Major General Stephen Day, deputy director for Cyber and Information Security at the Australian Signals Directorate (formerly DSD), will be the first coordinator of the Government’s new Australian Cyber Security Centre (ACSC).
Speaking at a Cyber Security Summit in Canberra, Day said details were still being discussed and ASD would continue with its central role.
“ASD will provide the majority of the new centre’s staff and about 73 percent of the centre’s capability,” he said.
Day conceded there was still confusion in industry and parts of government about whom in government was responsible for what in cyber security.
“My intention is that the ACSC will become a one-stop shop for cyber security. Behind the shop front, we are going to have to work out who is best positioned to deal with the issue at hand,” he said.
He also confirmed there was no new funding for the centre.
“In the current budgetary environment flat is up. Cyber is doing well on that basis,” Day added.
ASD defends lawfulness of its intelligence work
Day also commented on the recent intelligence collection operations of the US National Security Agency and the leaked PRISM operation.
“All intelligence activities carried out by ASD are conducted in strict accordance with Australian law,” he said.
“We have a very strong legal framework to protect Australians. Under the Intelligence Services Act, our organisation (DSD now ASD) is required by law to obtain specific authorisation from the Minister of Defence or the Minister of Foreign Affairs to produce intelligence on Australians.”
Where it related to threats to security the Attorney-General was also required to support that authorisation.
He said all ASD activities were examined by the Inspector-General of Intelligence and Security, an independent body that worked for the Prime Minister to ensure they were in accordance with the law and the Act.
“Any information obtained by us from the US is subject to exactly the same protections.”
Cyber attacks on the rise
Day also gave a rare glimpse into statistics from the current Cyber Security Operations Centre (CSOC) over the last three years.
It recorded 1289 attacks in 2011, 1790 in 2012 and in the first five months of 2013 some 789 incidents.
Of these, CSOC investigated 311 in 2011, 685 in 2012 and 398 up to May 2013.
Of the most recent investigations, Day classified 80 percent as state-sponsored, 14 percent as cybercrime and 6 percent attributed to individuals or “hacktivists”.
The five major targeted organisations for cyber attacks were (in no particular order) those involved with:
- Mining & Resources
- Banking & Finance
- Telecommunication
- Technology ; and
- Defence industry
Day argued prevention and hardening of systems was a proven measure against malware attacks.
He revealed a recent experiment with some 1200 virtual machines showed ASD’s catch-patch-match campaign was 100 percent effective in countering recent malware attacks.
Day also announced the release of new guidelines to assist companies and agencies manage risk with portable devices (including BYOD policies).
