 Good afternoon, ladies and gentlemen and welcome to this full house to the Lowy Institute I'm Michael fully loved the executive director here at the Institute And I'm delighted to welcome you to this special event with the head of the Australian Signals Directorate Mike Burgess Ladies and gentlemen, it seems that every week we read another big story about cyber attacks the hacking of the Australian Parliament and the political parties here in Australia The North Korean attack on Sony the worm that crippled the UK's national health service And of course the Russian meddling in the US presidential election But all those stories if you like are on the defensive side of the ledger They are attacks on Australia and on Western countries by other state actors The other element of the game is offense The actions taken by Western governments to disrupt and deter our adversaries And we don't hear about those so often. There was some coverage of the Stuxnet worm Which is thought to have been used by the United States and Israel to damage Iran's nuclear centrifuges There has been speculation about hacking of North Korea's missile programs There's been a few things like that But in general we hear more about operations against the West than operations by the West and as my colleague Richard McGregor said to me recently It's a bit like watching a boxing match where you can only see the punches thrown by one of the fighters And that's why today is such an interesting event in which the head of Australia's Signals Intelligence Agency will tell us about Australia's offensive cyber capabilities Ladies and gentlemen, Mike Burgess has served as the head of ASD since January 2018 when it became a statutory agency in July last year Mike became its first director general Previously he worked as an intelligence official and a private sector chief information security officer He served on boards including the federal government's naval shipbuilding advisory board Mr. Burgess holds a degree in electronics engineering from the South Australian Institute of Technology I will have a conversation with Mike will be and Mike has agreed to take your questions But first of all, please join me in welcoming Mike Burgess to the lectern Good afternoon everyone. It's my great pleasure to be here and a few familiar faces in the audience Let me start by first acknowledging the low eboard members. Thank you Michael and the low eboard members for being here The Honourable Margaret Stone the Inspector General of Intelligence security. It's nothing like standing up and speaking in front of your oversight welcome Margaret Philip Lowe the governor the Reserve Bank of Australia and Lieutenant General John Fruin my principal deputy director general the Australian Signals Directorate For me and John. It's a great privilege to lead this organization And as you would understand in any organ or good organization, it's not actually the leadership Sorry, John. It's actually the great people who work for us And we have the privilege of not just leading but in reality we actually have the privilege of Working for the men and women of the Australian Signals Directorate and they do an absolutely fabulous job I Would like to acknowledge in that regards then some of my staff who are actually in the room Martin Sinkin who is the head of strategic communications at the ASD A vet I'm not going to give her a surname just to protect individuals. Who's the director of communications? Joe my chief of staff and JJ's chief of staff Scott Logan, I gave you sir name away sir. Apologies Tell her not really good at this big stuff. Hey Scott has an interesting job title and he I didn't tell him I'm going to do this, but it's military effects and network operations There's something interesting about the title of our workforce final staff member. I want to acknowledge is Michelle Michelle is the head of strategy and strategic policy She's an absolute whiz at that bit of a unicorn, but that's not her real strength A lot of what I'm talking today the policy framework through which we operate and do this Effectively and legally is all down to individuals like Michelle and Michelle has been outstanding in her leadership So late last year I gave a public speech Where I promised to bring the Australian Signals Directorate out of the shadows At that time I committed to be more being more transparent about our role and for an organization like ASD That was a very difficult thing to do It would be really easy to stay in the shadows out of public's attention But that wouldn't have been the right thing to do. I Cannot stress enough how important I believe it is that the public understands how ASD defends Australia from global threats And why our work is so important and most importantly that we act legally and ethically in everything that we do Transparency also has other benefits for the first time we can start talking in more detail about what our staff do And what kind of skills we have and why they might want to come and work with the Australian Signals Directorate So why is that important? Transparency helps inform helps dispel myths and most importantly helps with our value proposition to prospective employees So in the spirit of transparency, let me be open up front While today's talk might be very attractive from the point of view of the topic. I've chosen to speak about My prime objective is simply to sell ASD as a rewarding place to work So, sorry Michael. I actually think this might be the first time Loewe has been used as a real live job advertisement So thank you so much a job where you'll belong to a great team defending Australia from great global threats Where you'll be operating in that slim area between the difficult and the impossible and where you can have a rewarding career that makes a difference So let me start with one of our myths one of the most common misapprehensions around ASD's offensive cyber mission work Is around what that might look like probably not surprising given the cliches in the movies There's always a geek Invariably a guy wearing dark clothing working in low light hacking systems at will Usually they're cavalier. They have no regard for the law and They can just hit the enter key and blow up buildings or do impossible things with electrical surges The real hackers in ASD couldn't be further from this stereotype But to understand why you need to understand a little bit about our capability So when we say offensive cyber, what do we mean? At ASD we're referring to a broad range of activities designed to disrupt degrade or deny our adversaries and To be clear all of our activities are conducted offshore We do this using specialized tools and techniques to disrupt the communications of And interfere with the way they operate and in my experience when people generally think of offensive cyber They go to the high end of the spectrum thinking about computer network attacks that destroy adversaries communications devices Yes, this is something ASD does but in very specific circumstances and within strict legal