Cyber sanctions, crisis response, critical tech, AI & tech geopolitics with Brendan Dowling

Spil

In this episode of Technology and Security, Dr Miah Hammond-Errey speaks with Brendan Dowling, Ambassador for Cyber Affairs and Critical Technology. They discuss the Australian government's cybersecurity outlook for 2024, focusing on the anticipated pace and scale of responses from advisories to law enforcement actions and sanctions. Additionally, it covers the use of cyber autonomous sanctions, examining the case of Ermakov, as well as potential future uses and the process involved, particularly the criteria for significant cyber incidents. The interview touched on the establishment of a permanent cyber crisis response team in the Pacific, highlighting its readiness and composition as a crucial step in bolstering regional cybersecurity capabilities. This conversation explored efforts to enhance access to secure technology in the Asia-Pacific region, spanning from IoT to cloud migration, and addressed growing concerns regarding information influence and election disinformation, including TikTok's impact and recent regional acquisition. The discussion explored the necessity of forging diverse alliances to bolster technology security, access, and policy, showcasing collaborative initiatives with partners such as the UK, Singapore, Indonesia, Vietnam, Japan, and ASEAN. Further, it covered interdependencies, including its reliance on foreign-developed software and hardware, and the imperative of leveraging international cooperation to shape the global market and protect critical infrastructure given heavily digital reliance and wide spread data aggregation.Fittingly, this episode was delayed a few weeks due to a cyber incident.  Resources mentioned in the recording: ·               Miah Hammond-Errey (2024) Big Data, Emerging Technologies and Intelligence: National Security Disrupted (20% discount code for book AFL04)·               Miah Hammond-Errey, 18 December 2023, Did you Tech 2023? A wrap of the year’s tech news, with an Australian flavour, The Mandarin  ·               George Packer, Our Man 2019, Random House·               Gerald Murnane, Border Districts, 2017, Giromando This podcast was recorded on the lands of the Gadigal people, and we pay our respects to their Elders past, present and emerging. We acknowledge their continuing connection to land, sea and community, and extend that respect to all Aboriginal and Torres Strait Islander people. Thanks to the talents of those involved. Music by Dr Paul Mac and production by Elliott Brennan.  Transcript: please check against delivery Dr Miah Hammond-Errey: [00:00:03] Welcome to Technology and Security. TS is a podcast exploring the intersections of emerging technologies and national security. I'm your host, Dr Miah Hammond-Errey. My guest today is Brendan Dowling. Brendan is the ambassador for cyber affairs and critical technology. He played a key role in developing Australia's recent cyber security strategy, and leads Australia's international engagement on cyber and critical technology. Brendan previously worked at the Department of Home Affairs, including as first assistant secretary of the Cyber and Critical Technology Coordination Centre, and worked in Australia's embassy in the United States and Jordan. We're thrilled to have you on the podcast, Brendan. Brendan Dowling: [00:00:40] Thanks so much for having me, Miah. Dr Miah Hammond-Errey: [00:00:42] We're coming to you today from the lands of the Gadigal people. We pay our respects to their elders, past, present and emerging. We acknowledge their continuing connection to land, sea and community and extend that respect to all Aboriginal and Torres Strait Islander people. Dr Miah Hammond-Errey: [00:00:56] 2024 has already seen significant law enforcement action and government response to cybercrime, from the first use of autonomous cyber sanctions to joint announcements regarding living off the land, attacks on critical infrastructure to the takedown of Lockbit. Brendan, what else can we expect this year? Brendan Dowling: [00:01:11] Well, hopefully more of the same, I think from our perspective in Australia, but from countries globally, we've had a gutful of how much impunity there is in the cybercrime world. It's extraordinary how lucrative that industry has become in just a few years. And I think for most cybercriminal operators, they've been operating with a sense of confidence, anonymity, impunity and without seeing costs imposed. So the sanctions are important. I think exposing Ermakov and what he did with the Medibank incident is hugely important and impactful. But the takedown of Lockbit, I mean more disruption. I think that's hugely effective to breaking what otherwise I think will just continue to grow because it's easy money. We need to find ways to actually say we're going to make your lives harder. Dr Miah Hammond-Errey: [00:02:02] Absolutely. As someone that's worked in this space for a long time, it's really exciting to see these big announcements we had planned to record a few weeks ago, but on the day you were involved in a multi nation announcement about a cyber-attack, can you tell me what happened? Brendan Dowling: [00:02:15] So we, with our partners in the Five Eyes, issued an advisory around a group called Vault Typhoon, who is a Chinese backed group operating out of China targeting critical infrastructure. So the importance of that advisory was saying this group is utilising the living off the land technique, which essentially means that you can get onto someone's network and behave like you belong and are much harder to detect. And we're seeing that type of activity on US critical infrastructure. We think there's a risk that it's targeting a bunch of other nations, including Australia. And the key thing with an advisory like that is saying, here's what's going on, here's the information you need. If you're a critical infrastructure operator to hunt, detect, mitigate, putting it out there, naming the source and saying this is a problem because the targeting of critical infrastructure means it's not necessarily for information gathering or espionage purposes. The potential is there for disruption. And that's kind of the nightmare scenario in the cyber world, that a malicious actor can actually disrupt our essential services and stop our economies, societies, communities from functioning. Dr Miah Hammond-Errey: [00:03:25] In late January, the government announced the first ever use of autonomous cyber sanctions, that is, sanctions imposed on an individual because of their activities in cyberspace. Russian citizen Alexander Ermakov was sanctioned for his role in the breach of the Medibank Private network. As you mentioned earlier, we've recently heard that Ermakov has been detained. Do you have any more information for us? Brendan Dowling: [00:03:45] We've consistently called on the Russian government to better enforce laws aga...