Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Saturday, 22 April 2017 10:15

Why Dan Tehan should have nothing to do with cyber security Featured

By

Dan Tehan has just provided the country with adequate reasons as to why he should not be allowed anywhere near any post that has anything to do with online security. Least of all a federal ministerial position.

Tehan, the Minister assisting the Prime Minister on Cyber Security, wrote an op-ed for the West Australian on Friday; some of the statements he made would fight for primacy with one made by former communications minister Richard Alston. (Unfortunately, The West Australian's website is a pay-only site, but Tehan's gem is linked from here.)

Alston, who was described by some as the world's biggest Luddite, once said during his tenure that the only reason people wanted faster broadband was to download porn.

Tehan has made statements that are on par with this; for one, he is credited with saying that the government is contemplating laws to make telecommunications providers take responsibility for "scrubbing the Web of viruses and malware".

The West Australian's Nick Butterly referred to this as a "radical plan" in what he characterised as an exclusive story, oblivious to the fact that it could not be any other, as the article he wrote was based on Tehan's op-ed published by his employer.

Scrubbing the Web? What does that involve? Not blocking of websites, according to Tehan. No, that turned out to be a miserable failure when the Labor Party tried to play nanny some years ago. But then what? Scrubbing with soap and water?

Dan Tehan.

Dan Tehan: "The government is testing a capability to prevent government users visiting sites known to be malicious."

It is possible that Tehan has drawn inspiration from his boss, Prime Minister Malcolm Turnbull, who has sought to portray himself as someone who is in the groove when it comes to matters digital. Turnbull's method of projecting this image is by using the words "innovation" and "agile" frequently; I suspect that he has set a timer on his (expensive) smartphone to alert him when to next use either of these weasel words.

But back to Tehan; exactly what inspired him to write this op-ed is unknown. Perhaps it was the release this week by the Australian Cyber Security Centre of its cyber security survey for 2016, an eminently sensible document and nowhere near the level of ignorance displayed by Tehan.

One of the gems from Tehan was this: "Just as we trust banks to hold our money, just as we trust doctors with our health, in a digital age we need to be able to trust telecommunications companies to protect our information from threats."

So if telcos cannot block sites they deem dangerous, how do they do that, minister? When it comes to detail, Tehan predictably goes missing.

By extension, if you receive a spam phone call offering you glorious discounts on your international phone rates, then you should blame Telstra or Optus, depending on who supplies that line. But that line (pun intended) of reasoning can only be described as stupid.

More gems from Tehan: "Technology should improve our online experience, like stopping spam emails and providing SMS authentication for your banking services. We are calling on businesses to provide enhanced cyber security services to provide greater choice for users who wish to protect themselves online."

Apart from the dubious grammar in these pronouncements — and right through this op-ed — the minister seems to be blissfully unaware that most banks do provide SMS authentication. Of course, how one prevents spam coming in from a popular provider like Gmail was not dealt with at any length by Tehan. Those details are left to nitpickers.

Tehan further said that the government would work with business "to enhance the identification and patching of vulnerabilities that online criminals are exploiting. We will also enhance our scanning of government networks to identify vulnerabilities before the criminals do".

Good luck with that, Dan. Security experts in Russia, China, Israel and the US haven't been able to do so, but I'm sure you have some mysterious plan that will succeed.

The minister also said that the government "is testing a capability to prevent government users visiting sites known to be malicious. We will look at how we can share this information to provide greater protection to the private sector and broader community. We will improve the monitoring of data as it moves across government networks to support active cyber defence."

It's puzzling to divine exactly what Tehan means by this "capability", unless he is talking of surveillance as per the NSA model. But one doubts he will go down that path; the government of which he is part is already trailing badly in opinion polls and any talk of more surveillance (we already have data retention laws in place) would only make the figures worse.

But having knocked Tehan for his ridiculous op-ed, what does one really do to reduce the chances of online attacks?

Number one, minister, insist that Microsoft make it compulsory for users of its Windows operating systems — which the government uses to the exclusion of all other systems — to operate only with user privileges when doing their daily work.

And no, that advice does not emanate from me. It comes from the security firm Avecto, who came to this conclusion after analysing the entire list of Microsoft's security announcements for 2016.

One more thing that Tehan could do is to mandate that government employees digitally sign their emails, and also make this compulsory for businesses; the number of email-borne infections would drop by a fair amount if that was done.

But going after telcos and all the other waffle mentioned by Tehan is a waste of time. It is an attempt to be seen to be doing something when you have no clue as to what that "something" is.

There is a golden rule about what one should do when one is in electoral trouble: "When you're up to your neck in shit, keep your mouth shut." Obviously, nobody told Dan about this.

Pictures: courtesy Dan Tehan's website.

DIGITAL MARKETING HAS NO SOCIAL DISTANCING OR TRAVEL RESTRICTIONS

As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email andrew.matler@itwire.com

CONTACT US!

LAYER 1 ENCRIPTION A KEY TO CYBER-SECURITY SOLUTION

Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.

DOWNLOAD!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments