Director-General Speech: Address to the Security in Government Conference 2011 – Australia’s Security Outlook

I welcome the opportunity to speak at this year’s Security in Government Conference – especially on the topic of "Australia’s security outlook". As the Director-General of Security, I should obviously like to share with you, as much as I am able, the assessments and viewpoints of my own organisation.

I am sometimes asked to speak to conferences and other events on "Australia’s domestic security environment". The problem with that topic is that it assumes there is a domestic environment somehow independent of developments and influences overseas.

Australia’s security environment is inextricably linked to, and influenced by, the overseas environment. And within that environment, it is the unstoppable force of globalisation which has shaped not only the modern day security environment, but also many aspects of our social, professional, and business lives.

We now live in a world where the global has greater influence than ever before on the domestic; where change is more rapid, more things happen on a grander scale in real time, where the benefits of stupendous technological advances in transport, communications, the production of food and material goods and in warfare are available on a global basis to more people, from more walks of life, and in more geographic locations, than ever before.

We are all still grappling with the implications for our daily lives of the global information technology revolution – economic, political, legal, social, and personal. What does all this mean for governments?

• Non-state actors are assuming greater importance in national security considerations; be they Islamic terrorists, cyber hackers, transnational criminals, or people-smugglers. These actors are adept at leveraging new technology, employing innovative ways of organising themselves and messaging old grievances to inspire new recruits. One need only look at the shifting focus and priorities of my own organisation since its establishment in 1949 to see how the rise of the non-state actor has forced intelligence agencies to respond accordingly.
• The rampant use of the internet, the democratisation of communication, has resulted in new and effective means for individuals to propagate and absorb unfettered ideas and information and to be radicalised – literally, in their lounge rooms.
• Information and communications technology is now often progressing faster than the accompanying legal and regulatory framework that governs its use in any one country, meaning the gap is widening between current ICT capability, and the controls and frameworks governments rely on effectively to use that capability for law enforcement or security purposes.
• Nation states, as well as disaffected individuals and groups, are able to use computer networks to view or exfiltrate sensitive, private, or classified information for the purposes of espionage, political or diplomatic gain, or commercial advantage.
• Our increasing reliance on communications technology to conduct the business of government, of daily commerce and of living our daily lives opens up vulnerabilities to malicious attack for criminal or other purposes.
• Globalisation has made possible, and complicated, a new rash of policy issues that governments did not have to consider in as serious a manner until relatively recently. Here I’m talking about the potential spread of weapons of mass destruction, the uncontrolled movement of people from unstable, poor countries to stable, democratic, prosperous ones, governed by the rule of law and respect for human rights; climate change, which has threatened our traditional assumptions about life and development; the threat of pandemics (as evidenced in recent times by the avian and swine flus); the international drug trade; and, of course, terrorism.

Recently, the ‘Arab Spring’ uprisings throughout the Middle East and North Africa demonstrate how quickly the political, strategic, and security environments can change, often without much notice. One of the hot discussion topics to emerge from events in this region was the role social media and networking tools – another sign of our how interconnected our world has become – played in encouraging grassroots civic protest, which, looking back, helped bring about regime change (in Egypt and Tunisia, particularly).

The Arab Spring is itself, however, a caution against predictions about the future. Not only were Governments worldwide taken by surprise at the speed of events; but it seems clear that the participants, whether pro or anti-regime, did not see their own revolutions coming.

Terrorism

With respect to terrorism, Usama Bin Laden’s death has obviously attracted a great deal of interest and speculation about the implications for the security environment — both internationally and in Australia.

Bin Laden’s death is undeniably an important milestone in international counter-terrorism efforts. However, as important as Usama bin Laden’s death is symbolically, we have seen so far absolutely no indication that it has changed fundamentally the dynamics of anti-Western transnational terrorism. Nor does it mean the threat is diminished in any way: al-Qa’ida and its affiliates have shown a capacity over the past decade to surmount setbacks and overcome the loss of leaders.

Ideology remains, in the absence of leaders like Usama bin Laden, and it is virulent. Of particular concern to us in Australia is the current targeting of this message to young, English-speaking Muslims. Specifically, through both al-Qa’ida in the Arabian Peninsula’s Inspire magazine and the readily available English language lectures by radical Yemen-based US sheikh Anwar al-Aulaqi.

• Inspire magazine is intended to resonate with a youthful, audience: the i-jihad generation. It sends them a simple message: "Jihad: just do it!" Australia has been referred to in the magazine several times, and most recently referenced again through the image of the Sydney Opera House in the open source jihad section of the magazine.
• Al-Aulaqi’s lectures, since at least 2004, have referred to Australia as an enemy of Islam. These lectures are readily available and circulate in Australia.

The sum of this propaganda effort is to portray Australia as a legitimate target that may be attacked at any time without any further justification or authorisation required.

