Login
iscover
This Q&A is a transcript of a recent podcast between Phil Tarrant, director of defence at Momentum Media and Major General (Ret'd) Marcus Thompson, which can be viewed here.
To continue reading the rest of this article, please log in.
Create free account to get unlimited news articles and more!
Phil Tarrant:
Hi again, everyone. How are you going? It's Phil Tarrant here, co-host of Cyber Security Uncut, joined in the studio by my co-host, Major General (retired) Marcus Thompson, Cyber Compass. Marcus, how are you going? You well?
Marcus Thompson:
Hey, g'day Phil. It's good to be back.
Phil Tarrant:
It is good to be back. And I had to sub you in the other day.
Marcus Thompson:
You did. You did.
Phil Tarrant:
Sorry about that.
Marcus Thompson:
Oh, no. I'm sorry I was unavailable to help you that day. But it was a good chat with Paula Oliver. She was good. In fact, she was so good I was a little bit nervous. I thought, "Gee, I wonder if Phil might be thinking about getting himself a new co-host?"
Phil Tarrant:
I don't think you're replaceable, mate. However, I think you're replacing me, because we have a... The next instalment after listening to this particular podcast, you've done a crossover podcast with the team over at The Secure Board, and you have a chat with them. So I think there's a really good way for us to continue to democratise the conversation around cyber security markets. And we can bring our friends and collaborators in from right across the cyber security sector.
Marcus Thompson:
Definitely. The more voices in this space, the better, Phil. This is complex. Some of this stuff's really hard, and the last thing that any of us need is group think. So the more voices, the more diverse opinions and perspectives being presented for national cyber security, the better, in my view.
Phil Tarrant:
And I think there's good reason for that, because we've gone from the launch of this podcast, talking about things, I guess, academically or hypothetically. What if X, Y, Z happens? We are now... And everyone tuning into this would be pretty clear on this.
We're all aware of the situation in Ukraine, which we've been talking about, Marcus, for a couple of months now. Last time we got together we were talking about a potential cyber flash point in Ukraine kicking off conflict. Well, we're sort of recording this a day or two after the Russian intervention in Ukraine. So that is now a kinetic war. We're all watching it being played out on the news channels, whether it's citizen journalists filming cruise missiles landing in Kyiv, all the way through to some of the state-owned media are showing those pictures. Which is pretty confronting for a lot of people who would think that conflict in Europe is something from 80 to 100 years ago. Here we are, again, back to where we were, back in 1914 or '39. It's pretty horrific stuff, Marcus.
Marcus Thompson:
Yeah. Well, I mean, any conflict, any war, any military contest like that, is confronting for anyone. And spare a thought, just for a moment, for the human tragedy that we see unfolding on the tele at the moment. And these are people just trying to go about their lives, and it's... Every war, every conflict, there's always that human tragedy, that as a career soldier it's never far from my mind.
Phil Tarrant:
And I think we should front-end this chat on that basis and acknowledge that. However, today I want to sort of spend some time with you, and work through what we're seeing play out right now. And that's going to maybe sound a bit clinical, looking at those facts and the applications of warfare in Ukraine today, but we do acknowledge the suffering that those people of Ukraine and all of the relevant families elsewhere. I've got people in this business here who have family in Ukraine right now. And for me, when someone mentioned it, I was like, "Wow, this is close to home." And the community here from Ukraine, in Australia, it's a passionate community. So our thoughts are with you at this moment.
Now, Marcus, we've spoken about, in the last podcast where we were together, Russian attitudes towards cyber, or the use of cyber or electronic warfare in how it fights. And we spoke about sort of it's embedded into the military doctrine of Russia, and prior to that, the Soviet Union. We've seen conflict, or we've seen cyber attacks inside of those areas which Russia would assume or deemed to be part of their traditional sphere of influence. Estonia, for example. So we've seen a lot of clues for how Russia will be using cyber and electronic warfare or information warfare in this conflict that we're in right now.
A very good piece, Marcus, I thought, written by you, in that... I noticed they didn't come to me. They've come to you for some reason. On the Financial Review, to actually give your views and interpretation of what's going on. And if you haven't read the op-ed yet... So we're recording this on the Friday after when the conflict started. That's going to be something that the academics going to debate. Probably a day or two after the Russian intervention in Ukraine. So you're probably listening to this a few days after it. So what we're talking about right now is probably going to be different when you actually tune into this. However, you wrote a piece at the start end, the front end, of this intervention. Whether or not intervention's the right use of terms. You call it invasion.
