Srsly Risky Biz: Australian government to shut down AN0M evidence appeals

Summary

Risky Business News: Australian Government to Shut Down AN0M Evidence Appeals

Podcast Information:

Title: Risky Business News
Host/Author: risky.biz (Patrick Gray)
Episode: "Srsly Risky Biz: Australian government to shut down AN0M evidence appeals"
Release Date: November 28, 2024
Description: Regular cybersecurity news updates from the Risky Business team.

1. Introduction

In this episode of Risky Business News, host Patrick Gray engages in an in-depth discussion with colleague Tom Uren about a significant development in Australian cybersecurity law. The conversation primarily revolves around the Australian government's decision to pass new legislation aimed at ensuring that evidence collected during the AN0M sting operation is admissible in court. This legislative move has sparked controversy and raised questions about legal precedents and governmental overreach.

2. Australian Government's New Legislation on AN0M Operation

a. Overview of the AN0M Sting Operation

The episode begins with Patrick Gray providing context about the AN0M sting operation, a joint effort between the FBI and the Australian Federal Police (AFP). This operation involved selling seemingly secure "crime phones" to individuals, which secretly copied every message sent over the network to a server controlled by authorities. This covert data collection yielded substantial evidence, resulting in the arrest of several hundred individuals.

b. Legislative Response and Its Implications

Patrick Gray highlights that the Australian government is poised to pass a new act of Parliament to solidify the legal standing of the evidence gathered from the AN0M operation. This move is intended to prevent defendants from appealing their cases based on the legitimacy of the evidence collection methods.

[00:04] Patrick Gray: "The Australian government is going to pass a new act of legislation just to make sure that evidence collected in the AN0M sting is going to stand up in court."

c. Legal Perspectives and Expert Opinions

Tom Uren shares insights from his conversations with legal experts Greg Barnes of the Australian Lawyers Alliance and Michael Whitten, a King's Counsel. Both experts agree that the legislation is highly unusual and raises concerns about potential governmental overreach.

[02:29] Tom Uren: "Greg Barnes and Michael Whitten agree this is very unusual. There have been cases in the past, like maybe 20, 30 years ago in Victoria where something similar has sort of happened."

Greg Barnes expresses apprehension about the possibility of the government passing retrospective legislation that could undermine the rights of the accused, especially in authoritarian contexts. However, the bipartisan support for the bill, including backing from the Australian Greens, suggests a unified governmental stance.

[03:30] Tom Uren: "Governments should not be in the business of passing retrospective legislation that undermines the rights of an accused person."

Patrick Gray points out the significance of bipartisan support, noting that the Australian Greens typically oppose surveillance-related measures, making their support noteworthy.

[03:46] Patrick Gray: "The Australian Greens tend to oppose anything related to surveillance or, you know, this sort of stuff. So for the Greens to support it, it really means that everyone's kind of all aboard the let's convict these types."

Michael Whitten provides a broader perspective, emphasizing the role of Parliament in shaping laws to reflect their intended interpretation, especially when court rulings may diverge from legislative intent.

[04:07] Tom Uren: "Michael Whitten had a different perspective, which was kind of the more big picture ... it's up to the Parliament to make the laws."

The legislation specifically targets warrants issued during the AN0M operation, affirming their validity and preventing future legal challenges.

[06:11] Patrick Gray: "The Parliament is passing an act saying, yes, it was... basically it's saying, yeah, that was all fine."

3. CISA Red Team Assessment Report

Shifting focus, Patrick Gray and Tom Uren discuss a recent Red Team assessment report published by the Cybersecurity and Infrastructure Security Agency (CISA). The report critiques a U.S. critical infrastructure organization for failing to secure their systems adequately. Notably, the Red Team did not gain access through traditional phishing methods but exploited a web shell left by a previous assessment team—a lapse that CISA highlights as a significant oversight.

[10:38] Patrick Gray: "Red Team didn't gain access via phishing but through a web shell left by previous testers—a clear sign of sloppy security practices."

Tom praises CISA's comprehensive approach to cybersecurity assessments, noting the importance of transparent reporting and constructive feedback.

