In light of the current conflict in Ukraine, there’s an urgent need for Australian businesses to update their security systems against potential reprisals, according to a military expert.
Speaking on a recent special episode of REB’s Secrets of the Top 100 Agents, REB executive editor Phil Tarrant and Major General (Ret’d) Marcus Thompson, former head of the Department of Defence’s Information Warfare Division, were highlighting how Australia is participating in sanctions aimed at blocking or combating Russia’s aggression in Ukraine.
Rather than taking the view that Australia would largely be shielded against retaliation by Russia for taking such a stance due to our far-off location, MAJGEN Thompson has flagged not only Russia’s extensive capabilities but also “their willingness to use it”.
It’s a stance with which Australian Prime Minister Scott Morrison agrees – having taken time out from a press conference recently “to warn the nation of the potential for cyber attacks as a reprisal against Australia for those sanctions”.
“The point I make,” MAJGEN Thompson continued, “is that should not surprise anyone. The Russians are masters of information warfare, and there’s been so much written and talked about in the open source and books, and articles and magazines, and whatnot, just about the Russian approach to information warfare – which of course includes cyber.”
“The Russians have been masters in information warfare for decades, and all of that psychological operations, information operations, deception operations, what most people would think of today as disinformation or fake news, the Russian’s been doing this for aeons,” he said.
Highlighting that while there’s nothing new here, “what is relatively new is the ability to conduct [these] activities in and through cyber space – and therefore the speed and scale at which those activities can be conducted”.
“The point here about the Russian playbook being well known, is that they’ve been telegraphing it now for 15 years,” the retired Major General continued.
Looking back at Estonia in 2007, MAJGEN Thompson recounted how the state was subjected to “crippling denial of service, distributed denial of service attacks, DDoS attacks that targeted their parliament, government ministries, banks, and some other civilian targets”.
Then, in 2008, in a 12-day conflict with Georgia, “information warfare techniques [were] used extensively”.
It’s a similar story to what’s happening now, where the military expert highlighted “lots of reports of cyber attacks being directed against Ukrainian government targets, banks, other civilian targets”.
In Australia, this is considered “critical infrastructure”.
Reiterating just how well-known that playbook is, MAJGEN Thompson said that not only have they got the capability, they’ve “repeatedly demonstrated their willingness to use it”.
“And of course, cyber space is a domain that knows no geographic boundary. And so it would be naive of us to sit back and think, ‘Oh, well, that’s all happening in Ukraine’.”
“There might not be cyber attacks directed against Australian businesses and Australian interests, because it’s just another IP address, right? It doesn’t matter, geography is less important,” he said.
Iterating that Australian businesses – especially those in critical infrastructure – should be thinking about this, MAJGEN Thompson warned, noting that “the time to be preparing for any reprisals is before the reprisal, right?”
“Not during any subsequent attack or incident,” he said.
So, what should Australian businesses be doing to brace themselves?
According to MAJGEN Thompson, to start, “be thinking about your cyber security now”.
He urged business leaders to reflect on a number of questions:
1. “What might be necessary to prevent, minimise, or respond to any incident directed your way?”
“At the end of the day, the time for preparation is before, not during an attack or an incident. Patching systems, patch, patch, patch, patch some more so that your hardware and your software has the latest updates, and therefore the most recent security measures applied. And close that gap on any vulnerabilities that could be exploited by a threat actor,” he advised.
2. “Where might you be vulnerable?”
He also recommends thinking about “where you might be vulnerable, including into your supply chain – with everything just so globally connected right now.”
3. What’s your plan for a crisis?
“When was the last time you had a look at your business continuity plan and your incident management or crisis management procedures? Is there a crisis management team ready to go?” the Major General queried.
He urged business leaders to ensure decision-making authorities, delegations, and reporting requirements are understood by everyone – including into your supply chain and third-party providers.
4. How’s your culture?
MAJGEN Thompson has also advised business leaders to ask questions about their workplace culture.
Questions like: “Is our security culture internally, is our workforce sufficiently aware that they are on the lookout for suspicious activity?”
“That’s looking for that phishing email, don’t click on that link to give an attacker easy access into your systems,” he said.
Culture might also spread into social media, with MAGJEN Thomspon highlighting how information being released to the internet “can be gained by anyone with an internet connection”.
“What are people releasing into social media that a professional threat actor with a targeting mindset [might use]?”
He explained how a professional threat actor with a targeting mindset could take all of that information, turn it around and “use it to come back at us”.
“How vulnerable are we? What are we posting? And what is our organisational social media policy?
“Are we happy that someone is presenting on Twitter or Instagram or Facebook as being an employee of ours, and then talking about where they work? What they’re doing at work, what’s happening inside the walls of the business. Are we happy about all of that?” he advised.
Align with the latest information
In addition to asking the above questions, the Major General noted the importance of businesses staying close to the Australian Cyber Security Centre – “whether there was a crisis in eastern Europe today or not”.
Urging businesses to “follow them, subscribe to their threat updates, sign up as a partner”, the military expert cautioned that “it doesn’t really matter who the threat is, [the] threat is the threat is the threat”.
“It’s not every day that our Prime Minister goes on national television to warn the nation of the possible threat of cyber attacks,” he conceded.
Listen to the full conversation here.
ABOUT THE AUTHOR
Grace Ormsby
Grace is a journalist across Momentum property and investment brands. Grace joined Momentum Media in 2018, bringing with her a Bachelor of Laws and a Bachelor of Communication (Journalism) from the University of Newcastle. She’s passionate about delivering easy to digest information and content relevant to her key audiences and stakeholders.