Marcus Thompson:
Yeah. Let's call it for what it is, invasion.
Phil Tarrant:
It's an invasion. Okay. We'll call it an invasion. You wrote a piece here for the Financial Review. "Russia's playbook of revenge cyber attacks could not surprise." And the sort of intro here, "The ADF's former head of information warfare..." That's you, Marcus. "Says businesses must heed the prime minister's warning and update their security systems against potential reprisals." So rather than sort of... There's a whole different bunch of ways you can really look at this, but you looked at it as in, "Okay, this is what's going on right now in Ukraine. This is what it means for Australia, and how Australia, Australians, Australian businesses, the Australian owners of critical infrastructure, should be looking at this conflict."
I think the NATO, the West, whatever you want to call it, have been pretty clear that... I can't see them putting boots on the ground at the moment. The way in which NATO, the way in which the West will respond to the invasion of Ukraine, is through sanctions. And the Prime Minister, Scott Morrison, came out a couple of days ago, pretty much going, "We are going to be participating in these wider sanctions, which largely look universal from the West, to block or combat Russian aggression in Ukraine." So we're part of that. Now, one of the outcomes of that, and you draw on it in your op-ed, is that... Just be warned, there's going to be reprisals around this. And when you look at how Russia has acted traditionally, and in the past, and what's embedded into the way in which it goes about doing what it does, look out for these things.
Marcus Thompson:
I did write, Phil... And that's why I wrote the piece. I mean, I think you and I talked, in very broad terms and very quickly, last time, just about Russia's extensive cyber capabilities, and their willingness to use it. We saw some reports earlier in the week, of people saying, "Oh, look, it's not really relevant to Australia." Or, "The chance of something coming back against Australia is pretty low." And then, of course, as the prime minister emerged from the National Security... As our prime minister emerged from the National Security Committee of Cabinet on Wednesday, announcing those sanctions in response to the Russian invasion of Ukraine... I mean, he took time out. During that press conference, before he invited questions, he took time out to warn the nation of the potential for cyber attacks as a reprisal against Australia, for those sanctions.
And I mean, I think, there's a few of us... And I guess the point I make in the op-ed is that that should not surprise anyone. It should not surprise anyone. The Russians are masters of information warfare, and there's been so much written and talked about in the open source, and books, and articles, and magazines, and whatnot, just about the Russian approach to information warfare, which of course includes cyber. But the Russians have been masters of information warfare for decades, if not centuries, and all of that. Psychological operations, information operations, deception operations. What most people would think of today as disinformation or fake news, the Russians have been doing this for aeons.
Yeah, so that's why I say there's nothing new here. That shouldn't surprise anyone. But of course, what is relatively new, is the ability to conduct those activities in and through cyberspace, and therefore the speed and scale at which those activities can be conducted. And the point here about the Russian playbook being well-known, is that they've been telegraphing it now for 15 years.
So Estonia, 2007, when the Estonians relocated a Soviet era grave marker, known as the Star of Tallinn. Tallinn as in Tallinn, the capital city of Estonia. Estonia was subjected to some crippling denial of service, distributed denial of service attacks, DDoS attacks, that targeted their parliament, government ministries, banks, and some other civilian targets. That's 2008, when Putin annexed South Ossetia. The fight with Georgia. That went for about 12 days. Information warfare techniques used extensively throughout that 12 day conflict, and subsequently, in an effort to justify the actions that Russia had taken. That's 2008.
2014, in Ukraine, extensive use of cyber and electronic warfare capabilities. Unmanned, uninhabited aerial vehicles, drones, all out in front of conventional military, where conventional artillery and conventional infantry would come through afterwards to... Sorry. Cyber, electronic warfare, drones, mass conventional artillery, and then the infantry would just wander through and mop up whatever was left. That's 2014.
In the lead-up to this conflict, through last week, and then again during this week, lots of reports of cyber attacks being directed against Ukrainian government targets, banks, other civilian targets, what we now know in Australia as critical infrastructure.
