Australia has already seen its fair share of cyber security attacks. From beer supply chains being disrupted to state-based attacks allegedly impacting government, hospitals and universities, years of warnings have now materialised into real-world consequences.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
But the nation's security and intelligence agencies have warned the rising tide of cyber threats is far from its peak.
Few would know that threat more intimately than the Australian Army's former information warfare head Marcus Thompson, who's just left the military for an advisory role in Macquarie Telecom Group after three decades.
"From the military perspective, we, some years ago, recognised cyberspace as a warfighting domain, alongside sea, land, air, and space," Dr Thompson told The Canberra Times in his first few weeks in the role.
"Just as we do warfare in the sea, we do war in the air, war on land, war [also exists] in cyberspace.
"But we're also seeing it increasing in everyday life [with] a greater dependence on electronic systems and digital information.
"It pervades all aspects of our lives."
Now part of the team in charge of keeping government and corporate data safe in a secure Canberra location, Dr Thompson said it was important to understand cyber security wasn't just an abstract concept - it was the digital and physical protection of data.
In a Hollywood-esque secret facility, rows of metal racks sit in a large white room.
Inside the racks are stacks of small metal boxes, each the physical location of a server, that can individually hold up to millions of digital documents.
It's hard to visualise just how much data can be kept in a single box but, depending on a number of variables, the printed documents would likely stack up across the tennis court-sized room.
It's here, within the layers of security barriers and temperature-controlled environment, that government documents and correspondence, secrets and all, exist in the physical sense.
"When we talk about the cloud, it's actually [physical] racks of servers," Dr Thompson said.
"With the proliferation of technology ... and this exponential growth in the creation of data, the data has to sit somewhere. I think we all need to be thinking about where that physical location is.
"That's why these data centers have become more and more important."
READ MORE:
While it's not quite the scene of bank heist movie, the guarded facility is an intricate system of contingency plans designed to keep Australia's federal government up and running, no matter the disaster.
Dr Thompson said not much has changed over the last three decades he's been in the field but where a government could once be taken down by a natural disaster or physical attack, it could now also be done by someone thousands of kilometres away with a computer.
"There's nothing much new in cyber - attack is still attack, defence is still defence, theft is still theft, espionage is still espionage," Dr Thompson said.
"What's new, of course, is the conduct of those activities in and through cyberspace, where the speed and scale of the activity can be achieved far greater than in a physical sense."
The rapid expansion of threats has been a talking point for governments over the decades but new legislation promises to drastically change the federal response to it.
The government is proposing to solve part of the issue by expanding the definition of critical infrastructures.
Where it once applied to only water and electricity utilities, the bill would expand the definition to include financial, communications, transport, data and the cloud as well as food and medical supplies.
The changes would also require private companies to hand over cyber security information to the government and accept potential takeovers by federal agencies if measures aren't complied with.
It's a move some within the private sector are criticising as too powerful and broad-reaching.
But Dr Thompson said it's a necessary step given the risks ultimately at play.
"Sectors of the economy will find it easier than other sectors [to comply with the proposed laws] ... But I think it's an important step in the right direction," Dr Thompson said.
"I think that the commentary around [government] controls and ministerial authorisations is illustrating a sensible, pragmatic approach but in the cold, hard light of day, cool heads will recognise it as being appropriate."
The problems with cyber security aren't just in the private domain, however. A recent report by the Auditor-General found there was plenty the federal government had to do in its own backyard first.
Two federal departments, Health and Education, were found to have "ad hoc" cyber security systems despite the significant threat it posed to government.
Dr Thompson said from his experience, the departments would take the Auditor-General's findings seriously and work to seal the gaps.
"Cyber security is a team effort," Dr Thompson said.
"It requires government, it requires businesses, it requires academia and it requires individuals to be working together as a nation to be lifting up the cyber security of the nation.
"I think it starts with a recognition that there is a threat, that the threat is active and the threat wishes you harm."
Our journalists work hard to provide local, up-to-date news to the community. This is how you can continue to access our trusted content:
- Bookmark canberratimes.com.au
- Download our app
- Make sure you are signed up for our breaking and regular headlines newsletters
- Follow us on Twitter
- Follow us on Instagram