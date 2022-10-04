Kick in the guts Government Services Minister Bill Shorten, should seriously consider a career as a comedian or circus showman if he expects his comments about Optus earlier today to be taken seriously.

Here is a Labor puppet master looking for street cred with his comments about cyber security, a subject that I strongly believe he does not have a clue about.

And because of a lack of action by the Albanese Government, Shorten is now peddling misinformation just to get a sound grab on TV.

The same applies to his sidekicks Environment Minister Tanya Plibersek, who yesterday used her daughter as a prop, to try and claim that Optus had not provided information to customers about the cyber security breach or where they stood relative to personal date being exposed.

Plibersek claimed her intelligence came from her daughter who is an Optus customer, this is despite Optus communicating with millions of consumers prior to the PR spray includingt her daughter.

What Shorten, and the Labor Government are doing is engaging in cheap publicity stunts on a matter that is serious and a problem for tens of thousands not millions of Optus customers.

Optus has confirmed that the ID details of 2.1 million current and former customers have been exposed in the hack.

Around 1.2 million customers have had at least one number from a current and valid form of identification, and personal information compromised, including 150,000 from passports and 50,000 from Medicare cards.

What Shorten failed to mention today or Minister Clare O’Neil on Saturday was that the Optus breach was the 12th such leak of this size in Australia this year.

Freedom of information requests made to the Office of the Australian Information Commissioner (by the Australian Financial Review), which must be notified whenever a company suffers a data breach, suggest there were at least 11 data breaches, each affecting 10,000 people or more in the first six months of the year.

But then again that’s old news as far as Shorten, and O’Neil are concerned because what they are after is sensationalism despite the seriousness of the issue.

Minister Clare O’Neil who caught the company off guard on Sunday by holding a press conference, in which the Government called out Optus for failing to cooperate with the government over the breach appears to be clueless when it comes to how the breach happened despite being asked several times.

O Neil was blatantly wrong on the issue of Optus not informing the Government, because the Australian Federal Police and the Australian Cyber Security were well aware right after the hack was discovered that millions of names could have been compromised and they are key Government organisation who were even given access to Optus servers and the relevant databases to investigate.

The Federal Police even called a press conference to outline issues associated with the breach, they also instructed Optus management to not discuss key details about the breach.

Let’s remember that these are Ministers that are supposed to be capable of negotiating and communicating with parties in the best interests of Australians.

However, their modus operandi is to issue a letter to the likes of Optus one minute, with a deadline of today to supply information on the impact of the breach, only to condemn the Company and their management the day prior to the deadline for “failing to supply information” the day prior to the information due to be reported to the Albanese Government.

Really is this the new definition of how the Labor Government intends to negotiate on issues in the future.

Earlier today Shorten laid out criticism of Optus’ handling of its customer data breach and in particular he targeted Optus chief executive Kelly Bayer Rosmarin claiming her actions are appalling this is despite several Government departments working day and night with Optus management and their consultants to minimise the risk from this attack.

Optus has even bought in Deloitte to consult and report on the breach.

I suspect Shorten and the likes of O’Neil and Plibersek struggle at best to understand how a PC or smartphone works let along a data capture network, or database management in an Enterprise environment yet they are now expertsw on data security.

One has to question why this bunch of Ministers have not done anything in the past to try and stop big Companies such as Google, Microsoft, Samsung Amazon, and the likes of Chinese owned Tik Tok collecting vast amounts of personal data including passwords and email addresses.

Former Communications Minister Paul Fletcher who in a previous life, was the head of Optus government affairs and its regulatory unit has hit out at the actions of the Labor Government claiming that the Minister for Home Affairs Clare O’Neil was herself “missing in action” for several days when news of the cyber security breach broke.

He claims that there are two obligations for a Company such as Optus who after discovering a security breach have to inform Government.

He claims that there is already in place a critical asset registers and a mandatory incident reporting requirement that apply under the Security of Critical Infrastructure Act, which the Morrison government passed while we’re in government.

Those apply to 11 separate sectors, including telecommunications.

For carriers, the legislation is woven into the Communications Act as part of the telecommunications sector security reforms.

Carriers were advised by the previous Government that the obligations were coming into effect in early July.

ChannelNews understands that Optus did advice the Government as soon as the hack attack was discovered.

Fletcher claims that the Labor Government Ministers are peddling misleading lines about the issue “As they desperately try and point fingers at anybody else”.

He said “The facts are that the Minister for Home Affairs has powers in respect of all 11 sectors, including the telecommunications sector, to require what are called in enhanced cyber security obligations, which includes conducting vulnerability assessments. That’s what referred to as penetration testing. The Minister has the power to impose that requirement on telcos and all other companies within those 11 sectors”.

In their desperation to point fingers Shorten, O’Neil and Plibersek have failed to mention the Communications Act or the Security of the Critical Infrastructure Act in their PR attacks.

He claims that “the Albanese Labor Government needs to recognise they’re in government”.

“They’ve got the powers we passed the Security of Critical Infrastructure Act, which contains tough powers that the Minister for Home Affairs can exercise. There’s even a power for the Government to step in. In the case of a serious incident” he said.

Fletcher recently revealed that the standards that apply to the telcos are the same as to all of the other sectors”

So far, the Albanese Government has failed to mention whether they have called for security tests of TPG Vodafone or Telstra who are out spruiking their security in an effort to get Optus customers to switch carriers.

As for the powers that the new Labor Government to challenge organisations collecting vast amounts of data the terms and conditions were agreed following a bipartisan process, including via the bipartisan Parliamentary Joint Committee on Intelligence and Security.