May 25, 2023
JAMES PATERSON: Good morning. I want to make some initial comments about the decision by the Australian Cyber Security Centre to publicly attribute, along with our Five Eyes partners, malign behaviour to the Chinese government in cyberspace. It's been disclosed this morning that Chinese actors have been acting to infiltrate US networks of critical infrastructure providers and lying dormant on those networks for a purpose that is unstated. This is a particularly malign behaviour to target civilian infrastructure like this, and it's not acceptable. It's a very welcome thing that the Australian Government has joined our Five Eyes partners in attributing publicly this malign behaviour because that helps shape and deter people from engaging in it. However, there are other steps and other tools available that we could take and should take. The Magnitsky sanctions regime allows us to sanction people who engage in offensive cyber activity against Australia, and we should do so. There's no doubt in my mind that if this is happening in US critical infrastructure networks, then it's happening on our networks too.
QUESTION: Yeah, I just had some questions about the Border Force ceasing the use of the Chinese drones. Are there any other particular technologies that you're aware of that is being used within the ADF or the Border Force that you are concerned about at the moment?
PATERSON: Unfortunately, I suspect that DJI drones, just like TikTok and just like Hikvision and Dahua cameras, are just the tip of the iceberg where high risk technology from authoritarian countries is being used in Australian government departments and agencies. That's not acceptable. It shouldn't be happening. So that's why I launched this new audit on DJI drones. And unfortunately, I suspect for the time being, I'm going to have to continue to do this to assess the risk to Australia. What we actually need is a much more proactive approach from the Government. They need to be on the front foot and anticipating these possible threats and assessing them themselves rather than waiting for an Opposition Senator to put questions on notice through the Senate.
QUESTION: Yeah, definitely. So, do you think that the government should be launching more of a holistic review of both our primary defensive operators in the country of specific technologies just from any foreign operator?
PATERSON: Absolutely. I think both the software and the hardware that's used in the Australian Government should be appropriately assessed for the cyber security and national security risks that it poses. It's clear to me that's not happening because it's only been after I've identified these publicly and called them out publicly that action has been taken to the to remove them. And that has to change. This government has to get on the front foot and be proactive about the risks.
QUESTION: Great. Thank you so much for your time.
PATERSON: Thank you.
ENDS