So that playbook is well known. Shouldn't surprise anyone. They've got the capability. We know they've got the capability. They've repeatedly demonstrated their willingness to use it. And of course, cyberspace is a domain that knows no geographic boundary. And so, it would be naive of us to sit back and think, "Oh, well that's all happening in Ukraine. There might not be cyber attacks directed against Australian businesses and Australian interests." Because it's just another IP address, right? There's no... It doesn't matter. Geography is less important. Which is why I wrote the op-ed. It behoves Australian businesses just to be thinking... Especially those in critical infrastructure, to be thinking about this. Because the time to be preparing for any reprisals is before the reprisal, right? Not during any subsequent sort of attack or incident.
Phil Tarrant:
So a lot there, Marcus, for our listeners to think about. Now, the prime minister, I would imagine he doesn't make comments like this lightly, actually warning Australians, Australian businesses, owners of or users of critical infrastructure, that you should be concerned, and you should be alarmed. That must be a real inherent threat, from my view. Because I'm, I'd like to think, a student of cyber security or information warfare, someone who's learning rapidly about it. Because I'm not an expert by any means. It means I try and simplify things in a way in which I can understand. I'm a very visual person as well. I can see sort of two applications of this, with the conflict in Ukraine right now, for Australian businesses.
And that's what.... To give us a sense for what we should concentrate this chat on, is that, okay, what does it mean for Australia and Australian business? What can we do about it? That's the key thing right now. How we can be mixed up, or have some sort of implication of a cyber security or information warfare orientated attack inside of Ukraine. How does that sort of proliferate outwards, and is there any impact or effect? And there would be. But then also direct or dedicated attacks on Australian critical infrastructure. And that could be banking systems, or whatever you want it to be, here in Australia.
Now, some of the readings that I've been looking at on this, Marcus, is that any attack, or any type of Russian influence in Australia probably wouldn't be state-sponsored. It will be done by Russian hackers or criminal actors who have, essentially, the rubber stamp from the Russian government to go away and try and cause skullduggery where they can. Ransomware attacks, denial of service stuff. So it might not necessarily be the Russian government who is actually doing it. They'll do it probably through proxies, just to try and get in the way, and cause some disturbance somewhere or another. That's what I'm reading right now. Do you sort of lend to that view, or do you think it will be moreso Russian orientated state-based actions?
Marcus Thompson:
Well, I mean, it's hard to be too specific here, and we're perhaps speculating just a little bit. But I guess what I might add here, Phil, is that it's really hard sometimes to distinguish between what is a organic state capability, and what might be a state-sponsored capability. And there have been media reports over the past 15 years of Russian cyber criminals being used to advance Russian national interests, in an attempt, or in a apparent or alleged attempt, to be held at arms length from the actual government. But make no mistake, their objectives are identical. And with a very capable, or a high-quality capability that is real, that is active, and can do serious harm to your business.
Phil Tarrant:
So it doesn't really matter who's behind it. If it's there and it's causing disruptions, that's the issue.
Marcus Thompson:
Well, I mean, correct. And this is where... Something I've been talking about for some time now. Because at the end of the day, it doesn't really matter whether a threat is criminal or organic state capability. It's where we sort of use those phrases like state-based capability, or state-based actor, or state-sponsored actor. It doesn't really matter. The threat is the threat is the threat. And the preparation requirements, and the necessity of planning response ahead of time doesn't matter either way.
Phil Tarrant:
You look at this domain, if you want to call it, of-
Marcus Thompson:
It is. It's a war-fighting domain. So cyberspace is a war-fighting domain, alongside sea, land, air, and space. It is a true domain of conflict now.
Phil Tarrant:
And that sort of is wrapped up... Just to sort of maybe go one-on-one with this stuff, for our listeners who aren't too familiar with it. That all fits within the realm of information warfare. So information warfare being political warfare, sort of grey-zone type conflicts. Anywhere outside of a direct kinetic conflict would fall within the realm of information warfare. How expansive is it?
Marcus Thompson:
So I always considered information warfare to have three component elements. And if our listeners could picture a Venn diagram of three intersecting circles. And the three circles are information operations, old school influence, that in a military sense would include psychological operations, deception operations, misinformation, anything that you can use to deceive an adversary and gain an advantage. Because remember warfare or conflict is a clash of wills. And so, getting into the mind of an opponent is a legitimate way, in military terms, of gaining an advantage. Information operations is that first intersecting circle.
