Scott Morrison sends China a signal on cyber-attack – but then fear turns into farce

The PM’s reluctance to be drawn on details is understandable but the curious way he presented the threat invited questions

It was a moment of farce just hours after a sombre-sounding Australian prime minister delivered the grim news that a wide range of the nation’s public and private sector organisations “are currently being targeted by a sophisticated state-based cyber actor”.

What, journalists wanted to know, did Scott Morrison mean by “currently” experiencing these attacks?

“I mean currently,” Morrison replied curtly.

Pressed on the fact there were headlines reflecting the interpretation Australia was under cyber-attack right now, Morrison observed that the government “doesn’t write the headlines” – which technically is correct, even though it was his announcement in Parliament House’s “Blue Room” on Friday that sparked those very headlines.

Reporters who gathered at the site of the Snowy 2.0 project later that morning for Morrison’s originally scheduled press conference persisted; they informed the high-vis-vest-wearing PM they were only seeking clarification because there had been a lot of anxiety generated since the announcement.

Almost too perfectly, the prime minister’s official transcript recorded his response to that final question as “[Inaudible]”, given the noisy earthmoving equipment operating in the background to the presser. (For the record, he said he thought he had been “very clear” in his earlier statements.)

In one sense, Morrison’s reluctance to be drawn on the details is understandable, given the sensitivities involved. But the curious way in which this latest national security threat was presented to the public invited a raft of follow-up questions, in that the prime minister noted simultaneously that the frequency of the malicious activity had been increasing “over many months” and was a cause for extra vigilance, but that he wouldn’t use the word unprecedented. While it was deemed important enough to spark an early-morning press conference, it was “not a surprise” that such threats were present in the current world.

We weren’t to be told when these particular intrusions began and when Morrison was first briefed.

If nothing else, Morrison’s decision to go public helped shine attention on newly issued advice from the Australian Cyber Security Centre about the routine housekeeping that businesses and organisations across the country should be doing to reduce the risk of a security breach.

The centre noted that because all of the exploits used by the attacker had patches or mitigations already available, it was a reminder to organisations to ensure their systems were kept up to date with any fixes promptly installed. And it reaffirmed the essential advice that multi-factor authentication should be switched on across all remote-access services. As my colleague Josh Taylor notes, this is basic cyber hygiene.

The wake-up call is timely: while government and military systems are already likely to have tight defences, Australian security agencies are well aware of potential weak points in businesses, academia and other organisations that hold troves of information that could be valuable to a hostile intelligence service.

But some observers well-versed in security matters think there is something else going on here, and that the truly intended audience was overseas. Note how Morrison indicated the “malicious” intrusions were carried out “by a state-based actor with very, very significant capabilities” and “there are not a large number of state-based actors that can engage in this type of activity”.

Peter Jennings, head of the Australian Strategic Policy Institute and a former senior defence official, says he believes the government is raising the matter publicly without openly naming the chief suspect - China – in an attempt to send a signal to Beijing to moderate its behaviour after recent diplomatic tensions.

“I think what’s going on here is we’re attempting to apply a little bit of pressure back to China after they have been pressuring us. But there is also a point in the Morrison approach which says to China, ‘Look, we won’t name you.’ Maybe the view is ‘if you started playing a little nicer with us, we won’t do that’.”

For what it’s worth, Jennings thinks this particular attempt to influence China has “almost zero” chance of succeeding. But his view about the government’s thinking is backed up by former Office of National Intelligence analyst Ben Scott. Writing for the Lowy Institute’s Interpreter, Scott notes that Australia – like many countries – is wrestling with how to manage growing cyberspace-based rivalry and looking for a way to “deter adversaries without provoking them”.

This accords with some of Morrison’s final words in the Blue Room. He didn’t want to concern Australians, he insisted, but to reassure them that agencies understood what was happening and would keep plugging away. “We know it’s going on. We’re on it.”

In other words, the message for domestic consumption is: keep calm and carry on (and, by the way, no more questions).

Contributor

Daniel Hurst

The GuardianTramp

Related Content

Article image
Australian cyber attack not ‘sophisticated’ – just a wake-up call for businesses, experts say
The ‘state-based cyber actor’ Morrison announced as having targeted Australia is exploiting well-known vulnerabilities, they say

Josh Taylor

19, Jun, 2020 @5:26 AM

Article image
Scott Morrison 'blew up' bipartisan compromise on encryption, says Labor
Government and opposition locked in battle over laws to allow security and intelligence agencies access to encrypted telecommunications

Amy Remeikis

02, Dec, 2018 @1:27 AM

Article image
Cyber-attack Australia: sophisticated attacks from ‘state-based actor’, PM says
Security experts say China, Russia and North Korea are the only countries that fit Australian prime minister Scott Morrison’s description of culprit

Daniel Hurst in Canberra

19, Jun, 2020 @2:34 AM

Article image
Scott Morrison ramps up border protection rhetoric with attack on Labor
PM to claim Bill Shorten wants to wind back policies to deter asylum boats in National Press Club speech

Amy Remeikis and Katharine Murphy

10, Feb, 2019 @5:00 PM

Article image
Australia’s essential services could be forced to report when they are under cyber-attack
Morrison government hopes to push through laws allowing Australian Signals Directorate to provide direct assistance to industry as a ‘last resort’

Daniel Hurst

19, Oct, 2021 @4:30 PM

Article image
Scott Morrison promises review panel for asylum medical transfers
Coalition faces potential defeat in parliament over Kerryn Phelps bill to give doctors more power to approve transfers

Helen Davidson

03, Feb, 2019 @10:07 PM

Article image
Scott Morrison defends plan to collect travellers' biometric data
Immigration minister says retaining sensitive personal information is ‘common standard’ in answer to privacy concerns

Paul Farrell

16, Oct, 2014 @8:03 AM

Article image
If Scott Morrison is framing the election around fear, national security may not be the slam dunk he's banking on | Peter Lewis
For conservative governments on the skids, defence is usually the best form of attack. But Australians are hardly gunning for a showdown with China

Peter Lewis

28, Sep, 2021 @1:11 AM

Article image
Scott Morrison deflects questions about raid on News Corp journalist
It ‘never troubles me that our laws are being upheld’, PM says in London

Amy Remeikis

05, Jun, 2019 @1:37 AM

Article image
Bourke Street attack: Morrison accused of 'scapegoating' Muslim community
Terrorism experts admonish PM for ‘racist and simplistic’ claim that community leaders need to be more proactive in combating terrorism

Melissa Davey

12, Nov, 2018 @5:49 AM