Let me make it very clear. Australia is a terrorist target and, despite popular misconceptions, terrorist attacks on Australian soil have occurred. Four mass casualty attacks have been disrupted in Australia in the last eight years.

Of the various ways and means a terrorist attack could be planned and orchestrated in Australia – from overseas terrorists who infiltrate the country, to local extremists with little or no external support, and everything in between – I believe the most worrying threat comes from the home-grown, local extremist, who may either have been radicalised and trained offshore, but who returns to Australia to commit acts of violence, or who radicalises, prepares, and commits acts of violence in Australia without ever leaving our shores.

ASIO is continuing to conduct literally hundreds of investigations of possible terrorist intentions or activities in Australia.

A good illustration of the difficulties of referring to a ‘domestic’ security environment is Australia’s connection to South East Asia, most notably, Indonesia. Extremism in Indonesia and Australia has at times operated in parallel and had a direct impact on the security and safety of Australians and Australia’s interests.

Jemaah Islamiya was, of course, responsible for the horrific Bali bombing in 2002, claiming 202 lives, 88 of which were Australian. Immediately after the Bali bombing, Australian authorities disrupted a cell a regional cell of Jemaah Islamiya (Mantiqi IV) here in Australia. This disruption was the end result of unprecedented cooperation between Indonesian and Australian authorities; co-operation which continues today, to address threats from JI, JI affiliated, and other extremist groups, especially in the wake of the July 2009 Marriott and Ritz Carlton hotel bombings.

The Indonesian government has had some notable successes against terrorism in recent years, but recent attacks and ongoing disruptions of terrorist activity in Indonesia highlight the resilience and adaptability of these extremist networks. The threat from these networks remains today. Australians have a real stake in the success of Indonesian authorities in curbing terrorism on our doorstep.

And we congratulate and thank the Indonesians for their outstanding efforts.

The threat of extremist violence does not only come from violent jihadists, however, as demonstrated by the tragic events in Norway over the weekend. It also comes from disaffected individuals who take it upon themselves to act. In Norway’s case, it appears an individual, apparently acting as a genuine lone wolf, perhaps with as yet undefined links to radical or extremist groups, came to believe Europe was threatened by its policies of multiculturalism, toleration and the spread of Islam. His solution was to commit a violent action to draw attention to his views.

Unfortunately, there are individuals who share the same distorted world view as the attacker in Norway. To date, they have not gone to such extreme lengths here in Australia. However, what happened in Norway should remind our community that threats to our security may come not from one or two sources, but many. We face not only “organised” terrorists, those who work as part of a larger group, such as al-Qa’ida, but the stand-alones, individuals who believe in an ideology shared by others but are not part of a group. Then there are the lone wolves; individuals who have devised their own view of the world and are not associated with any group at all.

At the same time we must recognise that intelligence agencies cannot cover absolutely all latent threats, and are required to make careful judgments and choices on priorities, risk management, and resources.

Addressing the threat of terrorism requires far very substantial cooperation, information and capability sharing between State and Federal authorities and within the Australian Intelligence Community. It has also required agencies to work more closely with international partners – transnational issues obviously require transnational responses. Both of these requirements are increasingly being met.

Countering extremism in our communities requires a cooperative combination of law enforcement and security intelligence, including intelligence from overseas. But that is only one part of the response. In addition, we need to build resilience within communities against radicalising influences.

A diversity of views and attitudes, sometimes strongly put, is a hallmark of a strong liberal democratic society such as ours. But using or advocating violence to promote those views threatens a foundational principle of our society – the peaceful resolution of competing interests through politics and compromise.

The Government is working with, and across, jurisdictions and communities to seek to build that resilience. ASIO assists that work through the provision of advice and assessments. This includes providing communities with a confidential channel for dialogue with Government, and an avenue to continue to build understanding that our greatest concerns are not with this or that ideology or religion – our greatest concern is about the use of violence in furthering those ideas. We are not opposed to Islam; we are opposed to terrorism.

Espionage

While a less visible threat than terrorism, espionage and foreign interference are also very real threats. I will not talk in great detail about this. However what I will say is that Australia remains a target for espionage and interference for all the obvious reasons.

I will touch very briefly on cyber. Cyber espionage has emerged as a serious and widespread concern. Enormous volumes of data are being taken from vulnerable, internet-linked computer networks from governments, from private enterprise and from individual Australians. Individual records or files may not be classified or particularly sensitive but, in aggregate, they give state-actors a range of intelligence insights not readily available from other forms of espionage.

While intrusions into computer networks and exploitation of data are not new, cyber-espionage by state-actors is the new growth industry. Attempts by both state-sponsored and non-state actors to steal sensitive government data are growing in number and sophistication.

The threat also extends to information vital to the effective day-to-day operation of critical national industries and infrastructure, including intellectual property and commercial intelligence.

