Australia fails Optus’ cyberwar rehearsal

Australia fails Optus’ cyberwar rehearsal


Stores and cafés could not take digital payments; public transport systems stopped working; the two-factor authentication that secures things ranging from online transactions to work IT systems access were gone; GPs couldn’t dispense e-prescriptions; call centres and health advice lines were down; people roamed lost around city streets bereft of Google Maps and, worst of all, large numbers of Australians could not call 000 if they needed to.

The government has recognised the importance of protecting critical infrastructure from cyber disruptions, with Home Affairs Minister Clare O’Neil introducing new requirements to make private operators culpable if they are knocked offline.

But if Wednesday was a practice run for a cyberwar, then Australia flunked it. Optus must shoulder the blame for the outage, but we all have work to do to avoid similar madness when future tech snafus occur.

If a system goes down (as they do), then we need to be able to withstand it without these dramas.

In a cyberwar scenario we will also need much clearer public leadership than that shown by the key players on Wednesday.

Optus’ leaders, perhaps still bruised after the telco’s cyberattack a year ago, did not front up to answer media questions until after the drama was over. Instead, chief executive Kelly Bayer Rosmarin called in randomly to radio shows.

The government tried to show some leadership, but Communications Minister Michelle Rowland’s media briefing, broadcast on live television, merely let the populace know that it was as clueless as the rest of us about what was going on.

Private sector coordination with government has to be much better than this, and public communication must be clearer. Wednesday was a relatively benign disruption in comparison to a hostile state-based attacking, and we went into meltdown.

Optus was in a bad spot, no doubt. The company just doesn’t seem to be able to catch a break. When Telstra suffered a longer outage last year, it happened overnight when the chaos was minimised.

Telco analyst Paul Budde had a smart suggestion, which the telcos won’t like, but which makes sense: mobile roaming.

After much pressure, Telstra last week agreed to test the ability for people to use any available mobile network during natural disasters. If an Optus mobile tower is destroyed in a bushfire for example, their phone connects to Telstra’s network. Budde says this is feasible also in a situation like Wednesday’s Optus failure.

“[Telcos] view the size of their networks as a competitive advantage and question why they should allow others to use their network … But these networks aren’t just commercial operations; they are vital infrastructure for our society and economy,” Budde says.

“There should be a gateway facility connecting the networks, allowing them to take over traffic from one another … It’s technically feasible.”

Wednesday was a good day for those that urge people to go back to more analogue ways, or at least to carry cash, but our digital lifestyles are not changing. We just need a more coordinated disaster recovery plan.



Source link