[11:44] Tom Uren: "CISA does a good job. They're comprehensive. They've got a good scope and timeline."

4. FTC Probe Against Microsoft

The conversation then transitions to breaking news about the Federal Trade Commission (FTC) launching a probe into Microsoft. The investigation covers various aspects of Microsoft's business practices, including licensing, cloud computing services, cybersecurity offerings, and AI products. Such a probe is anticipated to have significant repercussions for Microsoft, regardless of the investigation's outcome.

[12:07] Patrick Gray: "An FTC probe like that ... it's going to hurt. It's a phenomenally big deal."

Tom acknowledges the extensive nature of the inquiry, with questions spanning hundreds of pages, indicating the depth and seriousness of the investigation.

[12:40] Tom Uren: "The questions that they've been sent run to hundreds of pages. So, yes, that's a lot of stuff."

5. Discussion on Microsoft's Brad Smith and Cybersecurity

The hosts delve into comments made by Brad Smith, Microsoft's Vice Chair and President, who urged former President Donald Trump to take stronger action against cyberattacks, particularly those backed by nation-states. Tom criticizes Smith's stance as somewhat naive, suggesting that the nature of state-sponsored cyber operations renders them difficult to deter effectively.

[14:14] Patrick Gray: "... Brad Smith tells the Financial Times he's urging Trump to do more on cyber because of these cyber attacks... It's totally unacceptable."

[14:36] Tom Uren: "I think he's a bit of a Microsoft cultist and he actually believes everything that he's saying."

Tom further elaborates that responses to cyber espionage and attacks by nation-states are inherently limited, as retaliatory actions could escalate conflicts beyond practical solutions.

[15:41] Tom Uren: "... nation-state operations... there's no way that you can do something that the US can do, something that will in any way significantly deter these operations."

Patrick concurs, emphasizing the importance of maintaining perspective on cybersecurity within the broader context of geopolitical strategies.

[16:10] Patrick Gray: "... cyber is secondary in the scheme of real world geopolitics. And I think that those are wise words, Tom, and words that many people in this discipline tend to forget."

6. Conclusion

In wrapping up the episode, Patrick Gray encourages listeners to subscribe to the Seriously Risky Business newsletter for more detailed insights and updates. He also mentions additional content from colleague Catalyn Kimpanu, who covers broader news-related topics. The hosts acknowledge the complexity and significance of the topics discussed, highlighting the evolving landscape of cybersecurity and its intersection with legal and governmental frameworks.

[16:53] Tom Uren: "Thanks, mate."

Key Takeaways:

Legislative Shift: The Australian government's new legislation aims to secure the admissibility of evidence from the AN0M sting, sparking debate over potential legal overreach.
CISA's Role: CISA's Red Team assessments continue to play a crucial role in identifying and addressing cybersecurity vulnerabilities within critical infrastructure.
Microsoft Under Scrutiny: The FTC's comprehensive probe into Microsoft underscores ongoing concerns about big tech's business practices and their implications for cybersecurity.
Cybersecurity in Geopolitics: Effective deterrence against nation-state cyberattacks remains a complex challenge, as highlighted by critiques of industry leaders' approaches.

For more detailed analysis and updates, subscribe to the Seriously Risky Business newsletter at News Risky Biz.

Summary

Risky Business News: Australian Government to Shut Down AN0M Evidence Appeals

Podcast Information:

Title: Risky Business News
Host/Author: risky.biz (Patrick Gray)
Episode: "Srsly Risky Biz: Australian government to shut down AN0M evidence appeals"
Release Date: November 28, 2024
Description: Regular cybersecurity news updates from the Risky Business team.

1. Introduction

2. Australian Government's New Legislation on AN0M Operation

a. Overview of the AN0M Sting Operation

b. Legislative Response and Its Implications

[00:04] Patrick Gray: "The Australian government is going to pass a new act of legislation just to make sure that evidence collected in the AN0M sting is going to stand up in court."

c. Legal Perspectives and Expert Opinions

[02:29] Tom Uren: "Greg Barnes and Michael Whitten agree this is very unusual. There have been cases in the past, like maybe 20, 30 years ago in Victoria where something similar has sort of happened."