Government Agencies can help. CERT, within the Attorney-General’s portfolio, is responsible for working with the private sector in identifying computer systems which are important to the national interest and providing it with infrastructure and advice for better self-protection. CERT also works closely with ASIO and the Defence Signals Division to this end.

Despite the rise of cyber espionage, ASIO has not seen a reduction in the intensity of other, more traditional forms of espionage – human spies are still being recruited and run and foreign intelligence agencies are still interfering covertly in the Australian community. Indeed, effective coordination between traditional human-based espionage and computer network operations represents a potent threat to our most sensitive data and networks that are not connected to the Internet.

The problem is not restricted to government. Recent developments are forcing the need for data managers across the whole gamut of industry and government to rethink how they manage and protection the information with which they have been entrusted.

A key vulnerability for both government and business is the poor choice of personnel. Government and business have to have reliable staff to manage and protect both commercial interests. There can be no shortcuts.

The importance of outreach

I have mentioned throughout my speech the importance of government agencies, both State and Commonwealth, working together to address issues of common concern. These issues are invariably bigger than any one agency’s capacity to respond; very few agencies have the people, the budget, the coverage, or the capability to tackle them on their own.

But I should also like to make another point – and it’s in deference to those of you in the audience who don’t work for government, but with government. Agencies have to be able to engage and reach-out to the private sector, particularly the owners and operators of critical infrastructure, as it is often private sector interests most vulnerable to exploitation by terrorist groups, or state-sponsored espionage. My own organisation helps undertake this outreach through its Business Liaison Unit, which provides reporting and advice to the private sector on national security threats so that sector can take necessary and adequate measures to respond to those threats. The BLU provides a point of contact and access between industry and government, and, along with classified CIP briefings, a means by which we can provide output directly back to industry.

If the effects of globalisation are the most visible aspects of today’s security and operating environment, let outreach and engagement be the most visible aspect of the response.

Australia’s security environment: the future

What is our outlook for the future?

While the future is difficult to predict, some reasonable assumptions and projections can be made. The security challenges for Australia represented by espionage, terrorism, and foreign interference will not diminish in the near term.

The drivers and influences on foreign powers to engage in espionage and foreign interference are enduring. Foreign powers will continue to engage in these activities to seek to achieve their policy goals and extend their national influence and capabilities to Australia’s detriment.

The terrorism challenge is driven by a narrative and radicalisation processes which are persistent and attractive to some. It only requires relatively few individuals to carry out a mass casualty attack which would cause serious loss of life, economic harm, and damage to our social cohesion.

Intelligence and experience enable us to make general forecasts of what future terrorist plots will feature:

• The most likely form of attacks in the next three to five years are low cost, locally financed, involve minimal training with a short planning cycle, and use weapons fabricated or sourced from readily available materials that are unlikely to arouse suspicion.
• Jihadist terrorists frequently focus on attacks which result in mass casualties. Targets with symbolic or economic significance also feature. Places of mass gathering, special events, central business districts and iconic establishments, government institutions and foreign missions, key transport elements, key financial institutions, energy and water supply nodes are among possible targets.
• Potential weapons include improvised explosive devices, firearms and incendiaries. Tactics may include the use of small person-borne explosive devices, vehicle-borne explosives, armed assault, or a combination of tactics (including multiple coordinated attacks).

Terrorists will continue to be able to recover from setbacks and to change their behaviours. They have shown themselves to be innovative and able to devise new tactics and weapons, and will continue to probe for vulnerabilities to defeat security measures. This learning process is aided by the amount of publicly available information, including relating to security measures and law enforcement and intelligence capabilities.

A trend we have seen is extremists emerging with little or no warning. This will not diminish, including due to the rise of English language jihadist propaganda and deliberate jihadist efforts to foster individual action.

The protection of both national security information in the public sector and commercially sensitive information in the private sector will continue to be a principle challenge in this digital age. The two realms are increasingly intertwined with privately owned infrastructure – a critical part of government business. This means continued and effective cooperation between the public and private sectors will be essential.

We will need to anticipate, as much as we are able, future threats, and factor within our forward planning how we are to respond to these, while still maintaining our ability to counter present threats. I’m often reminded that, as recently as ten or so years ago, not many people foresaw Yemen as an emerging area of concern, or indeed predicted that cyber-espionage would be as insidious a threat as it is today.

At the same time, it is simply not possible for an intelligence agency to be able to cover all latent threats as comprehensively as some might wish. We must rigorously prioritise our investigative efforts according to a constant process of risk management and resource availability.

In closing, we know that the measure of an agency’s success will still be how well it can find constructive and resourceful ways to meet current challenges, and take pre-emptive action to address future challenges.

Thank you again for the opportunity to address the Security in Government conference. I’m happy now to take a few questions.