Information Technology

Image: Getty Images
The federal government’s big-ticket tech item in last night’s annual Budget was its proposed AU$9.9 billion injection into Australia’s cybersecurity and intelligence capabilities. Chief among the objectives of that injection would be the creation of 1,900 jobs at the Australian Signals Directorate (ASD) over the next decade.While Australia’s tech industry has welcomed the increased cybersecurity spending, it’s unclear whether those jobs can be filled due to Australia’s digital skills shortage, RMIT University cybersecurity professor Matt Warren told ZDNet. Due to the ASD being a government agency, only Australian citizens can be hired for these new jobs, which means the federal government and Australian organisations need to develop talent with sovereignty in mind to fill these roles.”A key issue is that only Australian citizens can work for the Commonwealth and with the current cyber security skills shortage, it may be difficult to fill the 1,900 new security roles,” Warren explained.”In terms of how the cyber industry works, they poach off each other — so industry poaches off government. So I think part of the discussion is how to develop cybersecurity skills into the future from a sovereignty perspective.”Read more: Australian Budget 2022 delivers AU$9.9 billion for spicy cyberLast week, Australian Prime Minister Scott Morrison made similar remarks, warning organisations about the need to prioritise trust over costs and efficiency when it comes to cybersecurity.”We see that in the most terrible events, whether it’s in Ukraine or the stresses that are being placed on our own country here in the Indo-Pacific, when it comes to your data security you’ve got to be dealing with someone you trust and so words like sovereign really mean something,” Morrison said last Friday at the opening of Macquarie Telecom’s new Sydney-based data centre.According to recruitment firm Hays, survey results of nearly 3,500 organisations from last year indicated that 68% of the local technology industry is suffering from skills shortages. The findings by Hays around skills shortages in the tech sector mirrored those uncovered by Seek in 2020.With the skills shortage being a key chokepoint for filling any large influx of cyber jobs, Warren said the federal government’s next steps need to be focused on establishing a national coordinated plan for making sure Australia can develop its future cyber workforce.”What Australia needs is not just one or two initiatives,” the RMIT professor said.Cybersecurity software firm BlackBerry said Australia’s cybersecurity private sector also has a role to play in addressing the skills shortage, explaining that the growing number of cyberthreats cannot be solely alleviated by government.”As the breadth of malicious cyber activity increases, public and private sectors must work together to rapidly up-skill the Australian and invest in complementary automation, including AI/ML-driven security technologies to help security professionals protect the government and other enterprises,” said Graeme Pyper, BlackBerry APAC channels director.Depending on the upcoming federal election’s outcome, which is expected for May, the jobs announced last night may not come to fruition if the Coalition loses the federal election. Regardless of the outcome, Warren said both the Coalition and Labor parties have committed to backing increased cybersecurity spending due to the growing cyberthreat landscape around the world.”Whether there is a change in government, I don’t see the cybersecurity strategies changing in the future. Both parties are committed to protecting Australia against future security risks, whether they’re physical, cyber, or space-based,” Warren said.RELATED COVERAGE More

Singapore has introduced certification programmes to tag small and large enterprises that have adopted good cybersecurity practices. The move is touted as essential for companies to ascertain their security posture amidst increasing supply chain attacks. The certification scheme encompassed two cybersecurity marks, one of which would enable small and midsize businesses (SMBs) to prioritise basic security measures they should implement to protect their systems and operations against common cyber attacks. These baseline measures included preventive measures to control access to systems and data, and cyber incident response. The Cyber Essentials mark not only recognised SMBs with good cyber hygiene, but also would help these companies understand fundamentals they should have in place even with their limited IT or cybersecurity resources, said Singapore’s Cyber Security Agency (CSA). 

