructuring their intelligence, their security agencies to deal with these threats.

ELEANOR HALL: Professor Matthew Warren from Deakin University.