Objectives: The Fence was written by Team Consu to explore Defence’s potential utilisation of the information and cyber domains in 2040, highlighting some of the key opportunities and threats.

The Defence firewall blocks over four billion cyber activities on the Defence network every year.^[1] Additionally, a Frost & Sullivan study commissioned by Microsoft in 2018 estimated that cybersecurity incidents can cost Australian businesses up to $29 billion per year.^[2] This story has been written to highlight the growing complexity and scale of the cyber domain, which by 2040 is expected to be prevalent in everything that we do. As a small nation, Australia does not have the scale to employ dedicated cyber forces within its military. Instead, this story describes how a combined industry, government and Defence cyber force is postured and employed to combat the problems of 2040.

Australia is experiencing a decline in STEM education through its primary, secondary, and tertiary training sectors.^[3] In order to be prepared for a cyber-enabled world of 2040, or earlier, we must start identifying and training people at all levels now.

‘The Fence’ is a fictional story. Useful fiction is an analytic tool that blends both fiction and non-fiction together in the form of a story in an attempt to visualise new technologies, trends, and key issues.^[4]

Key Message: The scale, pervasiveness, and complexity of both the information and cyber domains in 2040 will require a combined approach from Defence, industry, and government.

Key Themes:

1. Personnel. No single agency or organisation will have the capacity or expertise to meet the information/cyber workforce requirements of the future. The most effective future workforce will consist of personnel from Defence, industry and government working in partnership.
2. Prevalence. The sheer scale of the information and cyber domains in 2040 cannot be understated. The power of these domains is only largely becoming apparent to the general public through discussion of grey zone warfare and other prominent cyber activities such as election interference. With prevalence comes dependency.

Narrative Synopsis: A significant cyber attack on Australian critical infrastructure in 2025 (Black Friday attack), leveraged a natural disaster and resulted in a catastrophic loss of life. It sparked significant public outrage following revelations that both the Australian Government and industry failed to adequately protect their critical infrastructure networks. Coupled with state-based manipulation of information flows and social media aimed at exacerbating popular dissatisfaction, and undermining government legitimacy, a downturn in Australian energy exports impacted a critical industry that the Australian economy depended upon. As a result of this attack, the government and industry ‘nationalised’ the protection of vulnerable critical infrastructure through construction of a virtual fence. The success of this strategy was, amongst other things, attributed to the diverse, shared workforce employed to monitor and maintain the fence. Individual and state-sponsored hackers continually attack the fence to set conditions for subsequent disruption of the critical infrastructure that it protects. However, the actions and technical expertise of the combined Defence, government and industry workforce multiply Australia’s cyber capacity to successfully counter these attacks.

The Fence

Team Consu

Ethan awoke suddenly. It was still dark, his Artificial Reticular Activating System (ARAS)^[5] had been activated by an urgent message. Ethan reached over to his nightstand, inserted his earpiece, and fumbled for his ‘smartlens’ before inserting it into his eye.^[6] The small heads-up display (HUD) sprung to life and a cascading list of warning messages filled his field of view. He watched Captain McKeon move to the centre of the briefing room at the Australian Cyber Centre (ACC).

’Ethan, glad you could join us. Sorry if I woke you,’ she said, somewhat disingenuously.

Before he could reply, the smartlens immersed him in an augmented reality (AR)^[7] view of ‘The Fence’. The hologram took up most of the room, casting a light blue, multilayered web connecting a variety of coloured hubs, physically surrounding Captain McKeon. This web of colour represented a section of The Fence, a giant network housing all of Australia’s critical and national infrastructure. This sovereign capability allowed Australia to trade space for time in defending a system of real infrastructure, hidden amongst the complexity of a contrived, virtual infrastructure. The Fence was enabled by distributed processing across the region,^[8] allowing Artificial Intelligence (AI) agents and human operators to build virtual critical infrastructure honeypots^[9] intended to distract and deceive any malicious actors, diverting attention from any networks of consequence.

Captain McKeon rotated the holographic image, focusing on a handful of glowing, coloured hubs. ‘Last night, AI identified a series of unauthorised connections to a significant number of our honeypots. At this stage, analysis indicates the intended targets are our energy networks, as all the targeted honeypots replicated energy providers. This is a little unusual. We haven’t seen this before, and are concerned the attackers are able to categorise our dummy networks, meaning it may only be a matter of time until they connect to a real one.’

Ethan enlarged the glowing section of The Fence using his Brain Computer Interface (BCI)^[10] just as his smartlens pinged with a personalised Supervisory Control and Data Acquisition (SCADA)^[11]  overlay.

‘Ethan, I need you here ASAP. You’re the lead when it comes to SCADA and energy networks. Can you be here in 20?’ Captain McKeon asked.

‘Yeah, no dramas. I had a virtual day for Energycon scheduled, but I’ll head your way now. Out,’ whispered Ethan as he stumbled in the darkness through the overlays in his vision, attempting to avoid waking his partner, Kat.

Ethan quickly dressed,  left Kat to sleep in and raced out the door. Sensing Ethan’s BCI command, ‘heading to ACC’ , the front door automatically locked behind him. His car let out a muffled ‘meep-meep’, also responding to the ACC command. As he approached, the car’s electric motor automatically turned on and autonomously reversed itself out of the driveway once Ethan was inside. Synchronising with his smartlens, the car’s HUD brought up the overlay that Captain McKeon had sent him earlier along with his personalised social media synopsis from overnight to review on the commute.

