Monday, 18 February 2019
by leave—Australia's democratic process is our greatest asset, our most critical piece of national infrastructure. Public confidence in the integrity of our democratic processes is an essential element of Australian sovereignty and governance. While we will vigorously argue over many issues in this place, we are all united in our parliament in our commitment to democratic principles.
Members will be aware that the Australian Cyber Security Centre recently identified a malicious intrusion into the Australian Parliament House computer network. During the course of this work, we also became aware that the networks of some political parties—Liberal, Labor and the Nationals—have also been affected. Our security agencies have detected this activity and acted decisively to confront it. They are securing these systems and protecting users. I do not propose to go into the detail of these operational matters, but our cyberexperts believe that a sophisticated state actor is responsible for this malicious activity.
Let me be clear, though: there is no evidence of any electoral interference. We have put in place a number of measures to ensure the integrity of our electoral system. I have instructed the Australian Cyber Security Centre to be ready to provide any political party or electoral body in Australia with immediate support, including making their technical experts available. They have already briefed the electoral commissions and those responsible for cybersecurity for all states and territories. They have also worked with global antivirus companies to ensure Australia's friends and allies have the capacity to detect this malicious activity.
We have acted decisively to protect our national interests. The methods used by malicious actors are constantly evolving, and this incident just reinforces yet again the importance of cybersecurity as a fundamental part of everyone's business. The Australian government will continue to take a proactive and coordinated approach to protecting Australia's sovereignty, economy and national security. That is why the government has invested in cybersecurity, including strengthening the Australian Cyber Security Centre by bringing all of the Australian government's cybersecurity capability together in one place. Our political system and our democracy remain strong and vibrant and are protected. We stand united in the protection of our values and our sovereignty. The government has chosen to be transparent about these matters. This, in itself, is an expression of faith by our government in our democratic system and our determination to defend it.
by leave—I thank the Prime Minister for his statement and the opportunity for the House to address such an important matter. The integrity of our democracy and trust in our political institutions are fundamental to our national security. I agree with the Prime Minister that, whatever the rhetorical, political or, indeed, substantial differences between government and opposition on any given day may be, whatever disagreements and disputes may consume the parliament even in the coming hours, when it comes to national security, we all have a joint obligation; we're in this together. Keeping Australians safe isn't a political slogan; it's the highest priority of every political party and every member of this place. So, obviously, the attempt at hacking the Parliament House network is a source of grave concern to us all.
Australia is not exempt or immune from the kind of malicious activity that we've seen elsewhere. Over the past few years, we've witnessed a range of attempted infiltrations and manipulations in the democratic processes of Germany, Japan, Ukraine, the United Kingdom, the United States, France and Canada. We cannot be complacent and, as this most recent activity reported by the Prime Minister indicates, we are not exempt or immune.
Now, as the Prime Minister has indicated, government institutions, such as our electoral commissions, are largely well protected, but our party political structures perhaps are more vulnerable. We've seen overseas that it's progressive parties which are more likely to be targeted by ultra-right-wing organisations. Political parties are small organisations with only a few full-time staff, yet they collect, store and use large amounts of information about voters and communities. These institutions can be a soft target, and our national approach to cybersecurity needs to pay more attention to non-government organisations. Our agencies shouldn't be just providing advice to political parties but actively assisting in their defence. I have to say today to people listening in parliament that my words are not just about political parties but also about Australia's small and medium businesses, our educational institutions and individuals.
Everything that depends on internet technology, even if it is not actively connected to the global internet at all times, is part of cyberspace. Cyberspace is a fully functioning reality. It's an ecosystem. The virtual world of cyberspace has created an ecosystem—new domains of human experience and millions in communities within it that mimic the real world. It's an ecosystem that has generated prosperity, opportunity and profound benefits to millions. It is an ecosystem, though, that has also spawned multiple threats to individuals, businesses of all sizes, critical infrastructure, national security and our democratic systems. It is an ecosystem that is growing rapidly each and every day.
In 2015, it was estimated that 25 billion devices were connected to the internet. That is eight times the number of people considered to be online. In 2020, the number of devices connected to the internet is estimated to increase to 50 billion devices. So the economy is no longer merely enabled by cyber; cyber is part of the economy, and we're all connected in that economy. Cybersecurity affects every Australian in every way, nearly every day. So we need every Australian equipped to preserve and protect our institutions, our freedoms and our values. It means improving awareness of cyber-risks and strategies to guard against them. It means that we need to train up more Australians in our universities, TAFEs, research centres and workplaces to fill national skill shortages in cybersecurity.
In closing, I have to say that I have great trust in our security agencies and their professionalism to do all that they can to protect our nation against cyberthreats. But we constantly need to ask ourselves if our settings are right. The Commonwealth National Cyber Security Adviser is dual hatted in his policy role, reporting to the Secretary of Home Affairs but also, as operational head of the Australian Cyber Security Centre, reporting to the Director-General of the Australian Signals Directorate. Some are concerned that this dual-hatting creates fragmentation and stovepiping. We need a cohesive national approach through the Cyber Security Centre as a single entity responsible for managing the cybermission in totality and reporting up through a single chain. We perhaps need to consider whether the Cyber Security Centre should be the single point of contact and accountability for all cyber-related communication, reporting, incident response, crisis communication, management, threat intelligence capability operations and policy. This centre should remain based in the Defence portfolio and continue to report to the Director-General of the Australian Signals Directorate.
The threats we face in this field are always evolving and changing, so we must continue to adapt and update our methods and defences because what we are defending—the integrity, transparency and health of our democracy—matters to every decision that we make in this place and to every Australian we serve.