And then the other two are cyber warfare and electronic warfare. Now electronic warfare is that old school, listening in, electronic surveillance, old school jamming. But of course, these days there's no sort of valve-operated radios on the battle-space anymore. In contemporary militaries now, everything's digital. Even an infantry soldier is carrying, these days... Certainly an Australian infantry soldier is carrying between 7 and 12 IP addresses, internet protocol addresses, on his or her body. These are all digital. You think about Joint Strike Fighters, Air Warfare Destroyers. Modern tanks are digital platforms.
So yeah, that electronic warfare, that traditional electronic warfare now exists on a spectrum with cyber warfare, which is the third of those intersecting circles. And that cyber and electronic warfare exists on a spectrum now, because everything is cyberspace. And so, in military terms, we talk about networks and mission systems. Those mission systems being those jets, those ships, those tanks, or those fighting vehicles. That's the military operating technology. So they're the three sort of components of information warfare as I see it.
And that information operations has... There's lots of definitions and lots of descriptions of it. Australia's chief of defence force a couple of years ago used the phrase "political warfare" to describe it. There's lots of articles and books on hybrid warfare. There's been talk of operations short of war. And then of course, the 2020 Defence Strategic Update, which is Australia's current high-level defence policy, used the phrase "grey zone operations." So if you think of war and peace as in a black and white spectrum, that grey zone is the piece that sits right there in the middle, and involves activities that are considered less than what would be a traditional military on military conflict, a kinetic fight.
Phil Tarrant:
And we look at the scenario in Ukraine at the moment. Information warfare, or hybrid warfare, or grey zone warfare, whatever we choose to call it, political warfare, and kinetic conflict, they don't happen in isolation. It all happens in concert, universally and simultaneously.
Marcus Thompson:
Exactly. And because these information effects, these information warfare effects, cyber effects... Whatever label that we put to them, those effects are not likely to be decisive in and of themselves. They are at their very, very best when they are fully integrated with other effects. In a military sense that they're integrated with other military kinetic and non-kinetic effects. A kinetic effect being a traditional military, explosive type effect.
But as we've seen this week, in the lead-up to the invasion of Ukraine, it's those effects being integrated with other effects of national power. And I don't want to get too academic on this, Phil, because we could spend all day on it, and I think we've got to get to other things. But one of the frameworks that is used for an expression of national power is called the DIME framework, D-I-M-E. The D standing for diplomacy, the I standing for information, the M standing for military, and the E standing for economic. So if you're integrating all of those aspects together, that's a representation of national power.
So we saw Putin just talking about how, "No we're just going to annex these couple of districts of Ukraine. We're not going to go any further." There's the I piece, which in hindsight was clearly misinformation and deception. In goes the military. And now they're going to be playing economic and diplomatic catch-up for some time, but it's what they do in that diplomatic and economic catch-up, that I think is of most interest to us right now, and should be of interest to Australian businesses and organisations.
Phil Tarrant:
And these economic sanctions are one of the many tools that NATO, West will have to combat this. Now, if you listen to the, again, misinformation, who knows? Fake news, who knows? Putin will have us believe that this will be a short, sharp conflict to de-militarise parts of Ukraine where they have their concerns.
Now, we could do a podcast in itself around the history of how we got to where we are right now. And for those who haven't looked into this in depth, I highly encourage you to go and read about the history of Ukraine. And you can see why and how Russia could probably justify claims around whether or not it is part of Russia, or part of their sphere of influence or not. Ukraine independence, I think, was very clear when they actually voted. 80 plus percent of the nation came out at a referendum, whether or not they wanted independence, and 94% of people said, "Yes, we want independence." So you're never going to get to the bottom around these things. However, Russia say it's going to be short and sharp. The West is now telling us there's going to be a long, drawn-out, probably bloody conflict, whether or not there'll be direct Western intervention.
The difference between a European war today versus a European war a hundred years ago, Marcus, is that, and this is the point, the bloody battlefields of Flanders or the Western Front in 1915 and '16. The impact back at home might have been some rationing. It might have been loss of loved ones, but it was largely detached. However, today it's highly interconnected because of cyber warfare. There is direct ramifications as a result of conflict now, that could impact absolutely everyone.