frameworks But it's just one of the ways we can disrupt our targets behavior online Our operations are carefully designed to achieve their objectives in a much more precise subtle and sophisticated way and To be honest that is far more exciting than smoking computers in cyberspace So for example our targets might find their communications don't work at a critical moment rather than being destroyed completely Or they don't work in a way. They expect they might find themselves not being able to access their information or accounts When they want to These kinds of operations are more representative of what offensive cyber looks like highly targeted and proportionate Timed to precision Whatever the technique our objective is to use our offensive cyber capability to keep Australians and Australia safe It's also again important to remember that we are a foreign intelligence agency Our operations disrupt degrade and deny offshore adversaries who pose serious threats to Australia The Prime Minister first announced or disclosed the existence of ASD's offensive capabilities in 2016 Since then further announcements have been made establishing how our capability supports the Australian Defence Force Including middle military operations in the Middle East Where offensive cyber has helped disrupt Daesh's communications launch attacks or help stop them launching attacks and their spread of propaganda The government has also revealed the role ASD's offensive capability plays in disrupting foreign cyber criminals targeting Australians Regardless of the context all of our operations are conducted in accordance with international and domestic law Every mission must be targeted and proportionate and is subject to rigorous oversight All our actions are deeply considered and subject to meticulous planning to consider the potential for unintended consequences ASD takes its legal responsibilities incredibly seriously. We pride ourselves on being meticulous in execution and we operate within the law As I said in my ASB address last year I've heard of some boardrooms in Australia contemplating the prospects of hacking back to protect themselves against attacks So let me be clear ASD's offensive cyber capability is enabled by the Intelligence Services Act and authorised at the direction of our Minister No corporation or individual should contemplate the prospects of hacking back to defend themselves from hackers That would be an illegal act and The obligation to protect one's corporate assets does not extend to breaking the law. So what do our hackers really look like? ASD's offensive cyber operators look and act nothing like they do in the movies It takes teams of experts to make these operations successful and to ensure all our actions are considered legal and ethical Our operators and planners are imaginative and disciplined with a strong sense of propriety They are cool under pressure and they love working as part of a team It's as far away as you can get from the cliche in the movies They come from all sorts of backgrounds everything from computer science to marketing international relations the law linguists biology and mathematicians to name a few Regardless of their background all of them go for an intensive comprehensive training program to make sure they have what it takes to be a offensive cyber operator Some of them are expert at generating technical effects to degrade or destroy an adversaries communication device It's the type of effect that might be crucial to support a military operation Working alongside our operators are our software developers These programmers are responsible for developing highly surgical tools to cause the effect It's precision work requiring reverse engineering skills and a deep understanding of computer operating systems They have to find a way to bypass the target security mechanism and make sure the tool causes the exact effect that has been approved under our legal framework and Only that effect Our operators create the effect by focusing on the person behind the device as well the intelligence target themselves They draw in a range of intelligence sources to understand their motivations the online technology use and more importantly how they use it and Of all our operations rely on stealth and obfuscation It's not just as simple as setting up an internet connection and away you go So backing up our operators are a group of talented individuals System administrators and security professionals who know how to build and sustain the infrastructure We need to hide our tracks online So let me share some real examples Naturally, we don't often talk about the detail of what ASD does But to help explain why our work matters and what kind of people we're looking for I've decided to declassify aspects of two operations Australian signals directorate has a long history of supporting military operations with the beginnings of this going back to World War two In that time or since that time we've provided critical support to the nation's warfighter Including providing intelligence on threats to Australian personnel and tracking the locations of military adversaries To enable ADF and coalition operations to be conducted and the operations are highly targeted That long-standing support has expanded into offensive cyber Offensive cyber is a crucial part of Australia's military arsenal and ASD supports those on the front line For the first time I can tell you a little bit about what that looks like involving some insights from our operators who conduct these activities The work we do makes a difference and in the Middle East our offensive cyber operators have helped make a difference between success and failure life and death At the height of the fight against ASD ASD working at the direction of the ADF helped shape a crucial battle Just as coalition forces were preparing to attack terrorist position our offensive cyber operators were at their keyboards in Australia firing highly targeted bits and bytes into cyberspace Dayish communications were degraded within seconds Terrorist commanders couldn't connect to the internet and they were unable to communicate with each other Terrorists were in disarray and driven from their position In part because of the young men and women at their keyboards some 11,000 kilometers or so away While the effect was almost instantaneous it took many weeks of planning by specialist ASD and ADF personnel to make What happened and to ensure it went exactly to plan When it came to the day of the operation our operators were constant contact with deployed military elements to make sure the effects were carefully coordinated and timed to precision Our effects were generated in support of and in coordination with ground maneuvers This operation marked a milestone for both Australia and coalition partners It was the first time that an offensive cyber operation had been conducted so closely synchronized with movements of military personnel in theatre and It was highly successful Without reliable communications the enemy had no means to