Steve Georganas (Hindmarsh, Australian Labor Party) Share this | Link to this | Hansard source

asked the Minister for Law Enforcement and Cyber Security, in writing, on 01 March 2018:

To ask the Minister for Law Enforcement and Cybersecurity—

1. What steps has the Government taken to ensure the integrity of the next federal election.

2. What engagement has the Government or responsible agency undertaken with

(a) state governments to ensure the integrity of state elections, and

(b) the major political parties to ensure elector database integrity.

3. How many targeted cyberattacks have attempted to breach the Australian electoral systems.

4. Have any cybersecurity attacks on the Australian electoral systems been successful.

5. What steps has the Government taken to ensure that social media feeds are not manipulated by a foreign power.

6. How many times has the Australian Parliament House parliamentary network successfully been attacked, what were the dates of the attacks, what information was stolen, and what steps did the Government take to notify those impacted.

Angus Taylor (Hume, Liberal Party, Minister for Law Enforcement and Cybersecurity) Share this | Link to this | Hansard source

The answer to the honourable member's question is:

1. What steps has the Government taken to ensure the integrity of the next federal election.

The Australian Government is pursuing a range of initiatives to ensure the integrity of Australian elections is maintained, raise awareness of electoral security, and develop strategies to protect and maintain public confidence in our democratic process.

The Australian Cyber Security Centre (ACSC) and National Cyber Security Adviser have delivered a series of briefings to relevant stakeholders to ensure political parties, governments and electoral commissions have a clear understanding of cyber threats to the electoral process. In February 2017, the ACSC provided a classified briefing to political party leaders on the cyber threat to the electoral process.

Following this classified briefing, the National Cyber Security Adviser commenced a series of cyber security briefings to state and territory Cabinet members, parliamentarians, senior public servants and electoral bodies to assist them to better understand cyber security risks and take steps to mitigate vulnerabilities. The ACSC also delivered briefings to Tasmanian and South Australian electoral commissions ahead of their respective elections.

The Government has created a new National Counter Foreign Interference Coordinator to lead the development and implementation of a Whole-of-Government strategy that will bring together key policy, operational and social cohesion levers to respond to foreign interference. The National Counter Foreign Interference Coordinator will be a focal point for engagement with diaspora communities and sectors vulnerable to foreign interference.

Finally, the Australian Government has also made legislative amendments to improve the integrity of the electoral process.

The Electoral and Other Legislation Amendments Act 2017, which came into force on 14 March 2018, and the Electoral Legislation Amendment (Electoral Funding and Disclosure Reform) Bill 2017 improve transparency and accountability around seeking to influence voters.

The National Security Legislation Amendment (Espionage and Foreign Interference) Bill 2017 will modernise and strengthen a number of existing criminal offences and will introduce a range of foreign interference offences. The Foreign Influence Transparency Scheme Bill 2017 was also introduced to establish a foreign influence transparency scheme to provide visibility of the nature and extent of foreign influence over Australia's political and governmental processes.

2. What engagement has the Government or responsible agency undertaken with:

(a) state governments to ensure the integrity of state elections, and

The Department of Home Affairs, in partnership with the ACSC, is working on a COAG commitment to deliver cyber security health checks to all state, territory and federal electoral commissions. This health check will provide a high level review of both governance and technical cyber security health, enabling electoral commissions, governments and risk holders to better understand the maturity of their cyber security risk management processes and provide a baseline for improvement into the future.

In the lead up to both the Tasmanian and South Australian elections, the ACSC also provided individual briefings to each commission on the importance of cyber security and the help available to them in the event of an incident.

(b) the major political parties to ensure elector database integrity.

The Commonwealth Electoral Act 1918 (Electoral Act) provides for registered political parties, Members of Parliament (MP) and Senators to receive a copy of electoral roll data on a monthly basis. Before receiving this data, Party Secretaries, MPs and Senators must acknowledge that this data will only be used in accordance with the Electoral Act and securely destroyed before the new month of data is provided.

3. How many targeted cyberattacks have attempted to breach the Australian electoral systems?

The Government is not aware of any attempted cyber attacks on the Australian electoral system.

4. Have any cybersecurity attacks on the Australian electoral systems been successful.

The Government is not aware of any attempted cyber attacks on the Australian electoral system.

5. What steps has the Government taken to ensure that social media feeds are not manipulated by a foreign power.

In addition to the actions that were provided in Q1.

The Government has undertaken a range of activities to help build Australia's digital resilience, be more aware of the gamut of cyber risks and better prepare citizens to critically examine digital content.

These reforms are aimed at ensuring Australians have access to relevant and accurate reporting and a vibrant and sustainable media sector.

In conjunction with the eSafety Commissioner, the National Cyber Security Adviser is also working to raise awareness of cyber threats to electoral processes with major social media companies including Facebook, Twitter and Google.

6. How many times has the Australian Parliament House parliamentary network successfully been attacked, what were the dates of the attacks, what information was stolen, and what steps did the Government take to notify those impacted?

In April 2016, the Prime Minister announced the Department of Parliamentary Services (DPS) suffered a significant cyber intrusion. At the time the ACSC worked with DPS to understand and fix the vulnerabilities, as well as providing mitigation advice for any potential future incidents. Further classified information on this matter is not able to be provided in an unclassified forum.