[LINK] Australian Cyber Security Operations Centre
Tom Worthington
tom.worthington at tomw.net.au
Mon Jan 18 12:09:43 AEDT 2010
Tom Koltai wrote:
>> ... Tom Worthington Sent: Friday, 15 January 2010 2:56 PM The
>> Australian Defence Department officially opened its Cyber Security
>> Operations Centre (CSOC) ... in Canberra ...
>
> Tom, I think there are two distinct roles for "Cert" organisations in
> Australia. Commercial activity and Anti-Cyber-Terrorism activity. ...
As I told the Channel 10 news, there is no clear distinction between
civil and military with network security. The first line of defence
against online attacks are not the military, but civilians. Most of the
critical infrastructure to be protected is run by private sector
companies and staffed by civilians. It is these people who are in the
best position to detect an attack and provide the initial defence.
> With the next level of hostile incursions doubtless being mounted via
> the Net, I don't see how the Government could do aught but set up their
> own system.
The Government do need their on system, but this should be as a adjunct
to the private civilian systems, which will be the primary line of
defence. We can't rely on the government to protect us from cyber
attack: they do not have the resources nor skills required.
> I consider that in the future, Cybersecurity will become as important
> from a national security standpoint as the armed forces and
> anti-terrorist law enforcement groups.
Yes, cyber security will be important, but like anti-terrorism, it is
mostly a civilian non-government activity. Terrorists are detected and
defeated mostly by ordinary civilians noticing unusual events, not by
anti-terrorist paramilitary police in black balaclavas.
There is a popular perception that detection of a military attack comes
from someone sitting at a radar screen in a military command centre. In
fact the screen which is always on at such centres and most likely to
detect an attack is the 24 hour news channel.
The Australian Government helped fuel the perception of an all seeing
military surveillance of cyberspace with the launch of the Cyber
Security Operations Centre (CSOC). The TV reporting of the launch shows
a large room set up as an operations centre, with a big screen and rows
of operators at consoles. This is clearly not the real DSD CSOC and was
set up just for the TV news crews to film as a PR exercise. It may be
useful for government PR purposes, but I doubt that creating this false
impression makes Australia more secure.
> I don't consider that Auscert is qualified to act in a co-ordinated
> military fashion to prevent attacks ...
As the recent RAND report "Cyberdeterrence and Cyberwar" (Martin C.
Libicki) points out there is no feasible military defence for an online
attack:
<http://www.tomw.net.au/blog/2009/10/cyberdeterrence-and-cyberwar.html>.
The best defence is ordinary computer security. Conventional military
force is not much use to deter a cyber attack.
> Counter Cyber Insurgency must be a Government controlled and funded
> exercise.
Counter insurgency involves political as well as military considerations
and can include civilian and police measures. In any case it seems
unlikely that Australia has a cyber-insurgency problem. I don't think we
have an organised group of cyber-activists in Australia seeing to
undermine the political authority of the government, apart perhaps from
the Minister for Communications. ;-)
> But there are people in Australia that the Government should hire,
> rather than attempt to manage this task on it's own. ...
The Government should help fund and coordinate civil efforts of cyber
defence. It should fund and take part in exercises so that those
involved in companies, universities, government and military, know what
to do when their is a problem and know who they can communicate with.
> Now as long as the GovCert chaps have real interdiction talent, Oz will
> be fine. ...
Yes, they government and military have some good people (I used to be
one of them and now help train others), but they need to keep in mind
that they are only a small fraction of the resources available and their
main role is to help coordinate the civil defence.
--
Tom Worthington FACS HLM, TomW Communications Pty Ltd. t: 0419496150
PO Box 13, Belconnen ACT 2617, Australia http://www.tomw.net.au
Adjunct Lecturer, The Australian National University t: 02 61255694
Computer Science http://cs.anu.edu.au/people.php?StaffID=140274
More information about the Link
mailing list