organize themselves and coalition forces regained the territory As part of another operation we worked with coalition partners to damage the terrorist media machine We locked the terrorist out of their servers and destroyed their propaganda material Undermining Dayish's ability to spread hate and recruit new members Our work makes a difference these operations In these operations cyber operators in Canberra help fight and defeat terrorists on the other side of the world On other occasions our offensive cyber operations take on a different character literally Some activities involve ASD operatives assuming false online identities to disrupt terrorist networks One case involved a man who had been radicalized and was in remote location overseas trying to join and fight for a terrorist group The risks were significant and the stakes were high if the terrorists didn't accept a newcomer They would likely execute him if they did accept him they would further radicalize him and train him to kill It was literally a matter of life and death When ASD first was alerted to the situation we stood up a specialist team and developed a sophisticated plan The team included linguists cultural experts and behavioral experts and was led by one of our top operatives a highly trained young woman a Science graduate turned covert online operator ASD tracked down and reached out to the man over the internet Pretending to be a terrorist commander our lead operator used a series of online conversations to gradually win her target's trust Our operative type in deliberately broken English and was so convincing. She was able to influence the man's behavior To ensure he couldn't contact or be contacted by the real terrorists She got into change his method and mode of communications Eventually she convinced the aspiring terrorist to abandon his plan for jihad and move to another country Where our partner agencies could ensure he was no longer a danger to others or himself In this case a young operative sitting at a computer in Canberra was successfully Pretended to be a senior terrorist fighting in a far away war zone Her online persona was the inverse of a real one different gender age culture language status and a radically different ideology One word or reference out of place and the whole thing could have fallen apart potentially with grave consequences The work that our operators do is extraordinary, but talented operators like this come from fairly ordinary backgrounds Like many of us she grew up in the suburbs of an Australian a major Australian city She enjoys yoga hiking and playing touch football And when she was studying at university, she would never have dreamed that one day She'd be posing as a terrorist online helping to defend Australia from global threats We spotted she had the aptitude to do this work early when she joined ASD She was an imaginative had great problem-solving skills and was a team player After completing an intensive training program. She joined our team of cova online operators a job title that remains secret until today So if you're looking for a job Do you pick a fence in In the past it was difficult to recruit people with aptitude for this work if we continue to live in the shadows You can't exactly put cova online operator on your LinkedIn profile We suspect a lot of people wrongly concluded also that our offensive cyber mission was just for techies or worse Still we were looking for those cavalier types that you see in the movie By being more transparent about the work we do really will help Get the fascination and attention of other people who can consider a career in ASD's offensive cyber mission And while a lot of our staff have technical backgrounds Yes, offensive cyber is not just for techies and it's not as male-dominated as you might think Our most experienced cova online operators are all women And all our staff in this field are imaginative curious minded and persistent and when we set them objective They always find a way Or do you pick defense a good offense is only as useful if you also play defense and play that well and in cyber It's the defense mission that really counts On the cyber security side of ASD. There's also a range of fascinating roles where they focus on a different kind of adversary These are the malicious actors that try to compromise Australian systems steal our information and take advantage of Australians online ASD works hard to make Australia a safest place to connect online my staff in the cyber security center are central to that Cyber security is a great career for people who love problem-solving skills For people who love diving into the detail to find security flaws that other people might have overlooked and in this respect they are amongst the greatest critical thinkers we have in my organization They have to be to think about all the ways our systems might be vulnerable and what are the best ways to protect Australians themselves And when we find hackers compromising of a network We call on our incident responders who work out to how to get them out and how to keep them out These kind of operations rely on specialists who love fast-paced operational work and have a great inner crisis And that work is really rewarding when you consider the activity You might be defending against as all the hallmarks of a sophisticated cyber actor a worthy peer competitor That's when he is ASD really comes into its own in these situations We draw on combined expertise of our organization our experts from both the offensive and defensive side Work side by side to ensure we understand the techniques these malicious actors are using and more importantly We understand how to protect Australia and Australians from what's happening Because sometimes to catch a thief you have to be one or at least think like one So be a real poacher turn gamekeeper and pick both This is one of the great things about ASD. You don't have to pick just one job Some of our staff have long spanning careers in defense and offense. This is something you cannot do anywhere else These are the real poachers term gamekeepers or in some cases gamekeepers term poachers Having experience in both mission gives our staff a broad perspective and they are all the more expert because of it So today I've shared more about the nature of the work that we do Because we want people to understand what a career in ASD looks like But naturally there's only so much I can say about our operations and how they help Or to help people think about the career options that they have Much of the detail surrounding this will continue to be classified for obvious reasons Fortunately, there is another way we can give people insights into what it's like to work for ASD And that's from our organizations five values We make a difference We strive for excellence We belong to a great team We're audacious in concept and we're meticulous in execution These values are a lot about the culture of the organization and the people who choose to work at ASD And they take on a special meaning when you look