cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Hansford warns of changing Australian cyber threat landscape

Despite the Australian Cyber Security Strategy being released just five months ago, the nation’s threat landscape has faced dramatic changes, according to one of the nation’s cyber security figureheads.

user icon Daniel Croft
Thu, 21 Mar 2024
Hansford warns of changing Australian cyber threat landscape
expand image

Hamish Hansford, Deputy Secretary of the Cyber and Infrastructure Security Group and former cyber security coordinator, appeared at the Gartner Security & Risk Management Summit this week, discussing the 2023–30 Cyber Security Strategy and the plan to make Australia the most cyber-secure nation in the world by 2030.

Hansford acknowledged that the strategy was an ambitious plan with ambitious goals, but discussed the ways in which it was going to be achieved.

One key focus for the first leg or “horizon” of the strategy is the focus on critical infrastructure providers, as attackers increasingly target them and their infrastructure.


“Our view is that increasingly we might see attacks that get into ICT (information and communications technology) infrastructure and then latch or move into OT (operational technology),” he said, as seen by Government News.

“We need to think about protection of the OT because I think that’s the more critical when it comes to catastrophic cyber incidents.”

Hansford named the Volt Typhoon threat group as an example of hackers attacking critical infrastructure, with the group reportedly having spent at least five years secretly with access to US critical infrastructure, according to recent reports.

The Australian Signals Directorate said on 8 February that it believes the group, which is believed to be a Chinese state-sponsored actor, is positioning itself on these networks for timely attacks at times of military conflict, boiled over political tensions or major crisis to maximise damage.

Additionally, Australia and Five Eyes allies have released a new advisory outlining the threat the group presents.

Despite the increased threat, Hansford said that progress on the strategy and protecting critical infrastructure operators and services is ongoing, emphasising that the relationship between critical infrastructure operators and government is a key focus at this stage.

“Claire O’Neil is going to write very shortly to all of the accountable authorities to outline how we’re going to improve our cyber security posture,” he said.

“The focus this year and next year will be on the relationship between government and critical infrastructure, that’s the challenge we’re focused on.

“We’ll be identifying the most important systems the government relies on at a Commonwealth level … and bringing them together as a group to think about incident response and recovery plans.

“It’s important to treat them as separate entities but supply chains between government and infrastructure suppliers are inextricably intertwined, so that’s going to be a defining feature of the next couple of years.”

Hansford added that the protection of the healthcare sector, particularly after major attacks on organisations like Medibank and UnitedHealth in the US, is another focus, and that the government is also working on how to protect the sector.

“The health sector has disaggregated, flat IT structures and we need to starting thinking about how we share information between hospitals, for example,” added Hansford.

“In coming months you’ll see a particular program focused on health care.”

The role Australia plays in the international cyber security space is also a key focus, particularly as the nation wishes to be the leader in cyber security by 2030.

“We have a responsibility as middle power to think of how do we influence global standards and rules that govern cyber space.”

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.