When his boss at Energycon had suggested he volunteer for The Fence, Ethan knew the offer of assisting to defend the country whilst sitting at home sounded pretty sweet. After all, his company, Energycon, was required to provide trained technicians to the ACC as part of their participation in the ‘Cyber Proof Fence’ program in 2035. The Fence program was the cornerstone of Australia’s Strategic Cyber Defence Policy, and the biggest thing since the decision to acquire nuclear submarines. It served as a virtual buffer to increase strategic warning time from near zero to something more practicable for the defence of Australia’s interests in cyberspace.^[12]

The Fence’s opt-in network was rapidly adopted by owners of critical infrastructure in Australia, on the proviso that they made their cybersecurity teams available to the ACC when required. This ‘cyber militia’ had grown to number approximately 24,500, with roughly 800 working for the ACC on any given day. They formed the first line of defence against the wild-west frontier of Australia’s cyber-geography. Ethan had been a trusted militiaman for several years, and had established himself as one of the best SCADA techs, both in the ACC and at Energycon. He knew his boss’s original suggestion to volunteer for the program wasn’t really a suggestion. Besides, the cooperation between his company and the government was not just in the government’s best interest, it was also crucial for Energycon.

Ethan’s smartlens suddenly disappeared from the car's immersive display as the car dropped him off at ACC Canberra South, one of four ACC-run network operations centres in the capital. As the car crept off to park itself, Ethan turned to admire the view of the Brindabellas and grab a breath of fresh morning air while he could. The operations centre was in the basement, and the rest of the building was extremely expensive office space leased to the highest bidder. Most people didn’t even know of the operations centre below them, part of the rationale for the distributed operations centre model, he supposed.

As he entered the building, a concealed door recognised Ethan’s BCI signature and revealed itself as he was only about a metre or two from it. Once it closed behind him, a hissing sound announced the opening of the vault-like door on the other side of the airlock. The building's biometric security AI had been scanning him since the car park; it analysed his gait as he walked and compared this data with what it had on file.^[13] It also wirelessly authenticated his BCI chip and verified his vitals for any indication of undue stress or other signs of coercion.^[14] The vault door closed behind Ethan, and as he did every time he entered the building, he remembered that time when it didn’t open and he had looked like ‘that guy’ running towards an invisible door in a brick wall on a train platform.

‘I guess that’s what happens when you ignore four weeks of notifications from the security officer about revalidating your BCI chip,’ Ethan thought to himself for the 147th time.

Ethan had always wanted to work for Defence in cybersecurity, given the hype around ‘cyberwar’.^[15] One of the main reasons he hadn’t initially applied was because formal qualifications didn’t interest him. Also, the Cyber Gap Year^[16] program appeared as a trick, given the stringent fitness tests and psychological interviews that the ADF required for other entry types. Besides, the few people he knew who had applied ended up waiting 12-18 months for their security clearances.

Upon entering the network operations centre, Ethan saw the whole team was already in the conference room. Most of today’s team looked like typical, blazer-wearing corporate workers and public servants, but some others wore retro Minecraft holo-shirts, and one was still wearing her high-vis safety coat ─ she’d probably come straight from the job site.

Ethan found a seat in the back, behind the others but next to a woman he hadn’t seen before. He remembered Captain McKeon saying something about a new starter in the team, something about her being a behavioural scientist, or a behavioural economist, or something.

‘You picked a good day to start,’ Ethan said as he sat down. The young woman turned and extended her hand, ‘I’m Heather,’ she said. ‘Ethan,’ he replied, shaking her hand and noting her firm, confident grip.

Captain McKeon strode into the conference room, acknowledging Ethan with a quick glance before continuing right where she had seemingly left off. ‘As I said before, we believe someone may be attempting to target energy networks, as they have only gone after energy-related honeypots so far. This is quite unusual, and frankly, concerning.’

‘Honeypots?’ Heather whispered quizzically towards Ethan. ‘I mean, I know what they are, but why do we have so many?’

Ethan leant towards Heather and lowered his voice; the last thing he wanted to do was draw the ire of Captain McKeon. ‘Australia can’t compete with the size and scale of larger nations’ cyber workforces, so instead of trying to hide everything behind layers of firewalls and air-gapped networks, we opted for a strategy of obfuscation. The idea is to turn Australia’s critical infrastructure into a needle in the haystack. From the bad guy’s perspective, when attempting to penetrate the fence, it is almost impossible to distinguish between real and virtual targets, increasing the attacker’s risk of discovery and exposure of their hacking tools and processes when they get the wrong one.’

Ethan looked up to make sure Captain McKeon hadn’t noticed him talking, before continuing, ‘It all came about after Black Friday. The Fence was the government’s and industry’s response. It’s like asymmetric warfare,^[17] but in reverse. We’re the small guy.

‘The military and government realised, in order to survive, they needed to combine forces with corporate industry. Industry also realised it needed access to the intelligence and expertise the military had when it came to cyber defence—not to mention the authority to retaliate—so here we are,’ Ethan continued.

‘Ahh! Smart!’ exclaimed Heather. ‘We only learnt about the impacts of Black Friday attacks in school, not so much the technical details. But why not just shut the attackers down straight away? Surely the longer we keep them in The Fence, the more they learn, and the greater the chance of successful attack?’