at them in the context of cyber operations We make a difference This is all about giving our customers those we serve a critical edge Whether that's providing offensive cyber support to the ADF operations overseas or responding to serious compromise of Australian systems We strive for excellence It's about seeking and fostering talent being committed enthusiastic and responsive and being world-class in all that we do The stakes are high in our cyber activity and missions And we have a highly talented workforce of cyber specialists who love what they do and do it to the highest professional standards We belong to a great team This is recognition we succeed through teamwork and partnerships and there's no better exemplar of this teamwork at ASD than in our cyber operations Whether it's offense or defense it takes a team of talented individuals with a range of skill sets to be truly successful We're audacious in concept This is all about the work we do which by its very nature requires ASD to operate in the slim area between what is difficult And what our adversity thinks is impossible and it's bloody hard work Whether it's using offensive cyber tools to disrupt the communications of a terrorist Even when they're trying to evade detection or uncovering a new technique used by a cyber adversary to bypass security measures in Australian systems Last but not least we are meticulous in execution This is about precision and always acting legally and ethically and being accountable to the public through government for everything we do This one underpins everything we do in cyber All our offensive operations are conducted in accordance with the law They are subject to meticulous planning to ensure our activities are proportionate and highly targeted And this value also guides our cybersecurity teams who are meticulous in the way they search for vulnerability on Australian systems So which team is for you? By being more transparent about this we hope it gives people a better idea of what ASD does The Australian Signals Directorate is a great organization to be part of Our staff love what they do And they work with a great team We place enormous emphasis on diversity We require it and we desire it a diversity of people with a diversity of skills These operations I've outlined today require linguists software developers analysts code makers code breakers and behavioral experts to name a few Some of our people wear short suits suits to work alongside ADF members in uniform from the ADF's joint cyber unit Quite a few of our staff wear hoodies and jeans that you might expect to see in a tech startup Not like a normal public service organization If you'd like a license to hack legally can keep a secret And or want to make a difference then ASD might have a job for you There's something for anyone who is curious minded and up for a challenge Over the next few years we'll be recruiting many hundreds of people To join our cyber workforce It's really just a matter of which team is for you Offense defense or both Thank you ladies and gentlemen. I look forward to taking your questions That's a foreign state actor just calling in Thank you very much Mike You've continued today to bring ASD out of the shadows and if you like onto LinkedIn Um, so I'm glad you got in your job ad happy to help Um, and maybe in return you can help us with a few questions about your world If you don't mind Let let me start on the on the subject of your speech on offensive cyber You gave us these two very interesting examples of operations by which ASD Operators have helped to defend Australians and Australia against global threats. First of all An operation alongside the ADF in which operators disrupted the work of Daesh and then secondly This fascinating example of a young yoga loving touch football playing Australian woman A covert online operator, which is a job title that I now aspire to Assuming the identity of an older male terrorist commander And I'm intrigued and I think probably a lot of us are intrigued. How do you assume That identity what how do you persuade somebody online that you are somebody else? Share a bit of the tradecraft that your colleagues use if you can for example in that case sure Thank you again for having me here and thanks for the question It really is a team sport. So as much as that individual is an outstanding impressive individual It's not just her Yes, it's her at the keyboard leading the interaction But she's guided by many experts and keep including people who have language experience Cultural experience behavioral experts psychologists So when we develop a plan and when we're live executing a plan our operators are backed up by a very comprehensive team and a body of knowledge that says we know how to Interact with that individual. We already know what our objective is That helps a lot the other thing as part of that. It's not just the great team It's the comprehensive training program we put our individuals through and the tradecraft we've developed over many years That help us do this very well. There's something magical about my organization Which isn't a good thing. We're an organization that's both poacher and gamekeeper Offense defense to catch a thief you need to think like a thief We go to great efforts to understand the behaviors the motivations of the individuals and actually understand the character themselves So we can tap into that and win their trust and in this case It's a great example of where we did that at short notice Based on our experience and our training We're able to win the individuals trust and she was able to move him into a safer place So he wasn't a danger to himself or others Let me ask about that question from a different point of view I like that phrase you just use to catch a thief sometimes you need a thief And I guess in that case that young woman was using deception manipulation You know, I'm sure ASD operators use fishing attempts and Fishing tools and so on now in western countries We get on our high horse when we hear about foreign hackers launching those kinds of attacks against us But aren't aren't you doing exactly the same thing? Yes to a certain extent I might claim we're doing it better than others But to get to the nub of your question Remember we're doing this in very strict limited circumstances in this case We're using this to disrupt someone who is either radicalized or potentially radicalized from doing bad things In this case, that's very targeted Generally what's on the receiving end of Australians every day is not so targeted. It's just it's a pretty broad Brush most of it comes from the criminal gangs who are looking at making money We're not like that organization. We're here to defend Australia from global threats and Everything we do is proportionate and legal And in limited circumstances enabled by law What about comparing ASD's work to the work of other foreign intelligence services other signals intelligence services are there Or what are the things that a signals intelligence service in a democracy such as