PATRICIA KARVELAS: Your online data is precious, but it’s also, as we’ve been learning, extremely valuable, and the Government’s been forced to act following the massive data breaches this year for millions of Optus and Medibank customers. Clare O’Neil is the Minister for Home Affairs and Cyber Security and joined me a short time ago.

CLARE O’NEIL: Good morning, PK. Great to be with you.

PATRICIA KARVELAS: You’ve described the threat to Australians’ online security as the most dangerous set of circumstances since World War II, why?

CLARE O’NEIL: Well, PK, something very radical has changed about our national security environment in Australia. So, we are facing into very difficult global circumstances in a national security context. We’ve got a very fast warming climate, which is changing things dramatically for our region. We’ve got a reshaping world order where China is becoming much more powerful and exerting its will over countries around them, and we’ve got a lot of the sort of global world order is literally reshaping before our very eyes. Now, in previous decades those types of changes wouldn’t have affected Australians much at home, but because of technology, this is bringing these problems right into the households of Australians and we’re seeing that with cyber-attacks, we’re seeing it with attempts to influence our political system, to influence what happens at universities, you know, issues around harassment in diaspora communities. All of those global issues are having domestic impacts and what I’ve been arguing in the last few days is that the work of my department needs to change to address those impacts and we’re working together on that at the moment.

PATRICIA KARVELAS: And those words you used were really incredibly strong, and you say the country’s “waking up from a cyber slumber”. What is Australia’s biggest vulnerability in that space then?

CLARE O’NEIL: Look, I think the big vulnerability for us is that we’re not as prepared as we should be, and I have arrived in this job as the first Cabinet Minister with responsibility for cyber security. You know, three years ago, one of Scott Morrison’s first decisions as Prime Minister was to get rid of the Ministry of Cyber Security, which was just a shocking national security decision. So, I’ve arrived in my role and, as your listeners are well aware, within a few months we’ve experienced our two worst cyber-attacks in Australian history, and we weren’t doing the things over the past decade that we needed to do to help us prepare for those.

Now, I actually think we have the pieces of the puzzle here to become the most cyber-secure country in the world – I truly believe that – but we’ve got to have a reset of cyber in Australia and we’ve got to get a pathway to getting to that place, and that’s why, yesterday, I announced that we’re going to create a new cyber strategy for Australia, bringing in literally the smartest people around the world and in Australia to get their minds on this problem and work with me to help guide us through what is a very big national security challenge for the nation.

PATRICIA KARVELAS: Do we already have the people or do we have it bring people in?

CLARE O’NEIL: Look, it’s a bit of both and I think every country in the world – like the experience that Australia’s had with cyber security is not unusual, and actually when you look around the world, I would say that in 2021 is when the penny dropped in America. For us, it’s been 2022. We’ve got amazing global expertise here, but we just need more of it and part of the strategy is going to be thinking about how are we going to build the sovereign capability we need in cyber security because this is one of those areas where we can’t rely on the rest of the world. We’re going to have to be able to stand on our own two feet because, as I’ve described, we’re going into this very difficult set of decades where there’s a lot of competition around the globe and there are certain things Australia’s going to have to do for itself and cyber is one of those.

PATRICIA KARVELAS: So, you say you want to make Australia the most cyber secure country by 2030. It’s a big ambition and you say you think we can do it, but what is the threshold or your KPI for that? Does it mean no hacks or a radical reduction of hacks? Is that going to be part of what you embed into the strategy?

CLARE O’NEIL: Yeah, so, I think having fewer hacks is very much a KPI. That’s really important and it’s something that we need to strive for. Australians do need to reset their expectations. We are never going to reduce cyber risk to zero and any cyber security expert who is listening will be nodding their heads right now because this is one of the core things we’ve got to understand. The internet is porous. We cannot protect everyone from every single thing, but what we need to do is make sure that we design a system that keeps attacks out as much as we can, and there’s a lot of work to be done on that. But something else that we really need to get good at, PK, is getting back off the mat when we have taken a hit from a cyber point of view. And I have to tell you when Optus happened, we did not have a cyber incidence response function in the Australian Government that was fit for the size and the importance of this task, so we’ve done a lot of work to help how government responds to these issues. We’ve got to just get a lot better with working with the private sector in partnership to quickly fix the effects of cyber-attacks when they happen, because Optus and Medibank, they won’t be our last.

