The overall responsibility for e-security in Australia rests with the Attorney-General’s Department, through its charter to protect the National Information Infrastructure (NII), which ‘comprises information systems that support the telecommunications, transport, distribution, energy, utilities, banking and finance industries as well as critical government services including defence and emergency services’.[8] Its mission is essentially defensive, primarily identifying and coordinating responses to incidents that seriously affect the NII.
The government’s ‘core policy development and coordination body on e-security matters’ is the E-Security Coordination Group (ESCG), established in 2001. It is the ‘lead agency addressing e-security matters’.[9] The ESCG is supported by the Critical Infrastructure Protection Group (CIPG), which is responsible for ‘identifying and providing advice on the protection of Australia’s information infrastructure where the consequences of a security incident are defined as critical’. It ‘evaluates the threats and vulnerabilities to the NII’, and coordinates crisis management arrangements with other Commonwealth agencies, including with respect to ‘defence, national security and counter-terrorism programs’. It is chaired by the Attorney-General’s Department, and includes representatives from the Australian Federal Police (AFP), which provides ‘an enhanced law enforcement response capability’; the Australian Security Intelligence Organisation (ASIO), which provides intelligence analysis and threat assessment advice; the DSD, which provides ‘enhanced incident analysis and response for Commonwealth agencies’; and the Australian Securities and Investments Commission, which undertakes ‘detection, investigation and prosecution of electronic fraud in the financial sector’.[10]
There are many agencies within the Department of Defence and the ADF concerned with some aspect of NCW, including monitoring of the electro-magnetic spectrum and cyber-space; ensuring information security (Infosec) and e-security with respect to both national and Defence information and communications systems; conducting research, development and testing of NCW concepts and equipment; and addressing NCW criteria in the capability development process.
The Director General Capability Plans (DGCP) ‘provides integration and coordination of NCW with other capability development matters’. The Director General Integrated Capability Development (DGICD) ‘provides cross-project NCW integration’. The Director of NCW Implementation ‘provides research and policy support’ in NCW matters for the capability planning process. The Network Centric Warfare Project Office (NCWPO) is ‘the battlespace architect’; it is responsible for ‘ensuring cross-project integration … through testing NCW compliance with battlespace architectures’. The Chief Information Officer Group (CIOG) ‘manages the Network Dimension of Defence NCW capability’. The Intelligence and Security Group (I&SG) is responsible for development of the intelligence component of Defence NCW capability, and for ‘managing the implementation and ongoing development of the Intelligence, Surveillance and Reconnaissance Roadmap’.[11]
The DSD, Australia’s largest intelligence agency, responsible for both the collection of foreign signals and the security of the national information and communications systems, has extensive capabilities relating to cyber-warfare. It has broadened, with respect to its collection activities, from focusing almost entirely on the interception of information ‘in motion’, as electro-magnetic waves travel through the ether, to now also undertaking the collection and manipulation of information ‘at rest’, stored on computer databases, disks and hard drives.[12]
DSD has two stations concerned with intercepting SATCOM in the region, monitoring long-distance telephone calls, emails, facsimiles, and computer-to-computer data exchanges. DSD’s largest station, at Shoal Bay, near Darwin, is primarily concerned with intercepting Indonesian communications, including both radio transmissions and SATCOM. Project Larkswood, which began in 1979, involves the interception of Indonesian SATCOM, and especially those involving Indonesia’s Palapa communications satellite system. It also includes the communications of other Association of South East Asian Nations (ASEAN) countries that use the Palapa system.[13] Many more dish antennas were installed in the late 1990s, making eleven as at September 1999. Most of the new antennas were designed to intercept various sorts of SATCOM involving Indonesia, including mobile satellite telephone (Satphone) conversations using Inmarsat and Global System for Mobile Communications (GSMC) services.[14] DSD’s other SATCOM signals intelligence (SIGINT) station is at Kojarena, near Geraldton, WA; it became operational in the mid-1990s, and currently has five large radomes. It is able to monitor selectively the communications from more than a hundred geostationary satellites stationed along the equator from about 40°E to about 170°W longitude.[15] The station reportedly functions as part of the much-publicised ‘Echelon’ system.[16]
DSD is also Australia’s ‘national authority’ for Infosec. DSD’s Information Security Group is responsible for ‘the protection of Australian official communications and information systems’, with respect to ‘information that is processed, stored or communicated by electronic or similar means’. The Group also works with private industry in relation to the development of new cryptographic products, and evaluates Infosec products for industry.[17]
The ADF maintains a variety of electronic warfare (EW) capabilities which are relevant to cyber-warfare. The RAAF’s Electronic Warfare Operational Support Unit (EWOSU) was established in Salisbury, SA, in 1991. One of its first responsibilities was to compile ‘the first integrated electronic warfare intelligence data base in Australia’.[18] In 1976, the Australian Army raised 72 Electronic Warfare Squadron at Cabarlah, Qld, the home base of the Army’s 7 Signal Regiment, to provide EW support to Army forces. It is equipped with a variety of communications intelligence (COMINT) and EW systems, employed for high-frequency (HF) and very high-frequency (VHF) interception, DF, and jamming operations.[19] During the International Force East Timor (INTERFET) operation in late 1999–2000, a component of the Squadron provided the headquarters in Dili with ‘timely indicators and warning’, and, ‘as a secondary task’, provided other reconnaissance, surveillance and intelligence collection services.[20]
EW and cyber-warfare are becoming conflated as the electro-magnetic environment merges with cyber-space. Cyber-techniques will be increasingly used to penetrate the electronic components in weapons systems, collecting electronic intelligence to inform the development of electronic support measures (ESM), electronic countermeasures (ECM) and electronic counter-countermeasures (ECCM). ECM and ECCM operations will involve a conjunction of radio-EW and cyber-attacks.