Ethan started drawing something in the air with his fingers as he shared his overlay to Heather’s smartlens. ‘The Fence allows us to act in the reconnaissance phase of a cyber attack. Previously, we could only identify this in hindsight, as we found out in the Black Friday inquest. By letting attackers probe and navigate The Fence, we are also learning about them. Typically, as soon as the bad guys identify networks for theft, destruction or manipulation, they launch their attack, before covering their tracks and destroying the system on their way out.’

Ethan looked at Heather to see if what he was saying made sense. Her nodding confirmed, so he continued. ‘Sometimes attackers leave logic bombs hidden in a system that go off once a series of conditions are met. The Fence allows us to identify intrusions and develop responses while the attacker is still in this reconnaissance phase, and not have to rely on hindsight. It makes prevention far more effective.’

Ethan paused to give Heather time to absorb the information and took the moment to gain eye contact with Captain McKeon as she went through the generic, but mandated briefing points Ethan had heard time and time again

He turned to Heather and continued, ‘When the AI identifies an incoming attack, we have the chance to terminate it straight away. We also have the ability to monitor it, or even create real-world actions, within safe limits, to either learn about an attacker or as a vector for hacking back. The quantum-based AI we use is cutting edge.  Cyberspace is so vast that we’d never be able to monitor it manually.’

Ethan saw Heather’s eyes light up. ‘Got it, by understanding their behaviour, we then have the option to manipulate it by showing them what they expect to see or set up for a response,’ she said.

‘You got it!’ Ethan replied, smiling.

‘But do you trust the AI?’^[18] Heather asked.

‘Our AI uses elements of common sense and emotional modelling to automate actions that re-create the real world, but it still requires a human on-the-loop for safety decisions. Hence the alerts today. In some instances, if the AI assesses an attack is sophisticated enough, it will terminate it straight away. It’s easier to trust the AI with humans on-the-loop. Plus, you can always go into The Fence to check on it.’ Ethan reassured her.

‘Into The Fence?’ Heather asked, confused.

‘Yeah. You’re probably used to the AR provided by your smartlens. It’s good for briefings and everyday life. But if you want to fully immerse yourself, and go ‘into’ The Fence, you can. That’s what this building is for. We don’t always just dial in from home. Sometimes we go fully virtual.’ Ethan motioned to some of the doors towards the back of the operations centre. ‘You go back there, strap in… literally, synchronise your BCI and away you go. You can do crazy things at breakneck speed when you’re virtual. It becomes problematic when you’re trying to communicate with people who aren’t though.’ Ethan paused as he watched the expression on Heather’s face as she imagined the experience.

Ethan felt the sharp pierce of Captain McKeon’s gaze. ‘Ethan, you’re running point for this one, go into The Fence and try to see what they’re after. Arjun will help you. Something similar may have happened in the communications networks a couple of months ago.’

Arjun was once again his offsider. This was a good thing, as Ethan felt the two worked well together. When it came to communications networks, Arjun was a genius. Arjun was also the goalkeeper in Ethan’s Thursday night soccer league, they’d been good mates for a year or two now. He knew Arjun wouldn’t let anything get past him. Just like on the pitch, it wouldn’t be worth the ribbing Ethan would let him have if he did.

‘Charlotte, you're back-tracing,’ Captain McKeon continued. ‘Go through the logs and find out if we’ve seen these IP addresses or this tradecraft in The Fence before. Go back at least six months, I want to know if this is a group of individuals or AI.’ Also, look at social media, chat rooms, as well as the deep and dark web for chatter of sale of access to power grids or SCADA systems. If someone is paying for this probe, or boasting when they shouldn’t be, I want to know about it. Have Heather help you, she’s new so walk her through it and show her how to analyse behavioural datasets in Dumbo.’

Dumbo was one of ACC’s earliest social media trawling AIs. Like its namesake’s oversized ears, Dumbo was trained to pick up even singular mentions of key words or phrases in every known language ( human and machine) and run it against a contextualising algorithm;^[19] a notable feat considering its vintage, and the vast amounts of data it had to get through. ‘Any questions?’ Captain McKeon asked, looking around the room. There were none, everyone knew what needed to be done.

As they began to leave the room, Ethan turned to Heather: ‘I’m sure this is a lot to take in but don’t worry, you’ll pick it up easily. This situation looks pretty routine given our defensive posture, but we have to be ready to support the potential for offensive actions. The Fence is essentially a poison well, and anyone claiming to have been on the receiving end of Australian offensive cyber effects would first need to admit to drinking from the well.’

‘Thanks for the heads up. Nice to meet you, Ethan,’ Heather replied as she rushed into the distance chasing after Charlotte.

Ethan sat down with Arjun at their workstation and started poring through the logs. Ethan agreed it was unusual that the attackers had only connected to honeypots posing as power station networks and not a random assortment. ‘Maybe they are getting more sophisticated? Or maybe they finally created some half-decent AI?’ he said to Arjun.

It didn’t take them long to find what they were looking for, as the AI filtered out all of the fake logs on each honeypot. ‘The attackers were looking at one of the programmable logic controllers (PLC),’ said Ethan. ‘Based on the commands I’m seeing, it doesn’t look like they were trying to damage or manipulate them, just looking at technical specifications and config files,’ he said to Arjun slowly, thinking as he spoke.

