Mr Watts will suggest the practice of not publicly naming culprits behind serious cyber attacks is reinforcing bad behaviour and doing nothing to uphold the norms of international law.
“In this context, we need to start getting serious about the way we talk about the integrity of our democratic institutions,” Mr Watts will say, according to a draft of the speech. “There are certainly some people who study this who think that more direct, formal attribution should be made in order to more clearly indicate to other countries where Australia considers ‘the line’ to be.”
He will say the most important audience the government needs to speak to after such an attack is the public.
“We need to establish a norm that governments will be up front with the Australian public about attacks on our democratic institutions,” he will say. “There needs to be a presumption that when cyber attacks occur on our democratic institutions, the Australian government will, where possible, attribute responsibility for these attacks.”
Mr Watts will point out Australia’s policy on the attribution of cyber attacks is in a classified document within the Department of Foreign Affairs and Trade and and the Department of Home Affairs, saying he doesn’t know what it is and “nor does the Australian public”.
“So it’s hard to know what the government’s current approach to attribution is,” the Labor MP will say.
The government sometimes makes formal, on-the-record attribution statements, and at other times on-the-record statements that “obliquely refer to the historical source of the tools used in the attack” without making a formal attribution, he will say.
“Most commonly though, attribution is seemingly made through off-the-record comments to the media from intelligence or government ‘sources’. It’s hard to know what to make of these quasi-attributions from the outside,” he will say.
“Are they really the formal views of the government? Just of a few individuals? Rogue employees? The ambiguity is the point. We don’t know how the government decides whether to make attributions or quasi-attributions. Who is involved? What considerations do they weigh up?”
Mr Watts will argue the mistrust from the public about cyber attacks has not been helped by a “troubling pattern of political figures publicly attributing embarrassing social media activity” to hackers.
“The recent escapades of the ‘One Tweet Hacker’ is a case in point,” Mr Watts will say. “Australian politicians have recently been tormented by a hacker with the unusual MO of breaching their Twitter accounts then using this extraordinary access to merely favourite a single embarrassing tweet.”
Current and former Coalition MPs Greg Hunt, Christopher Pyne and Joe Hockey all blamed hackers when their Twitter accounts “liked” embarrassing tweets in separate incidents in 2017.
“Cyber-enabled disinformation campaigns rely on misdirection and deniability. They thrive on public cynicism and mistrust,” Mr Watts will say.
Anthony is foreign affairs and national security correspondent for The Sydney Morning Herald and The Age.