The Defence Science and Technology Organisation (DSTO) has a major role in the implementation of NCW in the ADF, providing ‘essential scientific and technological support’ with respect to intelligence, surveillance and reconnaissance (ISR), communications, human-computer interfaces, and decision-support tools. Its work on NCW is coordinated by a NCW Steering Group that was formed in early 2003, and includes the development of technologies for battlespace communications and protection of the infrastructure, as well as integration of future weapons systems into the C2 and engagement grids.[21]
The DSTO has recently initiated a series of ‘Net Warrior exercises’ to ‘build, demonstrate and enhance’ ADF battlespace interoperability. The participants include the Airborne Early Warning and Control Aircraft (AEW&C) Testbed, the Air Defence Ground Environment Simulator (ADGESIM), and a ‘Future Ship’ maritime platform. An important focus has been the tactical data-links for exchanging ‘battle-space situational awareness information’, including the use of ‘Internet-based transmission approaches’.[22]
The ADF Warfare Centre at Williamtown is involved in the development of doctrine and the delivery of specialist courses on joint EW and joint IW.
The AFP has considerable expertise in several important aspects of cyber-warfare. It is capable of processing large quantities of digital imagery, such as recorded by closed-circuit television systems. Its Telecommunications Interception Division, which is particularly skilled in monitoring mobile phones, has expanded substantially since the late 1990s, initially under the National Illicit Drug Strategy (NIDS),[23] and since 2001 in accordance with the Australian Government’s counter-terrorism agenda. In the case of the so-called ‘Bali nine’, the Australian heroin smugglers arrested in Bali in April 2005, AFP personnel reportedly cracked the Personal Identification Number (PIN) codes on some of the 10 mobile phones seized, enabling them to identify the network providers and obtain records of ‘every phone call made or received during the life of the cards in each mobile’.[24] It is also able to intercept emails, Short Message Service (SMS) and voicemail messages ‘that are temporarily delayed and stored during passage over a telecommunications system’.[25] The Australian High Tech Crime Centre (AHTCC), which is hosted in Canberra by the AFP, provides a ‘national coordinated approach to combating serious, complex and multi-jurisdictional’ computer-generated crime.[26]
ASIO has a Technical Operations Branch which supports its counter-intelligence and counter-terrorism responsibilities. It has expertise not only in monitoring telephones, but also in covert installation of ‘bugs’ and other technical devices in embassies, private residences and meeting places, and in penetrating computer-related systems.
The Australian Secret Intelligence Service (ASIS) has a Technical Section which generally conducts technical operations in foreign capitals, although it sometimes cooperates with ASIO in operations against foreign missions in Canberra. For example, it was alleged in May 1995 that ASIS had worked with ASIO to install fibre-optic devices in the Chinese Embassy in Canberra while it was being built in the 1980s.[27] Since the 1960s, ASIS has assisted DSD by obtaining foreign code-books; since the late 1990s, it has also provided DSD with internal telephone and email directories. There has been increasing cooperation between ASIS and DSD since the 1990s with respect to technical collection and surveillance operations in foreign capitals. Offensive cyber-warfare operations, and, indeed IO more generally, will place increasing demands on ASIS for covert support overseas.