‘I remember something similar happening a couple of years ago, when there was an insider attack on the logistics networks during Talisman Saber 2037,’ said Arjun

‘What happened?’ Ethan replied.

Arjun’s eyes suddenly focussed on a spot in the room way above Ethan’s head. ‘Let me look.’

Appearing to stare into space, Arjun scanned through his archives using his smartlens. Arjun looked back at Ethan. ‘In that instance, they were able to categorise key supply nodes using configuration files for automated dispatch systems via a trusted contractor’s laptop. But the attack was discovered once they attempted to modify operational code. Doesn’t look like it was an APT^[20] or anything, but as usual it was too hard to attribute.’ As Arjun paused, Ethan reasoned that even though the attack didn’t occur on The Fence, the principle was the same. Could they have had help from a trusted insider, he thought to himself.

‘I know what they’re after!’ Ethan suddenly cried.

Ethan called across the room to Captain McKeon. ‘They’re looking for configuration files for the plant’s PLCs.’

‘Why?’ she replied with an inquisitive look.

‘One of two things. I’m guessing they’re either trying to steal the configuration information so they can build their own plant, or they’re conducting recon for a future attack. If they can tweak the config files of the PLCs and then place them back in our system, then they could potentially destroy some of the physical machinery and knock some of our plants offline. Just like Stuxnet!’^[21] Ethan replied.

‘There could also be a discrepancy between the AI generated PLCs and our actual configuration. If they had a trusted insider that knew how our PLCs were programmed, maybe they could use that info…’ Ethan began to trail off. ‘The point is, at this stage we only know what they were looking for, not why. It could be corporate espionage or recon for something bigger. Who knows?’ he said, this time more confidently.

‘Options?’ Captain McKeon asked Ethan.

‘Disinformation?’ Ethan suggested, recalling a story from the Cold War where the CIA had got a list from a Soviet spy of all the technology the Soviets wanted to get their hands on. Instead of blocking them from doing this, the CIA covertly sabotaged the equipment before slowly allowing the Soviets to covertly obtain it.^[22]

‘We could modify the configuration files and hide a logic bomb so that in a few months their PLCs will fail and their power plants will go offline,’ Ethan proposed.

‘It’s too risky,’ Captain McKeon said as a number of the team began to ‘prairie dog’ above their respective workstations with increased interest ‘We’re not about knocking out power to a hospital of sick people just because their government can’t act responsibly. Ever since that chemical plant explosion in the Middle East a couple of years ago, we’ve avoided these types of operations due to ethical reasons.’

Ethan hated to admit it, but she was right, he hadn’t thought of it that way. Now that he did, he remembered the CIA’s Cold War operation had actually resulted in a huge explosion in Siberia. Ethan had no idea if innocent people had been hurt.

‘How about we pass the football,’ Ethan suggested.

Heather looked at Ethan inquisitively. Captain McKeon explained: ‘When The Fence was established, legislators were very clear that operators were to be strictly defensive. We cannot disrupt, degrade, or destroy capabilities of adversaries, particularly where there is a risk of lethal consequences.’

Ethan looked towards Heather: ‘Most of us are civilians, so we enjoy protection from retaliatory attacks under the laws of war. It’s not a line we want to cross,’ he said with a strained look on his face.  ‘Passing the football’ meant passing responsibility over to the Australian Cyber Directorate’s (ACD) covert offensive cyber team, who had held these offensive authorities for several decades.

‘You know that’s a potential minefield if our intelligence is used incorrectly,’ responded Captain McKeon.

Captain McKeon turned to Ethan: ‘Come upstairs with me to see Brian. Whilst we won’t be passing the football, we might dial-in someone at ACD to workshop our options. Charlotte, by the time we’re done, I want to know how they got into the system. I reckon you’ve got 45 minutes.’

As both of them walked up the stairs to Brian’s office, Ethan noticed Brian’s distinctively large silhouette sitting in front of a quad monitor display. Ethan didn’t know much about Brian, despite attempts at small talk when he was in  Brian’s office. He had worked out that Brian was ex-special forces and had some involvement in the offshore responses to Black Friday. Ethan knew Brian had spent over 20 years in the Army, and from what he had heard, he was part of a unit that covertly infiltrated remote satellite communications stations to plant malware. Brian had told him about the time he was asked to conduct a number of security vulnerability assessments on regionally dislocated infrastructure sites and had managed to get into all of them, except one but wouldn’t disclose which one. Brian was out of the Army now, a dodgy back saw him transfer to the public service. Ethan figured that once you live a life like that, you never fully let go. While Brian wasn’t the friendliest of characters, it’s not that he wasn’t a nice guy; he just knew a lot of classified stuff, and always seemed reserved.

The three of them spoke for a few minutes. Brian agreed with Ethan’s plan. ‘If the attackers did have some new method of rapidly categorising networks in The Fence, this is something we need to know about,’ Brian stated emphatically. ‘I’ve got an old Army buddy over at ACD who will help.’

Brian picked up his office phone and dialled his counterpart in the basement at Russell Offices.

‘Hey Mike, I have an interesting one over here that you might want to see. It’s still on our system so I can’t get it across to your network, obviously, but can you spare a couple of operators for a round-table briefing in about 30 minutes?’

‘No problem, Brian. I’ve got a couple of guys who are pretty solid operators over here but could benefit from some exposure to what you do. Mind if I send them over in person?’ Mike asked.

