30 DEFENCE BUSINESS MILCIS
DECEMBER 2022-JANUARY 2023 | WWW.AUSTRALIANDEFENCE.COM.AU
  WARFARE IN THE CYBER ENVIRONMENT
In a week when Russian hackers began releasing data on Medibank customers on the dark web, industry and Defence representatives gathered in Canberra for the Military Communications and Information Systems (MilCIS) conference.
  MAX BLENKIN | CANBERRA
UNSURPRISINGLY, the discussion of the cyber threat and cy- ber security featured prominently at MilCIS, held at the National Convention Centre on 15-17 November.
Opening the event, Assistant Defence Minister Matt Thistlethwaite said we all had to face the fact that cyber had well and truly become a weaponised domain.
“The days are long gone where we thought about cyber security as something that goes on at Defence bases. We’re talking about any potential entry point, whether directly under Defence control or not,” he said.
The Minister said attacks on Defence capabilities could originate anywhere and the list of ways an adversary might seek to infiltrate, disrupt and deny Defence systems was limited only
RIGHT: The
2022 Military Communications and Information Systems Conference (MilCIS) was held at National Convention Centre in Canberra in November
Cyber-attacks were widespread but featured common tactics such as denial of service, spear phishing and ex- ploits on public websites. There was no evidence of use of worm malware which can self-spread to other systems.
“A lack of basic cyber hygiene in a lot of these environ- ments was actually the thing that enabled the Russian to gain access,” he said.
Ninety-eight per cent of initial intrusions could have been stopped with basic cyber hygiene. As well as government sys- tems, the Russians targeted media, IT and energy compa- nies. Notably, think tanks and academics were also targeted.
WIDESPREAD ATTACKS
It wasn’t just Ukraine. Poland and the Baltic states were also hit by cyber-attacks.
Significantly, the least affected was Estonia, primarily because its government systems are primarily cloud-based. Ukraine started the conflict with a policy of having no gov- ernment departments in the cloud. Now 18 government departments have been relocated to the cloud.
Once Blackberry phones were omnipresent in the defence and government sectors, delivering secure communications.
     “NINETY-EIGHT PER CENT OF INITIAL INTRUSIONS COULD HAVE BEEN STOPPED WITH BASIC CYBER HYGIENE”
by their imagination.
“Defence faces millions of cyber-
attacks every single day. Attacks probe every network and every ca- pability. When we look out, we see State and non-state actors moving quickly to leverage new technolo- gies,” he said.
  “The malicious cyber activity targeting Australia is persistent, and the scale and sophistication of cyber threats is con- tinuing to grow. It clearly reflects the evolving strategic
competition across the globe.”
CYBER IN THE MODERN BATTLESPACE
So, what does a cyber battleground look like? Russia pre- ceded its assault on Ukraine with a cyber-attack on Ukrai- nian government and media systems, with some success.
Microsoft Australia and New Zealand national security officer Mark Anderson said Ukraine featured cyber and kinetic activity used together.
The conflict also featured technology companies includ- ing Microsoft in a public-private partnership in the con- flict grey zone.
“The first shots were fired in cyberspace and many of those well and truly in advance of the tanks rolling over the border,” Anderson said.