[03:30] Tom Uren: "Governments should not be in the business of passing retrospective legislation that undermines the rights of an accused person."

Patrick Gray points out the significance of bipartisan support, noting that the Australian Greens typically oppose surveillance-related measures, making their support noteworthy.

[03:46] Patrick Gray: "The Australian Greens tend to oppose anything related to surveillance or, you know, this sort of stuff. So for the Greens to support it, it really means that everyone's kind of all aboard the let's convict these types."

[04:07] Tom Uren: "Michael Whitten had a different perspective, which was kind of the more big picture ... it's up to the Parliament to make the laws."

The legislation specifically targets warrants issued during the AN0M operation, affirming their validity and preventing future legal challenges.

[06:11] Patrick Gray: "The Parliament is passing an act saying, yes, it was... basically it's saying, yeah, that was all fine."

3. CISA Red Team Assessment Report

[10:38] Patrick Gray: "Red Team didn't gain access via phishing but through a web shell left by previous testers—a clear sign of sloppy security practices."

Tom praises CISA's comprehensive approach to cybersecurity assessments, noting the importance of transparent reporting and constructive feedback.

[11:44] Tom Uren: "CISA does a good job. They're comprehensive. They've got a good scope and timeline."

4. FTC Probe Against Microsoft

[12:07] Patrick Gray: "An FTC probe like that ... it's going to hurt. It's a phenomenally big deal."

Tom acknowledges the extensive nature of the inquiry, with questions spanning hundreds of pages, indicating the depth and seriousness of the investigation.

[12:40] Tom Uren: "The questions that they've been sent run to hundreds of pages. So, yes, that's a lot of stuff."

5. Discussion on Microsoft's Brad Smith and Cybersecurity

[14:14] Patrick Gray: "... Brad Smith tells the Financial Times he's urging Trump to do more on cyber because of these cyber attacks... It's totally unacceptable."

[14:36] Tom Uren: "I think he's a bit of a Microsoft cultist and he actually believes everything that he's saying."

Tom further elaborates that responses to cyber espionage and attacks by nation-states are inherently limited, as retaliatory actions could escalate conflicts beyond practical solutions.

[15:41] Tom Uren: "... nation-state operations... there's no way that you can do something that the US can do, something that will in any way significantly deter these operations."

Patrick concurs, emphasizing the importance of maintaining perspective on cybersecurity within the broader context of geopolitical strategies.

[16:10] Patrick Gray: "... cyber is secondary in the scheme of real world geopolitics. And I think that those are wise words, Tom, and words that many people in this discipline tend to forget."

6. Conclusion

[16:53] Tom Uren: "Thanks, mate."

Key Takeaways:

Legislative Shift: The Australian government's new legislation aims to secure the admissibility of evidence from the AN0M sting, sparking debate over potential legal overreach.
CISA's Role: CISA's Red Team assessments continue to play a crucial role in identifying and addressing cybersecurity vulnerabilities within critical infrastructure.
Microsoft Under Scrutiny: The FTC's comprehensive probe into Microsoft underscores ongoing concerns about big tech's business practices and their implications for cybersecurity.
Cybersecurity in Geopolitics: Effective deterrence against nation-state cyberattacks remains a complex challenge, as highlighted by critiques of industry leaders' approaches.

For more detailed analysis and updates, subscribe to the Seriously Risky Business newsletter at News Risky Biz.

wavePod

Powered by Wave AI

Summary

Risky Business News: Australian Government to Shut Down AN0M Evidence Appeals

1. Introduction

2. Australian Government's New Legislation on AN0M Operation

3. CISA Red Team Assessment Report

4. FTC Probe Against Microsoft

5. Discussion on Microsoft's Brad Smith and Cybersecurity

6. Conclusion

Summary

Risky Business News: Australian Government to Shut Down AN0M Evidence Appeals

1. Introduction

2. Australian Government's New Legislation on AN0M Operation

3. CISA Red Team Assessment Report

4. FTC Probe Against Microsoft

5. Discussion on Microsoft's Brad Smith and Cybersecurity

6. Conclusion