ASD? Would not do that a signals intelligence service in a non-democracy for example like Russia or China might do Whilst I will answer that question I'll start though by saying obviously I'm here to talk about ASD's capabilities. I can help the audience in so far as There are I'm confident there are things that we can do technically in terms of generating the effect That very few other nations could do But the best way to compare us and other nation states is actually in the premise of your question Look at the legal and cultural settings of our country Everything we do is enabled by law It has to be right has to be legal. It has to be right has to be proportionate We just don't go up with some crazy scheme It's thought about there has to be some authoritative basis for which we're doing it There are some countries a smaller number of countries who don't have the same legal frameworks as we do and they might do things Which were not proportionate to the issue. They may rightly be dealing with In our case, I can assure you our actions always proportionate. It's a fundamental premise of every think we do in the offensive cyberspace What about when not when you're targeting foreign states, but what about when you're targeting Transnational criminal networks, for example people smugglers. How does how does that work? So my agency is a foreign intelligence agency and we have this thing called offensive cyber Capability if someone has the authority to disrupt people smugglers, we can use this capability support them It's just like anything else. What's the authoritative basis on which someone is operating and can't ask the help them So, yes, we do have the capability to help people who have the authority to disrupt people smuggling networks All right, let me ask you a couple of questions about the five eyes if I can this very intriguing Intelligence alliance between five major western democracies A decade ago five eyes was almost never mentioned in the press. It was a very sort of niche topic and now it's dropped into New stories all the time. You see ministers posing with media banners behind them referring to a five eyes Meeting thanks to a story in in the old Fairfax media last year We learned indeed that five eyes chiefs were served lobster at a dinner in canada in july 2018 What why why is the five eyes coming out of the shadows in this way? That's a great question question, michael To be honest, I'm not sure why five eyes this thing. It's a strange language Isn't a strange terminology, but it's something in my business. We've been comfortable for many years Yes, it's been more known about in recent times. I'm not sure why that is the case But if I bring it back to Our particular circumstance, I just happen to be a director general who believes that in our democracy Transparency is important. It's important that the public understand What as he does when we say we defend australia from global threats? It's important. They understand the legal framework and the oversight mechanisms under which we operate I think that's incredibly important in any democracy That's why I'm passionate about being more transparent up to a point because you appreciate there are things we do need to protect I think that's incredibly important The other thing you'll see is our cyber security mission. We can't do that in the shadows. Actually, that's a very public thing And it's right that we're very public in that space so a combination of More transparency for democratic reasons, but also our cyber security Activities have taken us out of the shadows for sure. I'm confident. That's the same in our allied five eyes countries Are the five eyes agencies working together more closely now than they did in the past? I think it's safe to say we have worked closely together for the last since it was formed Just after the second world war Let me ask you let me go on to a slightly different topic, but it's not unrelated and that's the question of 5g Two weeks ago on this stage I asked the foreign minister why the government had decided to block what it called high risk vendors such as Huawei from Australia's 5g network and I should say this is a question that ceo has put to me very often It's it's the subject of a lot of discussion In the business community and often they will say to me Well, if Huawei for example provides the best and cheapest technology, why would why wouldn't we use it? When I put that question to the foreign minister the only answer she put on record was that The government listened to the advice of the security agencies Now, obviously ASD was a critical part of of providing advice to the government in in relation to that decision So can you tell us especially given that we have we have CEOs in the audience today? Why was that decision in Australia's interests? Certainly and firstly ASD was one of the agencies, but it was a team effort giving advice to government It's best to look at how we think about 5g and what 5g will be become I will I must say up front though that the notion that some companies are better than others I'm not sure I agree with that and the companies the telcos that we've spoke to across the globe including here Australia may not all agree with that in terms of the quality whether it's the best technology Not 5g is not yet a fixed thing. We're on a path to 5g But back to the reasoning or at least the way I view 5g for us in its mature form It will be at the top of this nation's critical infrastructure list Why because 5g is not just faster data to your mobile phone as much as some of our children might like that It's not just that. Yes, it will be that in some cases. It's also more device Density will be supported. Why is that important? It's not because just there'll be more humans with multiple devices It will be there will be machines talking to machines devices talking devices enabled by 5g And there'll be a whole range of new applications because the latency the speed of signal traveling and returning will be lower and Guaranteed that will see a whole range of new industrial An application some of which we probably have not yet foreseen Because of that 5g will be critically important in this country The way also view it because everyone will be so reliant on it if it's not there Availability if it's impacted in some way it will impact industrial applications and machines talking to machines Which will have consequences real world consequences potentially On our society elements of the power grid may not work water supply sewage pumps may not work It's has the potential to impact our country greatly So top of our critical infrastructure list for the reasons I've explained Then it comes down to what are we concerned about and I've just said that we're concerned primarily about the availability Because it's going to be top critical infrastructure. We want it to be available Security has always been about confidentiality integrity and availability And yes in the mobile phone networks that we currently know today Yes, government agencies do care about