Australia instructs government entities to check for tech exposed to foreign control


Australia has instructed all of its government entities to take stock of their entire technology estates and identify any assets that could be controlled or manipulated by foreign states.

It comes as the country addresses a growing number of hostile state and financially motivated cyberthreats, with the Australian Signals Directorate (ASD) this week also warning that a state-sponsored Chinese hacking group has “repeatedly targeted Australian networks.”

In three new legally-binding instructions published on Monday, the country’s Department of Home Affairs required that all government entities — of which there are more than 1,300, from cabinet departments through to statutory offices — identify Foreign Ownership, Control or Influence (FOCI) risks associated with the technology they’re using.

This includes “any hardware, software or information system” such as mobile apps and as-a-service offerings as well as hosting platforms and enterprise systems, that “stores, processes, transmits or transforms official or security classified information.”

The public sector organizations will have until June 2025 to identify FOCI risks and report them to the Department of Home Affairs’ cyber and protective security branch.

These entities will also have to conduct a full stocktake “on all internet-facing systems or services,” under a second direction, covering anything that can be “directly accessed by untrusted or unknown entities over the internet” and then develop a security risk management plan specific to those systems and services.

According to a spokesperson from the Department of Home Affairs, the aim is to “give us better visibility of the Australian Government’s technology estate.”

The third direction requires all government entities using threat intelligence sharing platforms to be working with the ASD by the end of this month and connected to the agency’s threat intelligence sharing platform.

“While many entities already engage with ASD, this direction puts the issue beyond doubt,” said the spokesperson. “Government’s view is that engagement with the ASD is mandatory and the Government has chosen to act. We encourage all Australians and businesses to engage with ASD advice.”

The new cybersecurity directions are the first issued under the Protective Security Policy Framework since April 2023, when Australia banned the installation of TikTok from government devices, “based on the security risk presented by that application.”

It follows Mike Burgess, the head of Australia’s domestic security agency — the Australian Security Intelligence Organisation (ASIO) — warning earlier this year that more Australians are “being targeted for espionage and foreign interference than ever before.”

Burgess stressed the risks posed by cyber activities too: “The most immediate, low-cost and potentially high-impact vector for sabotage is cyber. Our critical infrastructure networks are interconnected and interdependent, which increases the vulnerabilities and potential access points.”

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Alexander Martin

is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Bellingcat warns of ‘censorship’ on X after research on Russian attack is labeled spam

Next Post

Beijing accused of misusing Western research to claim Volt Typhoon is a ransomware group

Related Posts

The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield

With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to phishing attacks, the browser is a means for stealing sensitive data and accessing organizational systems. Security leaders who are planning their security architecture
Read More

BlackTech Targets Tech, Research, and Gov Sectors New ‘Deuterbear’ Tool

Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way for an updated version of modular backdoor dubbed Waterbear as well as its enhanced successor referred to as Deuterbear. "Waterbear is known for its complexity, as it
Read More