The corporate sector, and especially the telecommunications, IT and aerospace companies, is an enormous reservoir of cyber-warfare capabilities. Most of the NII is in private hands. Telecommunications are virtually monopolised by Telstra and Optus. There is a plethora of Internet Service Providers (ISPs), some of them committed to the provision of maximum security for their services, regardless of the implications for access by the authorities. The corporate sector contains technical expertise, entrepreneurial ability and research and development (R&D) capabilities.
Telstra and Optus maintain central parts of Australia’s NII. Optus has a new headquarters, with 6 500 staff, at Macquarie Park in northwest Sydney. A Network Operations Centre (NOC) at the headquarters was opened by former Prime Minister John Howard in October 2007. The Optus C-1 communications satellite is particularly critical to the ADF’s NCW architecture. Positioned in geostationary orbit over the equator at 156°E longitude (i.e. just north of Bougainville), it provides relatively high data rate links between headquarters and tactical platforms to support current and future C2, surveillance, intelligence, logistics and administrative networks. It carries four Defence payloads (Global Broadcast, ultra high-frequency (UHF), X-band and Ka-band), was successfully launched on 11 June 2003; it allows AEW&C Wedgetail aircraft, Jindalee Operational Radar Network (JORN) and the ground radar net to share data at required data rates.[28] Optus maintains a Satellite Earth Station at Belrose, which has four 13-metre antennas, one of which is dedicated to controlling the C-1 satellite.[29]
Telstra is the largest provider of local and long-distance telephone services, mobile phone services, and wireless, ADSL and cable Internet access in Australia. It was able to assist DSD during the hunt for the October 2002 Bali bombers. Two Telstra technicians visited Jakarta in late October and spent ‘several days at the main link to Indonesia’s government-owned telecommunications carrier, Telkomsei’, where they extracted ‘a database of millions of phone numbers’, which was then handed to DSD for processing.[30]
Nearly all the servers and routers used in the Australian NII are made by Cisco Systems, headquartered in California. For example, Cisco provided the Internet Protocol (IP) phones, the wireless local area network (WLAN) and the network security at the new Optus head office in Macquarie Park.[31] Cisco has a Product Security Incident Response Team (PSIRT).[32]
AusCERT, the Australian Computer Emergency Response Team, based in Sydney, is a national agency providing expertise on computer network security, particularly with respect to incident response. It is affiliated with the CERT Coordination Centre in the United States, which studies Internet security vulnerabilities, researches long-term changes in networked systems, and provides information to improve the security of networked systems. AusCERT provides a central point in Australia for reporting on security incidents and dissemination of information relating to threats, vulnerabilities and defensive mechanisms.[33]
The aerospace companies possess a range of R&D, design and manufacturing capabilities directly relevant to the cyber-warfare exercise. These include tactical data-links, C2 systems, antenna and radio frequency (RF) propagation systems, and UAVs, as well as specialist electronic components and testing equipment. There is already extensive cooperation between Defence and many companies with respect to NCW systems. For example, DSTO and ADI Ltd signed an agreement at DSTO’s Defence Science Communications Laboratory at Edinburgh, north of Adelaide, in September 2004 to form a ‘Strategic R&D Alliance’ for the collaborative development of NCW technologies.[34] Raytheon Australia has a test-bed Combat Control System (CCS) at its headquarters in North Ryde in Sydney which can simulate, and test new concepts and connectivities with, the Combat Information Systems (CIS) of both the Collins-class submarine and the prospective AWDs.
[8] ‘Budget 2001-2002 Fact Sheet. Protecting the National Information Infrastructure: Part of the Government’s E-security Initiative’, Attorney-General’s Department.
[9] Attorney-General, Minister for Communications, Information Technology and the Arts, and Minister for Defence, ‘Security in the Electronic Environment’, Joint News Release, 27 September 2001; and ‘Budget 2001-2002 Fact Sheet. Protecting the National Information Infrastructure: Part of the Government’s E-security Initiative’, Attorney-General’s Department.
[10] Attorney-General, Minister for Communications, Information Technology and the Arts, and Minister for Defence, ‘Security in the Electronic Environment’; and ‘Budget 2001-2002 Fact Sheet. Protecting the National Information Infrastructure: Part of the Government’s E-security Initiative’.
[11] Director General Capability and Plans, NCW Roadmap 2007, p. 19.
[12] James Bamford, Body of Secrets: How America’s NSA and Britain’s GCHQ Eavesdrop on the World, Century, London, 2001, p. 480.
