Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Saturday, 22 April 2017 10:15

Why Dan Tehan should have nothing to do with cyber security Featured

By

Dan Tehan has just provided the country with adequate reasons as to why he should not be allowed anywhere near any post that has anything to do with online security. Least of all a federal ministerial position.

Tehan, the Minister assisting the Prime Minister on Cyber Security, wrote an op-ed for the West Australian on Friday; some of the statements he made would fight for primacy with one made by former communications minister Richard Alston. (Unfortunately, The West Australian's website is a pay-only site, but Tehan's gem is linked from here.)

Alston, who was described by some as the world's biggest Luddite, once said during his tenure that the only reason people wanted faster broadband was to download porn.

Tehan has made statements that are on par with this; for one, he is credited with saying that the government is contemplating laws to make telecommunications providers take responsibility for "scrubbing the Web of viruses and malware".

The West Australian's Nick Butterly referred to this as a "radical plan" in what he characterised as an exclusive story, oblivious to the fact that it could not be any other, as the article he wrote was based on Tehan's op-ed published by his employer.

Scrubbing the Web? What does that involve? Not blocking of websites, according to Tehan. No, that turned out to be a miserable failure when the Labor Party tried to play nanny some years ago. But then what? Scrubbing with soap and water?

Dan Tehan.

Dan Tehan: "The government is testing a capability to prevent government users visiting sites known to be malicious."

It is possible that Tehan has drawn inspiration from his boss, Prime Minister Malcolm Turnbull, who has sought to portray himself as someone who is in the groove when it comes to matters digital. Turnbull's method of projecting this image is by using the words "innovation" and "agile" frequently; I suspect that he has set a timer on his (expensive) smartphone to alert him when to next use either of these weasel words.

But back to Tehan; exactly what inspired him to write this op-ed is unknown. Perhaps it was the release this week by the Australian Cyber Security Centre of its cyber security survey for 2016, an eminently sensible document and nowhere near the level of ignorance displayed by Tehan.

One of the gems from Tehan was this: "Just as we trust banks to hold our money, just as we trust doctors with our health, in a digital age we need to be able to trust telecommunications companies to protect our information from threats."

So if telcos cannot block sites they deem dangerous, how do they do that, minister? When it comes to detail, Tehan predictably goes missing.

By extension, if you receive a spam phone call offering you glorious discounts on your international phone rates, then you should blame Telstra or Optus, depending on who supplies that line. But that line (pun intended) of reasoning can only be described as stupid.

More gems from Tehan: "Technology should improve our online experience, like stopping spam emails and providing SMS authentication for your banking services. We are calling on businesses to provide enhanced cyber security services to provide greater choice for users who wish to protect themselves online."

Apart from the dubious grammar in these pronouncements — and right through this op-ed — the minister seems to be blissfully unaware that most banks do provide SMS authentication. Of course, how one prevents spam coming in from a popular provider like Gmail was not dealt with at any length by Tehan. Those details are left to nitpickers.

Tehan further said that the government would work with business "to enhance the identification and patching of vulnerabilities that online criminals are exploiting. We will also enhance our scanning of government networks to identify vulnerabilities before the criminals do".

Good luck with that, Dan. Security experts in Russia, China, Israel and the US haven't been able to do so, but I'm sure you have some mysterious plan that will succeed.

The minister also said that the government "is testing a capability to prevent government users visiting sites known to be malicious. We will look at how we can share this information to provide greater protection to the private sector and broader community. We will improve the monitoring of data as it moves across government networks to support active cyber defence."

It's puzzling to divine exactly what Tehan means by this "capability", unless he is talking of surveillance as per the NSA model. But one doubts he will go down that path; the government of which he is part is already trailing badly in opinion polls and any talk of more surveillance (we already have data retention laws in place) would only make the figures worse.

But having knocked Tehan for his ridiculous op-ed, what does one really do to reduce the chances of online attacks?

Number one, minister, insist that Microsoft make it compulsory for users of its Windows operating systems — which the government uses to the exclusion of all other systems — to operate only with user privileges when doing their daily work.

And no, that advice does not emanate from me. It comes from the security firm Avecto, who came to this conclusion after analysing the entire list of Microsoft's security announcements for 2016.

One more thing that Tehan could do is to mandate that government employees digitally sign their emails, and also make this compulsory for businesses; the number of email-borne infections would drop by a fair amount if that was done.

But going after telcos and all the other waffle mentioned by Tehan is a waste of time. It is an attempt to be seen to be doing something when you have no clue as to what that "something" is.

There is a golden rule about what one should do when one is in electoral trouble: "When you're up to your neck in shit, keep your mouth shut." Obviously, nobody told Dan about this.

Pictures: courtesy Dan Tehan's website.

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments