MP warns of cyber threat to Australian elections

Gai Brodtmann calls for election systems to be classified as critical infrastructure

The shadow assistant minister for cyber security, Gai Brodtmann, has called for the government to classify Australia’s election systems as a “critical infrastructure sector” under the Trusted Information Sharing Network in order to “overlay the appropriate scrutiny and assurance mechanisms to assure the Australian people of the cyber resilience of their democracy”.

The Labor MP, who earlier this month announced she would not contest the next election, cited concerns over alleged attempts to influence the US and French elections as well as the denial of service attacks on the 2016 Census.

The TISN is an initiative to boost information sharing and collaboration between critical infrastructure operators.

In June 2017 the federal parliamentary inquiry into the conduct of the 2016 federal election issued an interim report focused on the modernisation of the Australian Electoral Commission (AEC). Among its recommendations were that the government consider additional funding for the AEC to help the commission modernise IT systems.

The report said the AEC should potentially receive funding for the deployment of additional electronic certified lists at polling stations and a trial to test the scanning and electronic counting of House of Representatives ballot papers

Brodtmann, in a submission to the ongoing inquiry, said that the report made clear the need for the AEC’s IT systems and electoral processes to be modernised but that the “acquisition of new equipment and systems alone will not automatically assure the cyber security of our electoral systems.”

She called on the government to direct the AEC to comply with Australian Signals Directorate information security standards.

Since a 2013 update to the Protective Security Policy Framework, implementation of the ASD’s ‘Top 4’ mitigation strategies has been mandatory for government agencies — however, a number of major government agencies have failed to comply.

In June this year an Australian National Audit Office (ANAO) report revealed that implementation of the Top 4 remained patchy.

“While voting in Australia is paper based, our national voter registration databases are not,” Brodtmann wrote. “We must ensure Australia’s databases are protected from any kind of breach or manipulation.”

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags governmentelectionscyber securityAustralian Electoral Commission (AEC)

More about AECAustraliaAustralian Electoral CommissionAustralian National Audit OfficeHouse of RepresentativesNational Audit Office

Show Comments