Ex-ASIO chief warns on energy cyber attacks

David Irvine warns of energy sector vulnerability to cyber attacks
Former ASIO chief David Irvine warns of energy sector vulnerability to cyber attacks

A former ASIO chief is among energy experts who have warned Australia’s energy infrastructure was growing vulnerable to cyber attacks, according to a report in Innovation Aus.

ASIO’s former director general, current chair of the Foreign Investment Review Board and non-executive director of the Cyber Security Cooperative Research Centre David Irvine said energy was one of a number of Australian sectors insufficient in cyber resilience, with many organisations are not “caring enough” about cyber attacks.

Related article: RDDoS attacks up 341 per cent, major services at risk

Mr Irvine told an Australia Israel Chamber of Commerce Business lunch that progress was being made but not quickly enough, leaving Australia vulnerable to sophisticated cyber attacks.

“Nation states are busily working on what we call hybrid warfare; the ability, without actually shooting people, to bring opposing states to their knees,” Mr Irvine said.

Russia was at the helm of hybrid warfare against several countries in Europe, and the tactic now posed a serious threat to Australia, he continued.

“This is now a threat that is on our horizon, and we really need to work hard because, as I keep saying, the wars of the 21st century are going to be fought in cyberspace before a kinetic shot is fired.”

“As a nation, we have to have responses. And we have been, as a nation, very slow to come to the understanding of those needs for responses.”

Related article: Cyber threats are stemming oil and gas industry growth

Mr Irvine said while boards now understood the threat of cyber-attacks, most were still “grappling” with how to handle an attack if it were to occur. Governments, too, he said, had improved their cyber posture but needed to do more.

He said the Department of Home Affairs’ Critical Infrastructure Centre had asked the Foreign Investment Review Board to “do its bit” to improve national cyber resilience in the energy sector.

“Until we enhance our national security resilience in all segments of the energy sector, from supply through to end user, we’re going to be vulnerable to the sorts of attacks that we’ve seen,” Mr Irvine reiterated.