AUSTRALIA is facing an unprecedented cyber security crisis with new attacks from global hackers growing at a much faster rate than the federal government can respond.
A report to be released later this month paints a damning and frightening picture of a complacent nation that has not grasped the scale of the threat posed by cyber hackers to national security, the economy and personal privacy.
More than a million computers in Australia each year are said to be infected by viruses that can be used to bring down a website or network.
The Defence Department records more than 200 electronic attacks on its networks each month.
Hackers range from cyber spies working for foreign governments such as China to locally based criminal opportunists.
The comprehensive report, by respected strategic think tank The Kokoda Foundation and obtained exclusively by The Australian, warns that cyber security has become the "fundamental weakness" in Australia's national security and the threat is poorly understood by both politicians and the public.
The report, written by strategic consultant Gary Waters and former RAAF deputy chief John Blackburn, finds that Australia has reached
"a tipping point where the current trajectory of cyber responses is being rapidly outpaced by the evolving threat. A large part of the Australian population does not comprehend the scale of the growing cyber threat, nor the potential impact of that threat on personal and national wellbeing,"
says the report, which is based on extensive interviews with cyber security experts in government and industry.
"That lack of understanding, and therefore commitment to addressing that threat, is a fundamental weakness in the individual and collective security of Australians."
It warns that the threat could endanger critical infrastructure such as electricity grids, water storage and distribution, aviation and maritime transport and telecommunications networks.
The findings of The Kokoda Foundation report support disclosures in confidential US cables released by WikiLeaks showing that Australia's intelligence agencies privately admitted in 2008 that they were struggling to comprehend the scale of the cyber threat.
A US cable in November 2008 reported private comments made to US officials about cyber security by the then director of Canberra's Defence Intelligence Organisation, Major General Maurie McNarn.
General McNarn noted the "intelligence community was hard pressed to understand the full extent of the threat, let alone serve in a position to lead the co-ordination of any interagency mitigation efforts", the cable says.
McNarn said the Defence Signals Directorate had 'the lead' for Australia in tackling the issue but was more focused on traditional intelligence collection/counter-intelligence themes, and that Australian intelligence would need to stay engaged with its US counterparts to share lessons learned in the cyber arena."
The Kokoda Foundation study, "Optimising Australia's response to the cyber challenge" — says Australia has the fifth-highest level of malware infections in the world.
"There is a growing threat from state and non-state actors who compromise, steal, change or destroy information and information systems upon which societies depend," it says.
The government has stepped up efforts to combat cyber threats with the opening in January of the Cyber Security Operations Centre in DSD, staffed with about 100 people from four federal agencies.
In September, Attorney-General Robert McClelland said it was
"very difficult to identify the source of attacks; often they can be routed through other countries or other players. State actors, non-state actors, private hackers or terrorist organisations, these are all risks."
The Kokoda Foundation report says not enough is being done and the country still lacks a "whole-of-nation, government-led integrated long-term National Cyber Strategy and Plan".
It calls for the National Security Adviser to be appointed as the lead co-ordinator on cyber security issues across government, and for mandatory security measures such as firewalls and anti-virus software as conditions of purchase and sale of computer systems.
Mr Waters told The Australian an estimated one million computers in this country, or 20,000 a week, were being compromised by viruses, partly because people were not doing "basic housekeeping" to protect their computers from attacks.
"This is a problem which is sneaking up underneath us, just as terrorism did a few years ago," he said.