Constant reconnaissance probes by nation states, attacks by computer network robber barons and lone wolves and data dumps from disgruntled workers – that is digital Australia's bleak picture painted for a cyber security forum in Sydney recently.
And without constant vigilance and fine-tuning of our cyber defences, the problem will only get worse.
"A lot of nation states and militaries are investing in capabilities that can be used to target utilities; power, water resource and energy providers," Major-General Stephen Day, former head of cyber at the Department of Defence and inaugural head of the Australian Cyber Security Centre told the Australian Computer Society Cyber Forum in Sydney.
"There is no question reconnaissance is going on right now."
The glimpse behind the curtain at Australia's cyber defenders came during the question and answer period at the end of the forum, attended by some of the world's leading experts in the field.
An attendee put to the panel that an emerging risk was not lone wolf attackers "but of a state-sponsored cyber-attack sometimes from friendly countries we consider allies" and asked what was being done to mitigate the risk.
Day agreed that state-sponsored attacks were a "significant risk", particularly if people looked down the track a few years.
Crime 'challenge'
He added that there was also a "significant challenge with organised crime".
"We looked at the sectors that mattered most to our nation either from an economic prosperity perspective or from a national security perspective and put them in a priority order and looked at those sectors that were likely to be targeted by organised crime or by nation states and then we directed our organisational energy to help those sectors.
"So if, for example, you are in the utilities sector or critical infrastructure sector you will have had more experience of government contacting and working with you than the retail sector or the banking sector where you are likely to meet the police more than the national security base."
Victorian minister for Small Business, Innovation and Trade Philip Dalidakis said that while Day's statements were "sexy" and would generate headlines "the one thing everyone in the room has to be extremely cognisant of is that the overwhelming majority of attacks occur from within".
"Yes we need to be able to stop attacks from the outside of the firewall but the fact of the matter is the two greatest attacks we have seen of data theft from inside were from Bradley Manning and (Edward) Snowden," he told the forum.
"There are a range of companies that will swear black and blue that they have got algorithms that will help flag anomalies within the system – people accessing certain types of data that they haven't done for ages – (or) if you have got your networks categorised under different security levels – people trying to access different levels than their security classification
"Ultimately it comes down to people and training, each organisation has to have people who are trained appropriately who can deal with it when – it's not a matter of if – it occurs."
IT divisions worry
Some of the greatest risks in organisations were the IT divisions themselves, he says.
"People who have the administrative access rights and passwords are sometimes the ones who are undertaking a whole range of activities that people on the rest of the network are banned from doing – including downloading huge amounts of illegal data. Which is, of course, one of the ways people get in.
"So don't go away from this thinking that if you focus on external you are protected because your internal [network] is 80 per cent of your risk."
On the intelligence side, he said he could speak more freely than other panel members because he was not a representative of the federal government.
Dalidakis said the nation was well served by the Five Eyes agreement on signals intelligence sharing with the US, Canada, New Zealand and the United Kingdom.
But he sounded a note of caution.
"Things change all the time and we need to continue to be vigilant. Just as private companies need to be vigilant to internal and external penetrations."
Defences need work
Fellow panel member Sandra Ragg, assistant secretary for cyber policy in the Department of the Prime Minister and Cabinet, said the nation did need to improve its cyber defences.
"The first thing we can do is improve our cyber defences. That's why we need to build our skills and ability and awareness and why we are investing in initiatives which build cyber security across the economy," says Ragg, who is also a key architect of Australia's Cyber Security Strategy.
"People focus on state-sponsored threats but cybercrime is a huge piece of the threat to our economy."
She said we need to build relationships and partnerships and listen to intelligence agencies and the private sector to find out where the greatest impact was being felt "and invest in capabilities" to counter threats.
The key was "law enforcement, bilateral relationships, multilateral relationships", she said.
While the risk of a major cyberattack against Australia may be low, "that doesn't stop us thinking through our policy and what our policy response is and what our options might be in terms of how we deal diplomatically, through law enforcement channels, and how we deal large scale in a military sense".
"There are a number of levers that we have. We talk about the detail of some, we don't talk about the detail of others.
"But the whole strategy in essence is the investment in that capability."