‘Not at all, mate. Send me their details and I’ll make sure they’re on the access list.’ Brian responded.

While he waited for the ACD team to arrive, Ethan went outside to the café.  His stomach was reminding him that he hadn’t had a chance to grab breakfast. He could have sent an order up to the cafe using his BCI, but the human performance-based lighting of the operations centre was getting to him, and he needed to refresh his eyes. Besides, he knew that once the ACD team got there he may not get another break for a while. He ordered a coffee and muffin from the café, exchanging pleasantries with a couple of the upstairs corporate types waiting in line next to him.

While waiting patiently for his coffee, Ethan launched one of his many social media feeds on his smartlens.  Might as well catch up on the news while I have a chance. ‘What is it this time?! He quietly complained, scrolling through a social feed that refused to load. He closed the app and tried to open a number of others to get his fix… nothing… ‘Great! I didn’t want to exist as a person today anyway,’ he mused as he closed all of his social media apps. Ever since the world had embraced the internet of things, online identities had become just as important, if not more so, than their real-world ones.

Ethan walked back into the operations centre just in time to see Charlotte racing across the room towards Captain McKeon.

‘I think it’s a zero-day,’ Charlotte said with a worried look.

A worried look wasn’t exactly a new thing for Charlotte, so Ethan found it difficult to understand just how worried she actually was. Charlotte always came across as skittish, and kind of paranoid. As weird as she might have appeared at times, she was a rock star when it came to understanding how alternate internets worked, and tracing profiles through each despite a lack of physical and logical connection.^[23] Besides, each member of the team was weird and eccentric in their own way. It was what made them such a successful team.

Ethan was snapped back to reality by Charlotte. ‘I reconfigured some of the AI parameters based on that communications hack a few months ago, and the AI agrees.’^[24]

Captain McKeon turned to Ethan and asked, ‘Are our real SCADA networks at risk?’

Ethan was put on the spot. ‘I have no idea. The AI builds these networks based on real ones, so if there’s a vulnerability in the honeypots, it will probably exist in the real ones too.’

Captain McKeon looked around the room prior to delivering a burst of orders. ‘Listen up, here’s what we’re going to do. Ethan, confirm the zero-day is not present in any real networks. I also want a damage estimate simulation to inform the impact of taking key networks offline, and how to avoid a cascading failure if it comes to that. Charlotte, confirm the extent of the penetration, and Arjun, get in touch with the vendor, figure out what they know. Once you’ve done that, work with Ethan to develop a patching plan.’ Ethan was impressed, Captain McKeon had seemingly developed the entire action plan to tackle the problem in only a few seconds.

Ethan was often impressed by Captain McKeon’s direct, military leadership style. The day they met, Captain McKeon hadn’t been wearing a uniform, and had introduced herself as Isabella during his intake process. ‘Why are you here?’ she asked. Ethan explained that his initial hesitation towards working for the government changed with the pseudo-national service program established between industry and government in 2030.^[25] ‘Once everyone realised that the emerging problems in cyber and space were so significant, it was obvious we all needed to come together. It just took the government to become more transparent with security, the military to drop uniforms, and industry to allow, or direct in my case, people to work for both.’

‘I agree, we were a bit backwards in our thinking, but I do miss not having to pay for my uniform,’ replied Captain McKeon. ‘So, with little interest in the military side of things, what can we, “the military” do for you?’

‘Working part-time with you guys allows me to pad the resume with some new courses and a top-secret security clearance. The extra cash helps too.’ Ethan replied.  Wanting to play a part in defending Australia’s national interests just sounded cheesy, so he left that part out.

Captain McKeon looked up from her notes and gave Ethan his first military one-way conversation. ‘Well, I have no issues with any of that. As long as you step up when I need you to, and adhere to the behaviour codes and security practices, we won’t have a problem. Understood?’

Ethan nodded, and before he could get another word in, Captain McKeon continued. ‘From here, go and speak to security to finalise your accounts and accesses. You start Monday.’ The lack of beating around the bush and getting straight to the point gave Ethan confidence from the start. He appreciated her authenticity over the disingenuous emotional leadership ideas of his corporate supervisors.

Just as Ethan was finishing up his analysis, Captain McKeon beckoned for him to come join her. He walked over to her office and sat down. ‘I’ve confirmed the zero-day isn’t present in any genuine networks,’ he said.

‘That’s the first piece of good news we’ve had all day,’ she replied.

‘The ACD team will be here soon, please read them in. I want to see if this is something they’ve dealt with before. It goes without saying that anything you guys consider should remain defensive in nature. If this turns out we’re handing any of this task off, then you will need to develop targeting options for clearance by both the ACC legal and ethical teams before anything is passed to ACD for execution, so don’t come back to me with a rubbish quad-slide plan you know won’t fly.’ Captain McKeon seemed to pause to let her point sink in.

Ethan nodded. As he stood to leave, he came face to face with Charlotte who appeared excited and frazzled.

‘What is it?’ asked McKeon in her usual manner.

‘Ahhh, the back-trace has picked up some tradecraft markers and the US threat library has given a high attribution to APT137,’ Charlotte rattled off in panicked excitement.

‘I’ll pass it on to ACD. This changes the risk, but not the plan. Go with Ethan and work up our options, quickly,’ said Captain McKeon in her trademark calm voice.