So if you're an Australian business, Marcus, and taking that into consideration, this is... On the home front now is not the home front. Everywhere is contested. What should you be doing right now, outside of the essential aid? And we talk about it all the time. What should you be doing as an organisation? I know you sit as a security advisor for ParaFlare, a very good business. And no doubt you're talking about this stuff within that organisation, and with those clients. What would you be doing?
Marcus Thompson:
Well, in short, Phil, it's have a think about it now, be thinking about your cyber security now. What might be necessary to prevent, minimise or respond to any incident directed your way? I think it's... I mean, I made a couple of observations, or a couple of thoughts in this op-ed today. But at the end of the day, the time for preparation is before, not during an attack or an incident. So patching systems. Patch, patch, patch, patch some more, so that your hardware and your software has the latest updates, and therefore the most recent security measures applied. And close that gap on any vulnerabilities that could be exploited by a threat actor.
Be thinking about where you might be vulnerable, including into your supply chain. So with everything just so globally connected now, and especially with all of the global supply challenges that we're all experiencing at the moment, in the wake of the pandemic, where might you be vulnerable, both internationally and domestically? When was the last time you had a look at your business continuity plan and your incident management or crisis management procedures? Is there a crisis management team ready to go? And are decision-making authorities and delegations, are reporting requirements understood by everyone who has a role to play, including into your supply chain, into third party providers?
Now, how's our culture? How's our security culture, internally? Is our workforce sufficiently aware that they are on the lookout for suspicious activity. That's looking for that phishing email. Don't click on that link to give an attacker easy access into your systems. And I think, importantly, stay close to the Australian Cyber Security Centre. Follow them. Subscribe to their threat updates. Sign up as a partner, so that you're getting the most recent current contemporary information that the Australian Cyber Security Centre can publicly release.
Now, all of that... I'd be saying all of that, whether there was a crisis in Eastern Europe today or not, Phil. So that's why I say it doesn't really matter who the threat is. The threat is the threat is the threat. Just be thinking about this. But there is clearly heightened alerts going around. I mean, it's not every day that our prime minister goes on national television to warn the nation of the possible threat of cyber attacks. That's what he said. He said it was possible. He also mentioned that government authorities had had quiet chats with some businesses in the Australian industry, just to remind them to pick it up, or be on the alert for any attacks.
Because I just think it would be naive to think that Russia won't respond in some way to these sanctions, especially... Maybe not this week. But especially as the sanctions start to bite. Yeah. I mean, there's all this... Lots of commentary in the media over the past 24 hours or so, from Western leaders, talking about how our aim is to... I might be paraphrasing here. Our aim is to literally cripple the Russian economy.
Phil Tarrant:
Yeah. Which they're doing through a lot of different sanctions. They're attacking their, or looking to impact directly, their financial systems. They're blocking Russian state-based banks. Particularly there's some of them who go about and do a lot of the funding of defence programmes. Individuals are getting blocked. And this is just the start of it. And we're seeing how economic sanctions... Which is a tool that's been used for hundreds of years to combat aggression.
So this will take place. And this isn't just today. It's into the future. And we speak about it perpetually on this podcast, Marcus. Preparedness is key. Why are you prepared? Were you prepared for this sort of stuff? It's only when you get there you actually realise in hindsight that this is what you're preparing for. So if you haven't been doing those things that Marcus has spoken about there, you got to catch up pretty quickly. And I could probably do a whole podcast with you, Marcus, which I would probably phrase, "Is it okay to dot dot dot?"
So the one I've got for you today... And this is for business leaders out there, because I'm sitting here thinking about this myself. Is it okay to talk about this with your team, with your business? And you spoke there about... And you touched on it, and again, I think it's a podcast in itself, this sort of security culture. Security culture isn't just your executives. That's absolutely everyone. So the question is... And I will do an update with our business today. I'll do it weekly. What's going on? Should I be saying, "Hey, this is what's happening in Ukraine. This is what the prime minister has said. You need to consider whether or not the stuff that's coming into your inbox is part of this." Now, who's going to be targeted? Who knows? But is it okay to talk about that with your team?