the privacy of your communications That's not our concern with 5g. It's the availability piece What does that look like so if it's disrupted by a nation state That's a bad day because of the impacts I've just mentioned So high-risk vendors for us are categorized as vendors that actually are Have headquarters in countries where those countries have capably form and intent and coercive laws That compel their companies to cooperate on matters of national intelligence I do not have a coercive power that allows me to go to an australian company and say You must do this and you must keep it secret and this being something overseas to help me do signals intelligence I can't do that. So will we have countries that have coercive powers That operate outside of their own sovereign borders and that company or the country has capably form and intent Those vendors will fall into the category of high risk We worked hard In ast with other agencies to look at what yes would look like In the end I concluded that yes wasn't acceptable But the decision was taken by government and I think it's the right decision that has been made Now we're watching sort of play out a similar similar decisions being taken in the capitals of other five eyes countries and For example in britain There's there's been some reporting to the effect that britain may not take the same decision may not take the same decision That australia did although I think that there's a process that they're going through What about the united states because I also asked the foreign minister on this stage about that famous tweet by president trump Where he seemed to offer an olive branch towards beijing in relation to huawei in the middle of these trade negotiations and he said I want the united states to win through competition Not by blocking out currently more advanced technologies and a lot of commentators read that as a signal that maybe if See jim ping played played ball, then perhaps there's a possibility of the president overturning Any decisions taken on five g And and I guess it would be awkward for australia Wouldn't it if the united states were to take that position on five g after we had taken our decision? Of course, we're both sovereign governments, but still given the relationship that would be very awkward. So Can I ask you from your interactions with with us officials? How how confident are you that in in that decision that they'll take a similar decision that they'll maintain a similar decision to ours So firstly, I would say um, I think that was a great aspiration of the u.s president The notion that you will win on your merits rather than taking some forceful actions is a pretty damn good one when it comes to sovereign nations It's a matter for every country to make a decision on how they manage their risk It's a question of risk appetite when it comes to critical infrastructure It's for sovereign nations if the u.s. Made a completely different decision to australia That doesn't matter because australia has made its own decision based on our own risk appetite And that's the way it should be this is a thing that sits inside our country It impacts our country and risk appetites are decision for governments of sovereign nations All right, let me ask you another trump-related question If I can and it's it's an offensive cyber related question too I think by this point russian interference interference in the 2016 presidential Election is pretty well documented by agencies by by u.s. Intelligence agencies and many other observers and over the weekend The special counsel mr. Muller added his voice to theirs And he talked about um, or at least the summary of the report that we have seen talks about russia attempting to influence those Elections both through disinformation and social media operations, but also through offensive cyber As a fellow professional What would you say about the effectiveness of russia's attempts to interfere in the u.s. presidential election? That's a great question. I'm sorely tempted to say I look forward to your next question You know, I'm not sure I can comment on that Did it have an outcome if you know if they were successful were they successful? I think only the american people can be a judge of that. Um, there is no doubt that in this connected world Um cyberspace gives opportunities for nations who might want to do nefarious things or use it to disrupt um, you know counterterrorism for example, um that gives a world of opportunity and foreign interference Through amplifying or disaffecting people may or may not be an effective tool The strength so really again, I come back to it's a question for the american people whether that's had an impact or not Um Having said that I would say in our democracy You know this the ability for us the freedom of speech and what we say and how we debate things is actually a positive And even if someone is sending out bad messages and trying to push people the way you counter that is actually have a good robust society Uh, a conversation in society. That's a good thing What about how Democracies should respond when our adversary is trying to meddle in our affairs There's been a lot of discussion about how the obama administration reacted to the early indications the early advice they were getting about the russian operations Um, and there's reporting that that uh, president obama looked president putin in the eye and told him to cease and desist But there's also been a lot of criticism that that more robust countermeasures weren't taken by the united states for example You know people have written about exposing ill-gotten gains of the russian leadership or making some of those ill-gotten gains disappear Um, what what's the value of deterrence in in stopping our adversaries not not just exposing them, um, but actually Showing them that we will impose a cost on them if they continue with this action Which is deleterious to our interests. Sure. Um that again, that's a it how long's the piece of string If you have clear evidence that a nation is interfering in your country, then of course you should have that conversation with them Interestingly in this conversation in cyberspace whenever there's something that cyber enabled people go straight to there should be a cyber response Cyber does not beget cyber If you have evidence that a nation is interfered in your country, then You have the full range of the state in response What that looks like depends on what you're seeing happening to you the evidence you have and then actually what you need to do about it All right, let me ask you one or two more questions and then i'm going to go to the audience So please get your questions ready and and put your hand up As quickly as you can so I can come to as many people as possible Let me finish by asking this section of the the event by just asking you about christ church about those awful events um 10 days ago or so What has been the role of of ASD in the australian intelligence community in the response to christ church and Is there any truth to the