The government must do a lot more to protect us from increasingly hostile cyber attacks.
If you believe your business systems are secure from hackers, you are not keeping abreast of the escalating global cyber war.
The internet has become a hostile operating environment where criminals and government-sponsored hackers operate with increasing ease and anonymity.
Australia is facing numerous adversaries that are ‘weaponising’ the internet.
In June last year, Prime Minister Scott Morrison told Australians a sophisticated nation-state cyber actor was targeting Australian organisations, including government, industry, political groups, education, healthcare, essential service providers, and critical infrastructure.
He said the frequency of attacks was rising.
The Morrison government has committed $166 million annually to beef up cyber security. This is a drop in the ocean compared with the $US1.5 trillion ($1.94 trillion) in illicit gains criminals make each year from cyber crime.
The Australian government estimates cyber security incidents are costing local businesses up to $29 billion a year.
This has a massive knock-on effect on business overheads, which are passed on to consumers. It is costing each Australian household around $3,700 annually to cover the cost of business cyber crime.
Australian business cyber crime now dwarfs the $3.3 billion in annual retail theft from shoplifting and employee stealing.
A staggering one third of all businesses are experiencing some form of cyber crime each year.
It is only going to get worse, with the development of advanced artificial intelligence, quantum computing, 5G and the Internet of Things (IoT) adding billions of internet-connected devices across the world, each a potential entry target for hackers.
No business, no matter its size or technological sophistication, seems safe from cyber criminals. In December, it was revealed SolarWinds Orion software, used by many of the world’s largest organisations to monitor IT performance and optimise IT infrastructure, had been compromised for several months, potentially enabling illegal access to secure networks.
This hack was so significant the United States government ordered American companies and federal agencies to immediately disconnect or power down all compromised versions of SolarWinds Orion products.
The Australian Cyber Security Centre also issued a threat alert. It may take months or even years to determine the full extent of the damage the breach has caused.
Considering the largest organisations, with world-class cybersecurity teams, are getting hacked it is a fair bet small and medium-sized business have little chance of staying in front of the ever-growing number of vulnerabilities discovered each year in information systems.
Countries are spending vast amounts building cyber-attack capabilities aimed at crippling a rival’s economy and infrastructure. At the same time, unsophisticated criminals are gaining access to high-end hacking tools being sold on the ‘dark web’.
In 2017, Carbon Black’s Threat Analysis Unit estimated there were more than 6,300 dark web marketplaces selling ransomware, with 45,000 product listings.
Untraceable digital money like Bitcoin has been a dream come true for cyber criminals. Reliable infrastructure is essential to maintaining a dynamic economy.
Our finances, shopping, health, power grids, water, transport networks all depend in some ways on networked computers, which means our lives can rapidly be disrupted if the technology underpinning modern society is damaged by cyber attacks.
The open connection and architecture Australia relies on to maintain internet access has become its Achilles heel. Although the government is acting to strengthen cyber protection of critical infrastructure, it is a pitiful step to fix the unfixable.
Unfortunately, it will most likely require a cyber attack that causes massive damage to our economy and lives before the government starts to treat the internet as critical infrastructure that must be protected at all costs rather than an entertainment medium for the masses.
The internet is a tool that forms a critical part of our infrastructure and, just like power generation and electrical transmission systems, it requires multiple layers of protection to avoid damage from external influences.
Placing increased restrictions on what access we have to the internet will not damage our freedoms and democratic processes.
It has only been 30 years since Australia made its first connection to the internet via the University of Melbourne.
Australia was a democratic country before that, with a free press, and will still be one if access to some of the more malicious parts and places of the internet are restricted.
Continuing to disregard the dangers an unconstrained internet connection presents to our national security and economy is playing Russian roulette with our lives.
• David Kobelke spent 15 years managing CCIWA’s Australian industry participation unit