ASPI celebrates its 20th anniversary this year. This series looks at ASPI’s work since its creation in August 2001.
The cyberworld is a place of falsehood and fights, but also of ideas and identity and extraordinary masses of information.
When Fergus Hanson took over from Tobias Feakin as the second head of ICPC, he studied Australia’s offensive cyber capability—an ‘attack’ ability publicly confirmed by the prime minister in 2016.
Hanson and Tom Uren wrote that the government had been ‘remarkably transparent’ in declaring the capability would be used to ‘respond to serious cyberattacks, to support military operations, and to counter offshore cybercriminals’.
In November 2016, the government said that the capability was being used to target Islamic State. In June 2017, Australia became the first country to openly admit that its offensive cyber capabilities would be directed at ‘organised offshore cyber criminals’. In the same month, the formation of an Information Warfare Division within the Australian Defence Force was revealed.
Hanson and Uren quoted an Australian government definition of offensive cyber operations as ‘activities in cyberspace that manipulate, deny, disrupt, degrade or destroy targeted computers, information systems, or networks’.
Any offensive cyber operation in support of the ADF would be governed by military rules of engagement, Hanson and Uren wrote:
The full integration of Australia’s military offensive cyber capability with ADF operations sets Australia’s capability apart from that of many other countries. Only a very limited number of states have this organisational arrangement, which provides a distinct battlefield edge that with modest additional investment would give Australia an asymmetric advantage in a range of contexts.