[13] Desmond Ball, Australia’s Secret Space Programs, Canberra Papers on Strategy and Defence no. 43, Strategic and Defence Studies Centre, The Australian National University, Canberra, 1988, chapter 3.
[14] Desmond Ball, ‘Silent Witness: Australian Intelligence and East Timor’, in Richard Tanter, Desmond Ball and Gerry van Klinken, Masters of Terror: Indonesia’s Military and Violence in East Timor, Rowman & Littlefield, New York, 2006, pp. 177–201.
[15] Ball, Australia’s Secret Space Programs, chapter 4.
[16] Jeffrey Richelson, ‘Desperately Seeking Signals’, Bulletin of the Atomic Scientists, vol. 56, no. 2, March/April 2000, pp. 47–51.
[17] ‘Infosec’, Defence Signals Directorate, available at <http://www.dsd.gov.au/infosec/>, accessed 4 March 2008.
[18] See Desmond Ball, Signals Intelligence in the Post-Cold War Era: Developments in the Asia-Pacific Region, Institute of Southeast Asian Studies, Singapore, 1993, p. 83.
[19] Ball, Signals Intelligence in the Post-Cold War Era: Developments in the Asia-Pacific Region, p. 83.
[20] Major John Blaxland, ‘On Operations in East Timor’, Australian Army Journal, 2000, pp. 7, 9.
[21] Defence Science and Technology Organisation, ‘Network-Centric Warfare’, available at <http://www.dsto.defence.gov.au/research/4051/page/4387/>, accessed 4 March 2008. See also Tim McKenna, Terry Moon, Richard Davis and Leoni Warne, ‘Science and Technology for Australian Network-Centric Warfare: Function, Form and Fit’, ADF Journal, no. 17, pp. 62–75.
[22] Arthur Filippidis, Tan Doan and Brad Tobin, ‘Net Warrior—DSTO Battlelab Interoperability’, Simulation Industry Association of Australia, June 2007, available at <http://www.siaa.asn.au/ simtect/2007/Abstracts/70.html>, accessed 4 March 2008.
[23] ‘Increased Telephone Interception Capacity’, in Australian Federal Police, National Illicit Drug Strategy Initiatives, November 1997—April 2001 (Second edition), p. 13, available at <http://www.afp.gov.au/__data/assets/pdf_file/6634/nids.pdf>, accessed 4 March 2008.
[24] Philip Cornford and Rob O’Neill, ‘Bali Nine Phone Cards Cracked’, Age, 4 May 2005.
[25] ‘Telecommunications Interception Law Dispute Shows Law Needs Overhaul’, Electronic Frontiers Australia, 31 March 2004, available at <http://www.efa.org.au/Publish/PR040331.html>, accessed 4 March 2008.
[26] See Australian High Tech Crime Centre website at <http://www.ahtcc.gov.au/about_us/index.htm>, accessed 4 March 2008.
[27] Robert Milliken, ‘Canberra Acts to Keep an Eye on its Spies’, Independent (London), 2 June 1995, available at <http://findarticles.com/p/articles/mi_qn4158/ is_19950602/ai_n13986087>, accessed 4 March 2008.
[28] Trevor W. Mahony, ‘A Hybrid Civilian/Military Payload to Support Battlefield Communications’, Journal of Battlefield Technology, vol. 1, no. 1, March 1998, pp. 29–32.
[29] ‘Optus Positions for National Satellite Success’, December 2001, available at <http://www.optus.net.au/portal/site/aboutoptus/menuitem.813c6f701cee5a14f0419f108c8ac7a0/ ?vgnextoid=a7ab8336054f4010VgnVCM1000009fa87c0aRCRD&vgnextchannel=b93cfaf924954010Vgn VCM10000029a67c0aRCRD&vgnextfmt=default>, accessed 4 March 2008.
[30] Chulov, ‘A Win Against Terror’.
[31] CISCO, ‘Optus Charts Future with Cisco Service Oriented Network at Macquarie Park Campus’, 19 October 2006, available at <http://newsroom.cisco.com/dlls/global/asiapac/news/2006/pr_10-19.html>, accessed 4 March 2008.
[32] ‘CISCO Security Advisories’, available at <http://www.cisco.com/en/ US/products/products_security_advisories_listing.html>, accessed 4 March 2008.
[33] See the AusCERT website at <http://www.auscert.org.au/>, accessed 4 March 2008.
[34] ‘DSTO and ADI Forge New Links in Network Centric Warfare’, Defence Science and Technology Organisation, 2 September 2004, available at <http://www.dsto.defence.gov.au/news/3283/>, accessed 4 March 2008.