Elise Thomas, who claims to be a researcher with ASPI's International Cyber Policy Centre, penned an anti-Huawei op-ed for the Australian Financial Review on Monday, and also looked to promote a so-called "study" done by the organisation about technology companies in China.
But in picking the numerous smart city projects being undertaken in different parts of Australia as her takeoff point, Thomas got her facts quite mixed up, claiming that such projects could be attacked by ransomware. She cited the case of the US city of Baltimore, which has been hit by ransomware known as Robinhood, but appeared to be ignorant of the fact that it is the city's desktop systems, which run ancient versions of Windows, that have been affected.
Thus her lead-in, "City systems and infrastructures (sic) have already proven to be prime targets for hackers" made no sense as smart city devices do not run Windows.
Perhaps Thomas was taking a leaf out of the book of her boss, Peter Jennings, who put his foot deep into his mouth by claiming, after the hack at the Australian Parliament, that the fact that users had been asked to change their passwords indicated that the breach was a serious one. In reality, changing passwords after a breach is an indication that the investigators are fairly sure that there has been no deep intrusion into the system; it is the first bit of network hygiene, as even a junior sysadmin would confirm.
Australia's mainstream media often quotes people who work for ASPI, but never tell the public about the organisation's backers so that one can evaluate their public utterances. Not even the taxpayer-funded ABC does so.
But as iTWire has pointed out, ASPI's main sponsors are shipbuilder Austal, US defence contractor Lockheed Martin, Swedish defence company Saab, the Australian arm of American defence contractor Raytheon, MBDA Missile Systems, accounting firm KPMG and Jacobs, a global provider of technical, professional, and scientific services.
Its cyber policy centre is backed by French defence contractor Thales, Google, au domain namespace administrator auDA, security firm Palo Alto Networks, the Federal Government, Jacobs and encryption company Senetas.
With money pouring in from such sources, how can any organisation claim to be independent?
But back to Thomas, who by now has come to the meat of her article: Huawei is a bad company. But she defeats her own arguments, weak as they are, by first asking, "If Huawei is not trusted to supply 5G systems, why should it be trusted with other smart cities projects in Australia?" and then writing, "Huawei has not been involved in implementing smart city projects in Australia as far as is known".
After trying to find out which companies were supplying tech to the City of Darwin and failing, Thomas was apparently frustrated. So she gave vent to her frustration by guising it as public spiritedness: "It shouldn’t be this difficult for citizens to find out what technology is being implemented, by which companies for what purposes, and what steps are being taken to ensure those systems are secure."
But if you told someone whose level of technical knowledge is apparently at the kindergarten level about measures taken to ensure network security, what is the chance he/she would understand it?
It would be a big waste of time – and maybe the officials in Darwin realised it.
Perhaps the senior folk at ASPI should look for a researcher who has a clue about technology; they are already exposed by Jennings and their financial ties, and uneducated rants about technology are only making them look much worse.
Thomas ends her op-ed by writing: "Connected technology has the potential to revolutionise our cities for the better, and we should fully embrace that potential. We just have to be smart about it."
Sure. I would add, "Attacking companies for this, that and the other is perfectly kosher. One just has to get one's facts right."