Marcus Thompson:
Absolutely. And more than okay, Phil. I'd be encouraging everyone to be having those conversations. This culture, this awareness of the cyber security threat, is part of that self defence, which is that first layer of protection that any organisation can be considering. So how confident are we that our workforce is sufficiently aware to not be that person who clicks on the link in the phishing email, that might enable a threat actor to insert malicious software, malware, into our networks, and then gain access right throughout our IT and our OT? Especially if we don't have good segregation internal. So don't be that person to click on the link in the phishing email.
How confident are we that our workforce is sufficiently aware that if someone finds a USB stick in the car park, they won't just come and plug it into the system out of idle curiosity? Phil, that is the technique that is reported to have got Stuxnet into the Iranian nuclear facility at Natanz in 2010, 12 years ago.
And I think the other one that I'm always at pains to talk about is social media. So I mean, what is being released to the internet, that can be gained by anyone with an internet connection, about our business, about our workforce? What are people releasing into the media, into social media that a professional threat actor... And we've talked about them today. A professional threat actor with a targeting mindset... Now targeting, a military term, but if everyone can just excuse me doing that. But a professional threat actor with a targeting mindset can take all of that information, turn it around, and use it to come back at us. So how vulnerable are we? So what are we posting? And what is our organisational social media policy?
Are we happy that someone is presenting on Twitter or Instagram or Facebook as being an employee of ours, and then talking about where they work, their pattern of life, when they arrive at work, when they don't arrive at work, what they're doing at work, what's happening inside the walls of the business? Are we happy about all of that? And it starts with that recognition, Phil, that there is a threat. The threat is real, it is active, and it wishes us harm. Now, this particular threat, right now it's a potential or a possible. But it is real, it is active, and it can do severe damage to us if it chooses to, and if we're not prepared.
Phil Tarrant:
So talking about it, you're not unnecessarily fear-mongering. It is appropriate to actually talk about it. Because I think a lot of business... It depends what sort of organisation they have, obviously, but they might be a bit concerned about having those conversations. They don't want to draw parallels. It's a tough one.
Marcus Thompson:
Well, I mean, over the past couple of years, sensible businesses have been having sensible conversations about protecting themselves from COVID-19 and the variants thereof, and all of the appropriate mitigations and preventions being in place. This is just another concern or challenge that businesses need to be considering, and to adopt measures to protect themselves.
Phil Tarrant:
You know what? I think that's a pretty reasonable way to frame it. It is another threat that should be addressed. The better off as an organisation you are of socialising these things, putting in place reasonable protocols around it, showing leadership to people on how to keep their response to it simple but effective. It is good leadership as far as I'm concerned.
So Marcus, we've covered a lot there. How do you see this playing out, mate? What's happening in Ukraine today, and those sort of three key areas of information warfare all happening in unison and concert right now. You only need to flick on the TV. Russian state-based media will be telling you a particular story. Is that information warfare? It's as old as time itself. You've got citizen journalists who are producing information by the millisecond, whether it's video, or audio, or written on social media channels. Is that information warfare? Who knows? Everything is in place.
And no doubt this is going to be studied at length post this conflict, whether or not the Russian playbook has changed. And do you think they've stepped it up at all? Do you reckon it's got much room to move? Or they'll just press play on what they always do, and this is the way it's got to be?
Marcus Thompson:
Phil, as I said, their playbook is well-known. They're very good at it. And I would just expect to see more and more of it, in a coordinated, integrated, well-planned manner. And I would just add that everything I'm seeing in the media... And that is my sole source, conduit of information here. But everything I'm seeing in the media just points to a well-planned operation here. Objectives are set. Restrictions and limitations will be set. They'll know what they're going to do. They'll know what they're not going to do. And that detailed plan is currently in execution.
Phil Tarrant:
Are you able to detach yourself from the way in which you would just naturally be looking or observing this right now? Like you look at it and just go, "Yeah, that's that. That's that. That's that. I know exactly what's going on." Are you able to sort of step back and look at it from a different sort of angle, without that insight?
Marcus Thompson:
Well...
Phil Tarrant:
Be tough.
Marcus Thompson:
Yeah, so, sure. I mean, I look at it and I read the reports. I see the reports on television, and you can see, "Yep, that's right. So this is happening. That's happening. This is happening." And it's just... Best part of three and a half decades in the military. I can't-
Phil Tarrant:
Cannot not.
