Critical
Infrastructure Protection
Senate: MATTERS OF PUBLIC INTEREST
Senator LUNDY (Australian Capital Territory)
(1.52 p.m.)—Wednesday 2 December 1998
I rise today to alert the Senate to issues of vital national interest that this
government has been exceptionally tardy in addressing.
Right now, we have a unique window of opportunity to shape our future and to make the
technologies of the future work for us, rather than becoming enslaved to them. As citizens
and law-makers, we cannot allow this historic chance to slip from our grasp. And yet that
is what Senator Alston and Prime Minister Howard would have us do, because they lack the
imagination and the vision to grasp the great opportunities and challenges that the
information age presents to our country.
There is a vitally important role for government to play across the spectrum of the
truly fascinating cultural, economic and industrial issues that the information society
presents to Australia. I will limit my comments today to just three, albeit interrelated,
issues that, if left unaddressed, will seriously weaken the ability of Australians to
communicate, to engage in commerce and to defend against threats to our national security.
Those three issues concern the protection of Australia's critical infrastructures, the
amelioration of the Y2K problem, and the lock, stock and barrel outsourcing of government
information technology. Research
conducted just recently has shown in much more specific detail than anything the
government has produced exactly how vulnerable Australia's critical infrastructures are to
both the Y2K problem and more malicious threats.
Critical infrastructures are systems whose incapacity or destruction would have a
debilitating impact on the defence or economic security of the nation. They include
telecommunications, electrical power systems, gas and oil, banking and finance,
transportation, water supply systems, government services and emergency services.
Each of these infrastructures is operated, monitored and controlled by networked
computers. Consequently, our critical infrastructures are vulnerable to a Y2K or
millennium bug crash, valuable data can be manipulated or stolen and these vitally
important systems can be disabled or just destroyed by hackers for money, in the aid of
terrorism or just for kicks.
Vulnerabilities exist for two key reasons. First, critical choke points exist in each
infrastructure and at the interconnection between infrastructures. Second, the various
infrastructure systems and their computer networks are interdependent upon one another. If
just one computer in a network has not been Y2K protected, it could be a weak link that
drives the entire system to collapse. Because of the interdependence between systems,
there is a serious possibility that crashes could cascade from system to system.
Mr Acting Deputy President, we have already witnessed critical failures in our
electricity, oil and gas, and water infrastructures that demonstrate just how vulnerable
these systems are. It is now estimated that the explosion in the Esso refinery killing two
people and cutting gas supplies to the state of Victoria will cost Australia up to one per
cent of GDP. Sydney's water crisis and the failure of the electricity network in
Queensland also point to serious weaknesses in Australia's critical infrastructures.
What these incidents prove is that Australia's critical infrastructures are more
vulnerable than previous assessments have admitted. This is a significant problem in terms
of accidents and natural disasters, but should serve as a pointer to the government's
current attitude and approach in terms of protecting Australia from the Y2K or millennium
problem or even worse scenarios, such as terrorism.
With respect to Australia's financial networks, they are similarly exposed to problems
associated with networked computers. The Reserve Bank is the cornerstone of our financial
system and yet it too has potential problems with over-centralisation and key choke points
between it and the external systems upon which it depends both here and abroad.
Other examples are satellites. Some corporate literature that I read recently stated:
Satellites are a surprisingly common part of the day-to-day lives of Australians and
Australian businesses.
In the same publication, the company states that satellites carry a whole range of
information, including telephone systems, management of data for banks, remote oil and gas
pipeline monitoring, ground-to-air communications, mobile satellite communications, secure
defence signals, the Internet, and radio and TV services. And yet the control of
Australia's domestic satellites is centralised at one location with well-known
vulnerabilities.
The Howard government has known about these problems for years now and has done nothing
about them. Interdepartmental and consultative committees abound on both the Y2K issue and
on the hacker threat to our vital national infrastructures, but no substantive action has
been taken.
The joint communique between the US and Australia, announced yesterday by the Prime
Minister, adds nothing, absolutely zero, to developing serious and relevant strategies for
protecting our infrastructures from catastrophic failures as a consequence of either the
Y2K problem or malicious attack. Yet it is with some irony that we note that the US has in
fact taken action in this regard, [through PDD 63,64] implementing legislation to identify
critical infrastructures and the need for redundancy and contingency plans to be in place,
mandated by the US Congress.
Australia, therefore, stands relatively weak and exposed before the very technologies
that should enable this small but imaginative society to be strong and resilient. In
short, this is a national disgrace and a failure of leadership of the first order. Just as
Australians in the 1980s asked themselves why the Menzies government failed to transition
the economy to a serious manufacturing base in the 1960s, so will the Australians of 2020
look back to the Howard government's paralysed inaction concerning the information age as
yet another lost opportunity of historic proportions and consequences.
The third issue I would like to draw to the attention of the Senate is the government's
recent activity in selling off the family's IT silver. In the 1997 federal budget, the
government announced plans to outsource information technology infrastructure and services
in up to 66 government agencies. This initiative was taken to save $200 million. The
finance minister claimed in parliament that this `is one of the more significant
outsourcing initiatives ever undertaken on a national government basis'.
The selling of assets of this type will undoubtedly generate a one-off burst of
savings, but there is no doubt that losing control of the information technology
infrastructure and the data managed within those systems will seriously undermine the
ability of this or any forthcoming government to be effective agents of change both in
policy terms and in guiding the outcomes of how we lever information technology and the
information society for the future of this country.
Current Australian experience suggests that the benefits of outsourcing are
questionable. As it was reported in the Australian Financial Review, the outsourcing of 72
IT agencies by the South Australian government has led to considerable criticism. A recent
South Australian government review of the progress of the decision has found that costs
have fallen so far by only one per cent.
These issues and more highlight very clearly the lack of action of the Prime Minister and
his government with respect to the information age and where our future lies.
The PRESIDENT—Order! It being 2.00 p.m., the debate is concluded.
