It’s time to pin the blame for the Parliament hack

| May 8, 2019

Whoever becomes prime minister after the election will face a sobering moment in Australia’s China policy.

It will show starkly why the policy that has had bipartisan support since Australia’s diplomatic opening to China in the 1970s is now not fit for purpose. What Scott Morrison or Bill Shorten does in that moment will shape his time in leadership on one of the most significant issues for any Australian government—its policy towards the Chinese state.

Put at its simplest, the policy of the previous 50 years has focused on the mutual benefits to Australia and China of our economic engagement, while keeping the large differences in our strategic interests and political systems in the background.

So, what’s this moment of truth? Well, it’s that little matter of who exactly the ‘sophisticated state actor’ was that hacked into parliament’s information system, and into the networks of the Liberal Party, the Labor Party and the National Party.

Morrison revealed the hacking in a statement to parliament on 18 February, saying, ‘Public confidence in the integrity of our democratic processes is an essential element of Australian sovereignty and governance.’

National security agencies are both cautious and forensic in their work on the attribution of cyber intrusions. This is about technical and operational integrity, as well as about ensuring they get the advice to Australia’s political leaders right. That’s why we’ve seen the careful use of the phrase ‘sophisticated state actor’.

But that careful forensic work will have continued since February. There will be a point very soon—if it hasn’t already been reached—when the agencies, which have the technical capacity, will advise the government who is behind these breathtaking cyber intrusions into the heart of our political system and democratic decision-making machinery, with a very high degree of certainty.

The ‘sophisticated state actor’ is almost certain to be an organ or organs of the Chinese state—most probably the Ministry of State Security, which President Xi Jinping has given primary responsibility for cyber hacking for state purposes.

Hacking at this level requires two things: capability and intent. Iran, Russia, North Korea and China, as well as the US and its Five Eyes partners (Australia, Canada, New Zealand and the UK), all possess sophisticated government cyber tools, so they all have the capability. Australians can tell themselves that we’re a key country on the international stage, but it’s fortunate that we don’t rank that highly as an intelligence target in Tehran, Pyongyang or Moscow, and that our allies and partners already know what we think.

Only one state on the list has that combination of capability and intent to be the one that’s hacked its way to the heart of our democracy.

That state—Xi’s China—also has form as the acknowledged global leader in large-scale hacking and cyber intrusion, including a hack on the Australian parliament’s computer network in 2011.

As recently as December 2018, Foreign Minister Marise Payne and Home Affairs Minister Peter Dutton stated:

[T]he Australian Government joins other international partners in expressing serious concern about a global campaign of cyber-enabled commercial intellectual property theft by a group known as APT10, acting on behalf of the Chinese Ministry of State Security.

When it is in our interests to do so, Australia publicly attributes cyber incidents, especially those with the potential to undermine global economic growth, national security and international stability.

What’s the motive for hacking Australian political parties?

The Chinese Communist Party under Xi would like to change Australian policy on several issues of great importance to Beijing. This is driven not so much by Beijing’s objectives for the Australia–China relationship as by its larger global agenda and the strengthening of CCP rule over China’s 1.4 billion people.

Australian decisions that work against the spread of Chinese coercive power and criticise Xi’s domestic and international steps matter to him because of their demonstrative effect. He wants to stop this clear-eyed approach being taken up by other governments in response to the now obviously assertive, coercive and militaristic Chinese state.

So, Beijing would like to change Australian policy on rejecting the militarisation of the South China Sea, on not signing up to the Belt and Road Initiative, on excluding high-risk vendors like Huawei and ZTE from our 5G network, and on limiting foreign interference through the laws passed by a thumping parliamentary majority last year. Limiting criticism of the growth of China’s surveillance state and of Xi’s brutal repression of China’s Turkic Muslim and Uyghur populations are other objectives.

The policies adopted by Australia are dangerous to Beijing because they make a lot of sense—and they might just prove contagious. Other governments may choose to adopt them as a way of recalibrating their own relationships with the new China that Xi embodies.

Which is why it makes sense to point to China’s Ministry of State Security as the ‘sophisticated state actor’ that hacked into Australia’s parliament and major political parties.

Think about the value of the information in the parliamentary IT system and the parties’ networks.

The systems of the Liberal, Labor and National parties would contain a treasure trove of data about party gossip, disputes, policy arguments and working relationships—and dirt on political opponents and on the parties’ own members.

If another state wanted to know which political figures were vulnerable to pressure, which ones might be likely to support them and which oppose them, who the rising stars are and what they might need to succeed (or fail)—and who has what dirt on any of the above—then the party databases, email systems and networks are the places to go.

On top of this, the major parties have hugely detailed data on millions of voters, segmented by electorate and by myriad personal factors like employment, income, views and preferences. Those details are shortcuts for a state seeking to influence public opinion in ways conducive to its interests, and would also be of great help in pressuring and isolating individuals and groups that might question Beijing’s ‘correct line’.

Forget the Russian interference in the 2016 US presidential election; this deep penetration of our major political parties and of parliament’s IT system shows a drive to gain access to and influence over our politics far beyond any single election campaign. It’s a bid to own the crown jewels of political data and intelligence that can be used for short- and long-term influence and interference.

If finding the culprit in a cyber intrusion was ever important, this is the time and this is the case. If it turns out to be China’s Ministry of State Security, it will be hard for any political leader to say that the national security community is overstating the threat that Xi’s CCP poses to Australia’s political integrity and national security.

It will be impossible to say that policy on China can return to the happy days of the 1980s, 1990s and 2000s and focus only on the upside of economic growth. Such corrosive and deep penetration into our political system cannot be explained away or minimised.

From that moment, any advocates of blinkered economic engagement with the Chinese state will need to recognise what a number of political leaders and policymakers already have: that we can’t simply seek a happy, trouble-free relationship when Xi’s China keeps acting in ways that are corrosive to our political system and against our sovereignty and our national interests.

Pursuing advantageous trade relations as we sell Beijing the world-class resources and services China needs is still a good idea. But being honest about the differences between our two states—and acting to protect our national interests when we need to—is the best foundation for our future relationship.

The Australian public is ready for this level of honesty from its government, and Beijing won’t be surprised when it comes.

I look forward to the explosive memo that attributes responsibility for the attack on our democracy landing on the prime minister’s desk after the election. It will be one of those rare leadership moments that distils the character of our prime minister and demonstrates it to the public whose votes have given them such heavy responsibilities.

This article was published by The Strategist.