Ethan and Charlotte left and headed back to the operations room floor. ‘APT137?’ asked Ethan. ‘Yeah, a little concerning,’ Charlotte replied. ‘These guys only come up every few years and have strong links to state-sponsored entities like we saw during Black Friday.’

‘Wow!’ said Ethan, both shocked and excited. Before Ethan could enquire more, Arjun walked up and interrupted.

‘Hey guys, turns out the vendor was unaware of the zero-day, but they’re working on another patch that will address the SCADA vulnerability. They’ve doubled the staff, given the potential reputation and financial risks, and should have a patch tested and ready in the next hour or two.’

‘That’s a massive relief,’ exclaimed Ethan.‘The attackers are likely still in the reconnaissance phase and probably won’t exploit the vulnerability in that time. Looks like one for the next shift.’

At that moment, a picture of Kat wearing big sunglasses and a cheeky grin suddenly appeared in his smartlens alongside a vibrating phone icon. ‘Hi, babe. I’m pretty busy,’ Ethan answered as he walked off towards his workstation

‘What’s going on!?’ Kat asked, Ethan sensing the panic in her voice.

‘What do you mean?’ he responded.

‘Switch on your news and social feeds. It’s everywhere! I thought you guys monitored more than just SCADA in there!’ Kat said.

Ethan raced over to an open-source terminal and brought up his personalised news profile. The headline article read ‘The FENCE FAILS!!! Australian Energy Providers suffer the biggest cyber attack since Black Friday’. A hyperlink immediately underneath the headline took Ethan directly to Energy Australia’s website front page, which had been defaced with images of Black Friday devastation.

Seconds after opening the webpage, a video popped up to show an interview with the Director General of the ACC, who admitted that malicious cyber actors had been deliberately permitted access to real infrastructure in order to gather intelligence. The video cut out just after the Director was quoted saying, ‘You can’t make an omelette without breaking a few eggs’.

Ethan was horrified. ‘Holy f---!’.

‘Did you hear the eggs thing?’ Kat asked, snapping Ethan back to reality. ‘Isn’t that your boss?’

‘I’ve only met him once, but he looked a little unfamiliar. Something wasn’t right about his chin.’ Ethan assumed this was probably another deepfake video.^[26] ‘Is this on social media too?’ Ethan asked.

‘Babe, it’s everywhere! It’s all there is on all my feeds. How can this have happened again?’

‘It hasn’t!’ Ethan argued. ‘The energy provider’s websites are separate. Their business networks and SCADA networks are air-gapped.^[27] They’re not connected, the media is just selling fear as usual. This is going to get ugly. I’d better go. I won’t be home for dinner.’

Ethan, Charlotte, Heather and Arjun crossed the floor to update Captain McKeon who was in her office with Brian, clearly in an augmented conference of some description.

‘Yes, Minister, ACC confirms no real-time or virtual effects have been initiated on The Fence. Threat indicators have been passed to ACD and we are awaiting vendor response for the patch,’ Captain McKeon stated in her most military tone.  In true Captain McKeon style, she was all over it.

‘We’ll continue to monitor. Out,’ said Brian as he terminated the call.

Captain McKeon switched back to reality, acknowledging the presence of the team with a glance while Brian walked out of the office, obviously on a subsequent smartlens call. ‘It doesn’t change the mission, team. Continue to track the threat and advise once the patch has been applied,’ Captain McKeon directed.

An hour later, the software patch from the vendor came through. Ethan and the team immediately patched the network starting with the most important networks then letting the AI randomly patch honeypots after that.

Once that job was complete, they had to try to figure out how the hackers were able to distinguish the energy grid honeypots from the water and communications ones. Ethan thought hard: Did they have a trusted insider? Was there a fault with their honeypot generation? Was there some kind of…

Ethan’s thoughts were abruptly interrupted by an incoming call from his boss at Energycon. ‘Ethan! You’re at the ACC today, aren’t you?’ he asked, noticeably panicked.

‘Yeah, you wouldn’t believe the day we’ve had,’ Ethan replied.

Before Ethan could say anything else, his boss cut him off. ‘We’ve just lost the network, and I just spoke to my guys in Bayswater and Liddell and theirs isn’t responding either. I just saw the news; what’s happening? I thought The Fence was supposed to stop this. Why are we even sending you there if you can’t prevent this sort of thing?’ His boss fired questions at Ethan, getting more and more frantic.

‘What? No!’ exclaimed Ethan, incredulous. ‘We’ve literally just patched those networks, we’ve just stopped the attack…’. Ethan froze.

Suddenly, the penny dropped.

In all their excitement, neither Ethan nor the team had stopped to wonder why the attackers hadn’t attempted to interfere with patching of the vulnerabilities. But it wasn’t just good luck; it was by design. The hackers must have known their zero-day was about to be patched over. They’d deployed the zero-day before it had become obsolete.

It all played out in slow motion in Ethan’s head. By offering up a zero-day that they knew the ACC would have to patch, the attackers had invited Ethan and the team to prioritise networks on The Fence to be patched. It stands to reason that the actual power networks would be patched before the honeypots. The attackers didn’t have to fumble blindly through honeypots any more, they’d just been shown exactly where to look!

The blood drained from Ethan’s face. He ran back to the middle of the operations centre and yelled: ‘WE’VE BEEN PLAYED!’

Ethan recalled the conversation he just had with his boss at Energycon: ‘Ultimately, we don’t have much time before Energycon loses control of the grid.’

