Cyber Security Operations Centre operational but details lacking

Australia's Cyber Security Operations Centre (CSOC), announced earlier this year as part of the first Defence White Paper in a decade, has already reached some operational capability.

An acute lack of information on the offensive capabilities being developed by the CSOC, however, and little clarity around its governance or oversight mechanisms, has sparked calls from academics and information security analysts for greater public debate and disclosure.

The CSOC is located within the Defence Signals Directorate (DSD), staffed by Defence force and Defence Science and Technology Organisation (DSTO) personnel to coordinate responses to cyber threats.

At the time of its announcement the then Minister for Defence, Joel Fitzgibbon, described the move as a "major new investment".

Fitzgibbon cited a Defence White Paper, which was released in May 2009.

“While this capability will reside within Defence and be available to provide cyber warfare support to ADF [Australian Defence Forces] operations, it will be purpose-designed to serve broader national security goals. This includes assisting responses to cyber incidents across government and critical private sector systems and infrastructure," the white paper reads.

It points to increased funding (without specifying amounts) and a greater focus on developing cyber warfare capabilities. To date, little has emerged on the kind of offensive capabilities created or the legal mechanisms in place or under consideration to ensure proper oversight. Yet several high profile cyber security events have taken place.

In early November, for example, the Australian Security Intelligence Organisation (ASIO) confirmed that Internet-based attacks have been used by hostile intelligence services to gain confidential Australian Government and business information. Earlier in July, a botnet comprised of about 50,000 infected computers waged a war against US government Web sites and caused headaches for businesses in the US and South Korea.

More recently, the US has debated whether laws addressing cyber crime are adequate to address growing attacks on the government and businesses, and a much-publicised report by security vendor, McAfee raised the question of whether governments are using botnets.

Despite what is acknowledged as a very real threat by information security experts to the country and the use of tax payer funds to create the CSOC, however, Defence remains tight-lipped, refusing to provide any information except to say the new centre will be officially launched in early 2010.

Gartner research director specialising in information security practices, Andrew Walls, said this approach is likely to create mistrust among the ultimate stakeholders in the CSOC, the public, and means the success of future risk messages may become diluted.

"What we are seeing happen across multiple jurisdictions and multiple governments is a growth in cynicism of the general population and constituents who are saying 'you talk to us about security all the time and all we see is hassle and alarmist advertising campaigns and we don’t see anything really happening — we don't see the damage, we don't see what you are talking about'," he said.

• Bookmark this page
• Share this article
  •  
  • facebook
  • slashdot
  • digg
  • Reddit
  • stumbleupon
  • linkedin
  • twitter
• Got more on this story? Email Computerworld
• Follow Computerworld on twitter

• Share
  Share this article

  •  google+
  • facebookfacebook
  • slashdotslashdot
  • diggdigg
  • RedditReddit
  • stumbleuponstumbleupon
  • linkedinlinkedin
  • twittertwitter
• print
• email
• Bookmark