Marcus Thompson:
I can't really help myself. And then with the latter part of my career being focused on the development of Australian information warfare capabilities. I've said publicly several times, Phil, that I am a student of General Valery Gerasimov, the current chief of the Russian military, who coined the Gerasimov doctrine, which is all about that integrating information effects with other state and military effects. They've been at it for some time, and they're very good at it.
But I would just hasten to go back to where we started, that whilst as a professional soldier, I can... Now former professional soldier. I can see all that play out. I can identify what's happening, albeit in hindsight, because there's always a lag into the media. But just acutely aware. And having spent a good part of my life and career in combat zones, I'm just acutely aware of the human tragedy that'll be playing out in Ukraine as we speak.
Phil Tarrant:
Yeah. I think that's a good way for us to wrap up this podcast. I think this summer we'll be talking about, for some time, over the coming months, on Cyber Security Uncut. And I was going to ask you, but I'll wait until we sort of get there, about where you've seen any... And I'll sort of leave this show with no answer. But have you seen any mistakes yet, within the Russian playbook, on what they've done so far? No doubt you're probably trying to interrogate that, and thinking about that. So we'll have a chat about that at some point. And we're happy largely, Marcus, to chat through anything on Cyber Security Uncut. So if any questions from any of our listeners out there, the best thing to do is just email the team here,
Marcus Thompson:
Yeah, it's always interesting in hindsight, isn't it? But looking forward to those conversations, Phil. I'll just say to our listeners in the meantime, hey, just dust off your business continuity plans, dust off your incident response, your crisis response procedures, think about your vulnerabilities, and stay alert and informed.
Phil Tarrant:
There we go. So just a message there for business owners. And a lot of people think being a business owner is a glamorous and easy job, but let me tell you, it can be bloody hard, particularly when you have these responsibilities that you need to be considering, not only for the health of your business, but your people, importantly, as well.
That's Cyber Security Uncut for this week. I didn't think when we kicked this off Marcus, that we'd probably be talking about something so practical, out of the theory and the textbooks into this. So we'll work our way through it, mate.
Marcus Thompson:
It's the first time I've been speaking and writing about information warfare since I left the military.
Phil Tarrant:
Nice one. That's Marcus Thompson, Major General (retired). He's Cyber Compass. He sits on a whole bunch of boards as well, helping them ensure that they're all right across cyber security. But also those businesses who are powering them as well, including ParaFlare. Good organisation. I hope you enjoyed that, everyone. Remember, any questions at all, get in touch with us. Happy to cover off anything. Any ideas for guests. If you want to come and have a yarn to us around this.
And this is going to be what's happening at the moment in Ukraine, but then what is the global implication and applications of that? And we're talking specifically about that today, from the message from the PM, the very clear message from the PM, to be alert around potential reprisals, which will come in the form of cyber attacks here in Australia, largely for those organisations that are critical infrastructure. But all businesses be aware.
Remember to check out cybersecurityconnect.com.au for the latest breaking information around cyber security. And Marcus, I am doing my readings. And one of the key things that I was doing, which I'm not going to do anymore, I'm not going to use cyber as a noun anymore.
Marcus Thompson:
Look, I'm happy with cyber as a noun, Phil.
Phil Tarrant:
You're okay with it?
Marcus Thompson:
I've always been happy with it as an adjective. I grate every time I hear it used as a verb.
Phil Tarrant:
You don't like it?
Marcus Thompson:
No. "Hey, can we cyber them?"
Phil Tarrant:
Cyber it up?
Marcus Thompson:
"Can we cyber them?" No.
Phil Tarrant:
So that will telegraph, for those people who do their readings, what book I'm reading at the moment. But, okay. So cyber as a noun is okay? All right.
Marcus Thompson:
Cyber as a noun's okay.
Phil Tarrant:
Okay. Not a verb. You can't cyber them up. So the Russians aren't cybering us up at the moment?
Marcus Thompson:
Okay. Goodness me. Stop it.
Phil Tarrant:
No? No? Okay. All right. We'll see you all again next time. Until then, bye-bye.
Liam Garman
Editor – Defence and Security, Momentum Media