allegation or the the suggestion that you've seen reported for example That western intelligence agencies have taken their eye off the ball in relation to far right wing extremism because they're so focused on other forms of extremism Firstly, let me obviously say like all of you how horrific those events were in christ church Obviously my condolences to the people of new zealand the victims and their families I think the new zealand's community response has been nothing short of impressive But what a terrible thing to happen I can confirm for you that on that friday When that individual was deemed a threat to security because none of us knew about him beforehand I sought my minister's authorization and since that time we have been supporting asia and our new zealand counterparts in the investigations about What we know what other further elements of that obviously that's subject to ongoing investigations, which I won't speak of here New zealand government has announced a royal commission and that's right for them to do so No further comment on that In terms of the other part of your question though Violent extremism regardless of the ideological cause Is always going to be taken seriously and of great interest to the australian law enforcement and security agencies In fact, there is actually the director general of security Has said that we've actually been looking at that for some time There is a court case underway for a matter that happened in 2016 I won't comment any further So the notion that we've been focused over there and not over here There's a live court case going on at the moment. It's actually extremist related And the rest I'd suggest you ask Duncan Lewis when you're next have him on stage. All right, we'll get him next week All right, ladies and gentlemen, we've got about about 10 or 15 minutes to ask For questions. So what that means is that people need to keep their questions very short I'm not going to allow people to make statements or speeches. I'm interested in short sharp questions That can elicit a good response from the dg. So please raise your hand if you'd like to ask a question I've seen I've seen a couple of questions from journalists and I'll take those But I want to take some questions from non journalists as well. I saw Deborah snow first Deborah if if if questions can wait for the microphone. Thank you. Sure. Okay. Thanks very much for the speech and The q&a so far has been really interesting. Just don't Christ church What's there anything that could have been done? Perhaps did you see any role for an organization like yours in trying to stop that? perpetrator Broadcasting his actions live on social media or having seen that done Would that now be a priority for an organization like yours to make sure but that couldn't happen again And just extending that slightly more broadly What what how satisfied are you with the responses of the big tech companies to the challenges that this is thrown up Excellent question. Um, so my my organization is a foreign intelligence Organization so any role I play in there has to be the foreign end of that Um, and as I explained we did have a role after the event and we do have a role after the event um In terms of the elements of social media companies or the ability of you stop something being broadcast Yes, it's true. Our offensive cyber capability could be used to do things like that as in stop a broadcast But that would not likely be the first port of call When that's happening and that's why I think it's right the government has approached the social media companies and said Just like we do in our print media or our television media The internet should be no different in terms of there are obligations on those service providers to make sure it's safe I think that's the right way of doing it not going straight to let's unleash ast to take down on some video streaming thing Um, that's probably not the right way to go. We need the help of the social media companies In terms of their response so far. I'm not fully briefed on where we're up to on that That's not my lane in the road for obvious reasons But I think the question and the call for help An expectation of the social media companies by our government is the right one most definitely So jamie jamie smith from the financial times Good afternoon. Just on the hawaii ban question. Um, you say it doesn't matter if the us or the uk You know don't ban it What but does it not have implications for the five eyes network in terms of future cooperation? And if they're using different types of kit Would that not open up australia to having problems in terms of cooperating? No, again, because it's each nation will make its own decision based on its risk appetite Um, yes come back to my point around here in australia It's about the availability if there was some reason I was worried about another country countries Availability of infrastructure that was actually in australia's interests Maybe you'd have a concern, but no because it's actually this is about australia's risk appetite I can assure you our differences of opinion, which we will have from time to time and we've had in the past don't impact Our mutual recognised need that we are far better as a result of our power to cooperate It's happened since the end of the second world war We've seen the benefit of that time and time again and even differences on how we manage this particular risk Will not actually fracture or damage our relationship at all at least from my perspective Paul Maley from the australian Hello mike. Thank you for the speech In February it was revealed that parliament house and the major parties had been the target of uh, I think quite a sophisticated Hack that was attributed to or or it was believed Was uh, the work of a foreign state actor. I wonder if you could just update us on that. Have we um, identified have you identified Uh, who was responsible for that hack and if so, can you tell us who it was? All I can say paul is the investigation continues. Yes, you are correct. We did say it was a sophisticated nation state um Four reasons that um, you know when we do this work when we're hacking overseas for foreign intelligence purposes We work extremely hard and use tradecraft that says we will not be detected And if our activity was detected you could not prove it was australia When you're coming up against this sophisticated nation state They do the same thing We're still having investigation underway Yes, sir in the front row If you could just wait for the microphone sir Thanks very much mike. Uh terrific, uh talk. I really liked your comments about culture That kind of bottom up approach Get a job in business anytime You just spoke about legal and ethical uh frameworks and critical to any good culture is the ethical framework Could you make some comment about that and how it's applied within your organization? Yeah, thank you. It's a great question. So for us some culture and leadership are kind of tight good leadership can bring the culture But the other thing that