PATRICIA KARVELAS: I spoke to Alastair MacGibbon earlier, former e‑security (sic) commissioner, as you know. He told me people need to stop handing so much personal information and, more importantly, businesses need to stop asking for it. He gave an example, his own anecdote about when you go to a hotel and they want to photocopy your licence. Like, these extra – you know, this breach into your data all the time. Can the Government act on this?

CLARE O’NEIL: Yeah, I do think there are some things that we can look at in relation to that, and then, PK, as a consumer, hear, hear, I could not agree more. I went out for dinner last night and they asked me for my phone number to deliver my order to me, and I was like, “What the hell? Like, you just do not need this information.” So, I think we need to look at where data requests are being made and on what basis. The other important question that has not been addressed here is what are the obligations on companies who hold sensitive data about Australians, and this was the problem with Medibank and Optus. They have high obligations to protect our data because they hold very important data about Australian citizens and, so, we need to have a conversation with businesses of this kind who hold this very sensitive information and set minimum standards for them about what data protections will be in place.

PATRICIA KARVELAS: A new cyber security policing operation will be tasked with hacking the hackers. What exactly does that mean?

CLARE O’NEIL: Well, what it means is, so normally police operations are essentially reactive, so we wait until goes wrong and then we go out and try to find the person who did and bring them to justice. This is an offensive operation. So, what it means is that we are setting up a standing force of 100 people who will be some of the best cyber experts in our country and instead of waiting for Australia to come under attack, they will literally scour the world, they will find the groups who will be a danger to Australia at some time in the future and they will debilitate those groups by essentially hacking back. So, there are lots of tools that these very clever cyber people have that can debilitate people even when they’re offshore, and this is a really important part of us addressing this challenge. We will obviously at times be working in partnership with the FBI and other organisations around the world because the same people who are attacking the US and Canada and our allies are also attacking Australia, so it’s going to make a big difference. And the reason this is important, PK, is at the moment we need to impose costs on people who might come and try to hack us in Australia. At the moment, the mindset of these criminals is that this is a low‑risk venture for them coming to Australia or other country to undertake a cyber-attack. We need to impose costs and this is part of our country essentially standing up and punching back at a problem that we have not been fighting in my view in the right way to date.

PATRICIA KARVELAS: You’ve got a lot on your plate in your portfolio. I just want to the move to another issue if we can, and that issue is really at the centre of your portfolio, immigration. There are currently around 70,000 people who sought asylum and were rejected who are working in Australia right now. It’s a staggering figure. Will you offer them permanent pathway to residency?

CLARE O’NEIL: Well, PK, I mean, I don’t think that’s the right solution for this group of people, but I don’t have you a complete answer for you, so if I can just step back a little bit. When we arrived in office, our immigration system was in an absolute mess. I’m not kidding. We had a million unprocessed visas sitting in the system in the middle of the worst labour shortage since the Second World War and no plan to process them. We’ve got, as you describe, for the first time in, you know, we’ve got something we’ve actively avoided as a country, which is a group of undocumented workers who are highly vulnerable to exploitation. We’re not a country where you can just arrive without any reason to be here and stay permanently. I don’t think that’s the right solution here. If people are not refugees, they’re not owed permanent protection, we do need to provide a pathway for them to go back home. That’s my view about it.

PATRICIA KARVELAS: Yeah, it’s a staggering figure, though. Undocumented people working, does that push down wages? Are you concerned about what’s happening more broadly as a result of that?

CLARE O’NEIL: Look, I’m very worried by it, PK, and I’m pretty bloody annoyed, too, because Peter Dutton while he was Immigration Minister, he spent all his time striding around the country telling us what a tough guy he was on borders and all the while, under his nose, this has been described as the biggest labour trafficking scam in Australian history. We believe in permanency and citizenship and nation building through our immigration system. We don’t believe in creating a permanent undocumented underclass of the kind that you see in a lot of other countries in the world. We have always actively rejected that as Australians, so we do need to find a way to fix it, but we are working through the problems piece by piece, and I can tell you in immigration every rock I look under, there is a mess there for me to clean up, and we are working through them bit by bit.

PATRICIA KARVELAS: Thanks so much for joining us, Minister.

CLARE O’NEIL: Thanks, PK, much appreciated.

PATRICIA KARVELAS: That’s the Minister for Home Affairs and Cyber security, Clare O’Neil, and you’re listening to ABC RN Breakfast.

--END--