‘Ethan, options?’ asked Captain McKeon, the second time today she’d asked him that exact same question.

Ethan raised a finger to let the team know he needed a second. ‘OK, they obviously know our procedures, we’ve got to change things up!’ Ethan exclaimed.

‘Have we lost the grid?’ asked Brian as he walked over.

‘Not yet,’ said Ethan enthusiastically.

‘But I thought you said your boss lost access?’ asked Captain McKeon, slightly confused.

‘Only partly,’ Ethan replied. ‘We got the patch out; whilst we identified some of the real networks by doing that, we also cut their access. They’re probably being DDoSed^[28] and that’s why they can’t access the network. We’ve got their attention now!

‘We have tools that enable us to spread the network traffic and start killing the malicious requests, but they’re trying to distract us whilst they attempt a brute force attack on the actual networks^[29]. We have an opportunity!’ Ethan said excitedly.

‘They don’t know where the real networks stop and the AI honeypots begin. I know what to do. How long until the ACD team gets here?’

Endnotes

^[1]Stephen Pearson, ‘Chief Information Officer Group’ (Australian Command and Staff Course, Australia’s Strategic Defence Policy Lecture 15, Australian National University, Australian War College, 01 Sep 21).

^[2]Swetha Das, ‘Direct Costs Associated with Cybersecurity Incidents Costs Australian Businesses $29 Billion per Annum’, Microsoft Australia News Centre, June 26, 2018, https://news.microsoft.com/en-au/features/direct-costs-associated-with-cybersecurity-incidents-costs-australian-businesses-29-billion-per-annum/.

^[3]To read more about the issues surrounding the teaching of STEM in Australian schools, see Michael J Timms et al., ‘Challenges in STEM Learning in Australian Schools: Literature and Policy Review’, Literature and Policy Review (Victoria, Australia: Australian Council for Educational Research, 2018), https://research.acer.edu.au/cgi/viewcontent.cgi?article=1028&context=policy_analysis_misc,; To read more about the uptake of STEM study in secondary and tertiary institutions, see Andre Kaspura, ‘Engineers Make Things Happen | Engineers Australia’ (Canberra, Australia: Institution of Engineers Australia, 2017), https://www.engineersaustralia.org.au/sites/default/files/resources/Public%20Affairs/Engineers%20Make%20Things%20Happen.pdf..

^[4]August Cole and Peter Singer, ‘Thinking the Unthinkable with Useful Fiction’, September 17, 2020.

^[5]The ARAS is a small BCI linked device aimed at replicating the body’s natural Reticular Activating System. It essentially helps humans in the future fall asleep and wake up. For more information on the RAS, see E. Garcia-Rill, ‘Reticular Activating System’, Encyclopedia of Neuroscience, 2009, 137–43, https://doi.org/10.1016/B978-008045046-9.01767-8.

^[6]Whilst smart glasses are the leading edge of technology today, technological advancements are likely to revolutionise the concept even further. To read more about smart contact lenses currently under development, see Julian Chokkattu, ‘The Display of the Future Might Be in Your Contact Lens’, Wired, n.d., https://www.wired.com/story/mojo-vision-smart-contact-lens/.

^[7]For additional information on Augmented Reality applications in complexity see Wang S, Zargar SA, Yuan F-G. Augmented reality for enhanced visual inspection through knowledge-based deep learning. Structural Health Monitoring. 2021. 426-442. https://journals.sagepub.com/doi/pdf/10.1177/1475921720976986?casa_token=N0iv83rpzUIAAAAA:ZfzSPOO-K76I9BImxGbTB_qW4Ayiu4NN4kHGx0QqWPZVWLQPnog4ryabPcE6klfmGerYQdwvv0wRTPg

^[8]Distributed Processing is a computation architecture that shares the processing cycles across geographically separated CPUs simultaneously and without centralised control to remove dependency on a single CPU and avoid physical targeting or virtual disruption.

^[9]A honeypot is a virtual network that, when viewed from the outside, looks exactly the same as the network for an actual energy plant, for example. Whilst the friendly team know it is a fake, the attackers have no idea. The AI-generated traps were littered throughout the fence, and not just a couple, but thousands and thousands.

^[10]The Brain Computer Interface is a tiny microchip implanted under the hand that uses electrical signals to stimulate parts of the brain or other implanted devices. In 2040, such devices are common and utilised by people to control basic implanted devices, usually on the back of the hand. Brown University, ‘Wireless Microscale Neural Sensors Enable Next-Generation Brain-Computer Interface System’, SciTechDaily (blog), August 29, 2021, https://scitechdaily.com/wireless-microscale-neural-sensors-enable-next-generation-brain-computer-interface-system/.

^[11]For more on future SCADA systems see Anand Narayan et al, ‘Towards Future SCADA Systems for ICT-Reliant Energy Systems’ (International ETG-Congress 2019 - ETG Symposium, Esslingen, Germany: VDE, 2019), https://ieeexplore.ieee.org/document/8836014.

^[12]‘Australia’s new strategic policy states that Australia can no longer assume a 10-year strategic warning time for a major conventional attack as an appropriate basis for defence planning.’ To read more about the changing nature of Australia’s security environment, see Paul Dibb AM and Dr Richard Brabin-Smith AO, ‘Deterrence through Denial: A Strategy for an Era of Reduced Warning Time’ (Australian Strategic Policy Institute, May 2021), https://www.aspi.org.au/report/deterrence-through-denial-strategy-era-reduced-warning-time.

