A member of a US Secret Service task force on cyber crime will tell government agencies they are increasingly vulnerable to serious data breaches, presenting major implications for Australia’s national security.
With hacked information now being bought and sold on the dark web in a trade worth trillions of dollars, “data is the new oil”, according to Chris Pogue.
Mr Pogue, a member of the US Secret Service Electronic Crimes Task Force, and senior vice-president of cyber-threat analysis with Australian tech company Nuix, will next week have high-level briefings with Australian government representatives and security agencies.
“All systems are vulnerable,” Mr Pogue told AAP in Sydney on Friday.
Earlier this year, a German Patriot anti-aircraft missile battery based on the Syrian-Turkish border was reportedly hacked, with the attack only detected after the launcher executed unexplained commands.
Australia has also reportedly been targeted: in 2013 it was alleged attempts were made to obtain blueprints of a new ASIO building, and earlier this month it was reported Chinese and Russian spies attempted to hack top secret details of Australia’s future submarines.
Mr Pogue warns there will be more attempted data breaches.
“This is the biggest threat to a government organisation.”
The risks to critical infrastructure include the potential for power grids and banking systems to be shut down, “completely disrupting the normal operations of a country without firing a round”.
The former US Army officer said organised cyber criminals were increasingly working together, dealing in critical data on the dark web, and that government and private organisations must collaborate to meet the threat.
“The theft of critical data is fast becoming the most lucrative business worldwide for organised crime groups who can make many millions of dollars in a very short time on the dark web,” Mr Pogue said.
Malware, for example, can sell on the dark web for between $25,000 and $100,000. Some providers even offer help desk services.
Mr Pogue said stronger partnerships are also needed between law enforcement and government agencies around the world to support successful investigations and enable greater preventative action against cyber criminals.
“The more we integrate technology into everything – not just weapons systems but security clearance information … or CIA-type covert operations or black ops – all of that is accessible by somebody.
“And if it’s successful legitimately, then it’s accessible by attackers.”