guides us is our values Um rules guide us when people are watching values guide us when they're not So we work hard on in terms of our selection our leadership and our interactions with our team and expectations of them To make sure our values are right Our values are very powerful That's a winning combination when you have people who you know strive for excellence they understand the You know what belonging to a great team because it's partnerships and teamwork that gets anything done They you know the audacious in concept because we do really hard things but actually the meticulous in execution Delivers in spades. We have an organization that is actually incredibly Focused on doing the right thing by the public and being lawful That's an excellent part of our culture born out of our values. We put a lot of effort focusing on that I saw a question from Angus greg Can I just follow up on paul's question? If you do identify the sophisticated state actor, would you expect to name them? Um, thanks for the question Yes, let's have this conversation about attribution. So the australian government has Done attribution before um china russia aran have all been called out in previous times Um We should not assume from that though that every time we determine who it is that actually they would be called Out publicly it's always a matter for government depending on the circumstance actually how We take the next step and what we do about that once we know who it is so I can't answer that question at this point in time whether we would call them out or not and actually that would Be a matter for government on advice from the agencies But I would want to leave you with the message that we should not assume every time we understand who it is That we would call them out publicly Remember calling them out publicly is done for a reason not just to have the satisfaction of putting it into the press But it's done as part of a strategy to Say some behavior is unacceptable attribution publicly is not one way of Always getting that message across Yes, sir Thank you, mike george patapas from telstra security Just a question related to availability of services and and resilience in in moving forward in the new world I read about an exercise in russia of all places where they disconnected the whole country and and ran an exercise in terms of Seeing if the organization can still operate. Are there any similar initiatives? I guess at our national level thoughts about how we can test and prepare our larger organizations in terms of resilience and availability of services at that level Thank you for your question. Absolutely. You organizations governments do need to exercise. It's something we take seriously If you've not exercised the first time you're going to try yourself is actually when something bad happens So exercising is really important. I wouldn't necessarily agree to the russian approach of let's disconnect australia from the internet and see how we go That would be a bit of a crisis exercise on many levels But the your point is valid and yes, we should all focus on making sure we're ready and we match fit for the day that something bad happens Mike, I might ask you the last question Given really about the audacity of of of concept that That ast prides itself on and I want to ask you about the targeting process for ast Obviously a few years ago. We all recall there were a lot of stories about Australian intelligence officials Having access to the mobile phone of the wife of the indonesian president And there was a big discussion then about protocols about between australia and indonesia In that in that period and more broadly over the last 10 or 15 years, of course, um, australia's foreign circumstances have changed and In particular, there's one country china that is looming ever larger both as As a an opportunity and a challenge for us So how has that flowed through to the kind of targeting that ast operates? Certainly so our again foreign intelligence agency So our intelligence priorities are set by the national security of kidney cabinet And that's coordinated through nick warner's office of national intelligence. So everything we do is guided by Those intelligence priorities set on us that directs where we go It's the government's need of the day depending on our strategic circumstance and the need of government It works very effectively It works very effectively and in what direction does it tend to move? So You'd appreciate there's some things that we don't talk about because the priorities themselves are classified But you would not be surprised that when it comes to threat to life That is a top Focus and priority for government and the agencies. So countering terrorism or supporting Military operations supporting the warfighter. They will always be at the top of our lists and our resources where we apply Our resources are very much focused on those ones anything threat to life If an australian was kidnapped offshore and the authorization was in place We would work to provide foreign signals intelligence to Try and get the safe return of that australian That's a given the other priorities are guided by strategic circumstances. Some of them may be obvious some of them not But I can't talk about them in this forum There's always got to be a little bit of mystery Of course when an intelligence official speaks ladies and gentlemen I think mike burgess has been very good humid actually and very open In answering my questions and your questions, and I think that's all to the good It was a very interesting speech. I I noticed he made that comment about sometimes when ast Uh is involved in an offensive cyber operation. You don't have to blow up a computer You can just make sure that it doesn't work at a certain time that often happens to me in my it experience So so so now I know now I know who to blame Some of you might have seen last year at the aspen security conference mike and some of his counterparts from other five eyes Countries not that they're coordinating in any in any visible way But anyway, they they did an event on stage and mike talked about moving from admiring the problem To tackling the problem and I think today he has Um He has filled in the picture for us a lot about how ast tackles some of the problems Like your agency, uh, and and thank you so thank you for that mike and also thank you for taking the questions Like your agency. I might say you're a great listener You're also you're also a good a good talker. Let me thank let me thank everybody in the audience Let me give you one quick ad and that is tomorrow night on this stage I'll be having a conversation with steven hadley one of the most respected foreign policy voices in washington and The national security advisor to the last republican president. There's still a few tickets to that So please register now, but for the moment ladies and gentlemen, thank you for coming and most importantly Thank you very much to the director general of the australian signals intelligence Signals director at mike berges