^[13]For more on AI-enabled Gait recognition see Horst, F, Lapuschkin, S, Samek, W et al. Explaining the unique nature of individual gait patterns with deep learning. Sci Rep 9, 2391 (2019). https://doi.org/10.1038/s41598-019-38748-8

^[14]For more on the applications of bio chip technologies see RAND Report, ‘The Internet of Bodies - Opportunities, Risks and Governance’ 2020. https://www.rand.org/content/dam/rand/pubs/research_reports/RR3200/RR3226/RAND_RR3226.pdf

^[15]‘For nearly thirty years scholars have offered changing definitions of cyberwar, and the continued lack of clarity demonstrates that efforts at establishing a singular definition have not been successful.’ For a more detailed analysis of the term, see Cameran Ashraf, ‘Defining Cyberwar: Towards a Definitional Framework’, Defense & Security Analysis, August 6, 2021, 1–21, https://doi.org/10.1080/14751798.2021.1959141.

^[16]The Australian Defence Force Cyber Gap Program is a 12-month online program that is undertaken in conjunction with tertiary study and is designed to enhance skills and employability in the cyber security field. To find out more information, visit Australian Government, ‘Australian Defence Force Cyber Gap Program’, Digital Profession, 2021, https://digitalprofession.gov.au/australian-defence-force-cyber-gap-program.

^[17]The Australian Defence Force Cyber Gap Program is a 12-month online program that is undertaken in conjunction with tertiary study and is designed to enhance skills and employability in the cyber security field. To find out more information, visit Australian Government, ‘Australian Defence Force Cyber Gap Program’, Digital Profession, 2021, https://digitalprofession.gov.au/australian-defence-force-cyber-gap-program.

^[18]For more on the challenges in trusting AI see Lockey, Steven & Gillespie, Nicole & Holm, Daniel & Asadi Someh, Ida. (2021). A Review of Trust in Artificial Intelligence: Challenges, Vulnerabilities and Future Directions. https://www.researchgate.net/publication/349157208_A_Review_of_Trust_in_Artificial_Intelligence_Challenges_Vulnerabilities_and_Future_Directions.

^[19]Emerging AI capabilities allow them to be deployed on social media platforms to harvest personal information for intelligence agencies, multinational corporations and data brokers. To read more, see Chelsea Gohd, ‘How the CIA Is Using Artificial Intelligence to Collect Social Media Data’, Futurism, September 10, 2017, https://futurism.com/how-the-cia-is-using-artificial-intelligence-to-collect-social-media-data.

^[20]An advanced persistent threat uses continuous, clandestine, and sophisticated hacking techniques to gain access into a system for a prolonged period of time. For more information, see Kaspersky, ‘What Is an Advanced Persistent Threat (APT)?’ October 7, 2020, https://www.kaspersky.com/resource-center/definitions/advanced-persistent-threats.

^[21]Stuxnet was a computer worm which exploited a number of zero-day vulnerabilities in order to infiltrate the Iranian nuclear power program; it corrupted PLCs resulting in the destruction of many centrifuges. It is widely considered to be the most complex cyber-attack ever. For a much more detailed description, see Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon, First Edition (New York: Crown Publishers, 2014).

^[22]Wired Staff, ‘Soviets Burned By CIA Hackers?,’ Wired, March 26, 2004, https://www.wired.com/2004/03/soviets-burned-by-cia-hackers/.

^[23]Alternate Internets are a distinct entity, separate from the general commercial internet, only accessible with specific corresponding hardware. This technology would allow for unregulated and unmonitored communication and commerce, potentially granting safe haven to criminal and terrorist activities. For more information see https://madsciblog.tradoc.army.mil/51-black-swans-and-pink-flamingos/

^[24]A zero-day exploit is a software vulnerability that is unknown to the manufacturer and, generally speaking, everyone except for the attacker. It’s called a zero-day as that’s how long the vendor has had to patch the software.

^[25]‘The challenges we face, from bushfires, pandemics, climate change and a changing regional order – based on population – will require more from our society and our defence forces than current levels of voluntary service can meet.’ To read more about how this problem can be addressed, see Chris Barrie, ‘AUSS+IE - Why Australia Needs a Universal Service Scheme’, ed. Peter Layton, Zach Lambert, and Nathan K Finney, The Centre of Gravity Series, Paper 52, 2020, 33–41.

^[26]Ian Sample, ‘What Are Deepfakes – and How Can You Spot Them?,’ The Guardian, January 13, 2020, sec. News, http://www.theguardian.com/technology/2020/jan/13/what-are-deepfakes-and-how-can-you-spot-them.

^[27]A network security measure employed on one or more computers to ensure that the network is physically isolated from any other network. This makes the isolated network secure, as it does not connect to unsecured networks such as the public internet or an unsecured local area network. Courtesy Australian Cyber Security Centre, ‘Definitions | Cyber.Gov.Au’, September 13, 2021, https://www.cyber.gov.au/acsc/view-all-content/glossary/air-gap.

^[28]A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of internet traffic. For more information, see https://www.cloudflare.com/en-au/learning/ddos/what-is-a-ddos-attack/

^[29]A brute force attack uses trial-and-error to guess login info, encryption keys, or find a hidden webpage. For more information , see https://www.kaspersky.com/resource-center/definitions/brute-force-attack