[LINK] Only a "digital Pearl Harbour" can save us

Bernard Robertson-Dunn brd at iimetro.com.au
Thu Jul 9 09:00:39 AEST 2009

Am I reading this correctly?

Neil Gaughan seems to be suggesting that a "catastrophic attack" is 
needed to achieve a change in mindset that will then allow us to protect 
ourselves from a "catastrophic attack".

I suspect that he is right and it's an example of policy makers only 
responding to large existing symptoms, not potential causes that might 
eventually become major problems.

Predictions are not evidence. It's only events that are evidence.

Only a "digital Pearl Harbour" can save us
By Ry Crozier
Jul 8, 2009 3:59 PM

A tidal shift is needed on co-operation.

The Australian Federal Police believe that only a "catastrophic attack" 
by hackers on the national information infrastructure or a Big-Four bank 
brought to the brink of collapse will catalyse cross-border cybercrime 

The national manager of the Australian Federal Police high tech crime 
centre, Neil Gaughan, told an e-security panel in Sydney today in Sydney 
that the borderlessness of electronic crime was a problem for law 

And he said local agencies had only slight involvement in cybercrime cases.

"As the internet evolved, unfortunately the legislation hasn't kept pace 
with that rate of change," Gaughan told delegates to the event organised 
by internet security company F-Secure.

"The current way law enforcement agencies deal with each other 
internationally is a ‘who knows who in the zoo' approach of having 
personal contacts overseas.

"To get information from an overseas agency, we have to go through a 
process called a mutual assistance request, which is slow, cumbersome 
and to be blunt doesn't service our needs in the current environment."

He said the Federal Attorney-General's department was working with 
unnamed governments overseas to alter the treaty regime "to enable [AFP] 
to obtain the information we need in real-time".

But he admitted it was impossible to achieve a treaty that spanned the 

"It's an issue for all governments but it's going to take a rather 
catastrophic event before resourcing is put that way," Gaughan said.

"We need a tsunami of internet activity before we'll see a change in 
mindset. Until the community feels impacted, there's not going to be an 
expectation that the Government needs to respond to [the threat]."

The panel, led by e-security commentator Patrick Gray, likened the 
activity that was needed to jolt governments and the public into action 
to a cyber-September 11 or "digital Pearl Harbour".

Gaughan said law enforcement activity had to be supplemented by 
education and taking down malicious sites.

F-Secure chief research officer Mikko Hypponen said security was a 
"complicated area".

"It's fast-moving, the enemy isn't stupid and that means it's hard to 
protect yourself as an end-user," Hypponen said.

Patrick Gray is a member of the SC Magazine Australia advisory panel and 
was a judge at last year's SC Awards presented by AusCERT.


Bernard Robertson-Dunn
Canberra Australia
brd at iimetro.com.au

More information about the Link mailing list