In its 2019–20 Annual Report, the Australian Signals Directorate (ASD) outlines its performance in protecting Australia through the provision of foreign signals intelligence, cyber security and offensive cyber operations.
How did the ASD perform?
ASD’s purpose is to defend Australia’s national security. It does this through:
- Providing intelligence that informs decision making (foreign signals intelligence).
- Protecting Australians online (cyber security).
- Disrupting malicious cyber actors (offensive cyber operations).
Foreign signals intelligence
ASD reports regularly on its activities to the Office of National Intelligence (ONI), who reportedly assessed that that the ASD was a “highly capable and effective signals intelligence agency with advanced levels of analytical, technical and operational tradecraft.”
Specific details of foreign signals intelligence activity are not provided in the report.
Cyber security services
Cyber security services are provided by the ASD’s Australian Cyber Security Centre (ACSC).
Threats to Australia’s national security have risen due to the COVID-19 pandemic, and the ACSC has heeded the call for much needed cyber security advice and support tailored to meet the challenges of the current threat environment.
During 2019–20, the ACSC responded to 2,266 cyber security incidents which included phishing emails and malicious software impacting organisations and government entities.
Key activities throughout the reporting period included:
- Effectively responding to a Category 1 level cyber security incident involving the targeting of Australian governments and companies by a state-based actor.
- On 30 June 2019, the ACSC launched ReportCyber, which has simplified Australians’ ability to report cybercrimes and facilitates effective trend analysis by law enforcement. ReportCyber replaces the Australian Cybercrime Online Reporting Network (ACORN) previously managed by the Australian Criminal Intelligence Commission (ACIC).
- Delivery of training and education programs across government entities to share best practices and strengthen capabilities.
- Providing threat information to industry to boost cyber security.
- Delivery of various initiatives to improve the cyber security of the Australian public and businesses, such as the ACSC’s Small Business Cyber Security Guide.
- The ACSC launched the new cyber.gov.au website which improves the delivery of relevant cyber security advice and news.
- Collaboration with industry and government stakeholders on cyber security matters, such as supporting the Department of Home Affairs’ Critical Infrastructure Centre with technical assessment of critical infrastructure and telecommunications security issues.
- The ACSC helped inform policy makers of key trends in an evolving threat environment through leading forums, supporting major government policy initiatives, and producing intelligence assessments.
- Engaging with the private and public sectors through the ACSC Partnership Program, which also allows partners to collaborate across sectors with their cyber security professional peers.
- International cooperation with global cyber security counterparts. An example is the Asia Pacific Computer Emergency Response Team (APCERT) which supports cyber security cooperation in the Asia-Pacific region.
Offensive cyber operations
Offensive cyber operations involve the use of force in cyberspace to combat foreign adversaries who seek to harm Australia’s national security.
Key activities throughout the reporting period include:
- Disrupting offshore cybercriminals taking advantage of the pandemic, including those who perpetrated COVID-19 themed scams to steal money and data from Australians. Responses included disabling the cybercriminals’ infrastructure and blocking their access to stolen data.
- Collaborating with the UK Government Communications Headquarters to target cybercriminals selling credit card details on the dark web. This enabled the identification of over 200,000 stolen credit cards globally, including 11,000 Australian cards, preventing a potential loss of approximately $90 million globally and over $7.5 million domestically.
Key takeaways
The Australian Signals Directorate (ASD) is responsible for protecting Australia’s cyber and national security through the provision of foreign signals intelligence, cyber security and offensive cyber operations.
In its 2019-20 annual report, the ASD assesses that it is performing strongly, with the bulk of activity throughout the period attributed to its Australian Cyber Security Centre (ACSC).
The ASD has also shown that it won’t hesitate to use force to retaliate in cyberspace and combat threats to Australia’s national security.