An SMB food and beverage company, for instance, with the Cyber Essentials mark would have adopted baseline cybersecurity measures to safeguard personal data of its customers, such as name and date of birth, needed to facilitate its loyalty programme. These included controlling access to and backing up customer data and investing in software to secure its internal IT systems. The second certification programme was targeted at larger and more digitalised businesses, including multinational corporations, CSA said. Called Cyber Trust, it outlined a risk-based approach to help organisations understand their risk profiles and determine security elements they needed to prepare to mitigate such risks. Specifically, the Cyber Trust mark encompassed five cybersecurity preparedness tiers that matched the company’s risk profile. Each tier outlined 10 to 22 domains such as cyber governance, education, information asset protection, and secure access against which the organisation would be assessed to determine their cybersecurity posture.For example, a financial services institution would have to ensure both its internal and external systems had a robust level of cybersecurity to safeguard its customers’ personal and financial data, CSA said. The industry regulator added that the Cyber Trust mark would certify the financial organisation’s investments and efforts in cybersecurity. The certification would provide a competitive advantage for companies who earned it as well as offer assurance for their customers,. CSA’s chief executive David Koh: “CSA’s cybersecurity certification scheme for enterprises is a timely introduction to the market. Supply chain cyber attacks will continue to proliferate in the digital space and, in time to come, companies could be required to demonstrate their cybersecurity posture when they conduct business as a way of providing greater assurance to their customers. “Having the certification reflects the company’s commitment to ensure that they remain cyber-secure, giving them an edge over their competitors,” Koh added. CSA said it would work alongside industry partners such as SGTech to drive the adoption of both security marks, which would not be made mandatory. The certification process would be run by an initial group of eight certification bodies, including Bureau Veritas Quality Assurance, EPI Certification, and iSOCert. According to CSA, the marks were developed in consultation with industry partners such as certification practitioners and trade associations. The industry regulator also worked with several companies in Singapore to trial the frameworks for both Cyber Trust and Cyber Essentials. These included F&B companies as well as e-commerce operators and technology vendors such as Andersen’s of Denmark Ice Cream, IBM, Kestrel Aero, and Lazada Singapore. CSA also developed a toolkit to help companies adopt cybersecurity and attain the certification marks. Designed for IT administrators, the toolkit curated an initial list of partners offering products and services that could help businesses meet the requirements of the two marks. RELATED COVERAGE More

Hackers were much faster to exploit software bugs in 2021, with the average time to exploitation down from 42 days in 2020 to just 12 days. That marks a 71% decrease in ‘time to known exploitation’ or TTKE, according to security firm Rapid7’s new 2021 Vulnerability Intelligence Report. The main reason for the reduction in TTKE was a surge in widespread zero-day attacks, many of which were used by ransomware gangs, according to the company. As Rapid7 notes, 2021 was a grim year for defenders, which kicked off with the SolarWinds Orion supply chain attack which was  pinned on Russian state-sponsored hackers. The year ended with the very different Apache Log4j flaw, which had no obvious main attacker but was spread across millions of IT systems.   Google’s Threat Analysis Group (TAG) and Project Zero researchers also have also observed an uptick in zero-day attacks, where attackers are exploiting a flaw before a vendor has released a patch for it.Rapid7 tracked 33 vulnerabilities disclosed in 2021 it considered to be “widespread”, an additional 10 that were “exploited in the wild”, and seven more where a threat was “impending” because an exploit is available. The company recommends patching impending threats today.   Rapid7’s list excludes browser flaws because they’re already well-covered by Google Project Zero’s zero-day tracker. Instead, Rapid7 focusses on server-side software, meaning its dataset under-represents zero-day exploitation detected in 2021, it said. Rapid7 highlights several startling trends. For example, in 2021, 52% of widespread threats began with a zero-day exploit. What’s “unusual and wildly alarming” about this trend, it said, is that these attacks aren’t just highly targeted ones, as was the case in 2020. Instead, last year 85% of these exploits threatened many organizations rather than just a few. Rapid7 blames much of this trend on the proliferation of affiliates supporting the ransomware industry, which is now dominated by the ransomware-as-a-service model. Last year, 64% of the 33 widely exploited vulnerabilities are known to have been used by ransomware groups, it noted. Its 2021 “widespread” list includes enterprise software from SAP, Zyxel, SonicWall, Accession, VMware, Microsoft Exchange (the ProxyLogon bugs), F5, GitLan, Pulse Connect, QNAP, Forgerock, Microsoft Windows, Kaseya, SolarWinds, Atlassian, Zoho, Apache HTTP Server  and, of course, Apache Log4j. These flaws affected firewalls, virtual private networks (VPNs), Microsoft’s email server, desktop operating system and cloud, a code sharing platform, remote IT management products, and more. Many of the bugs were exploited at a time when most people were still remote working and relying on remote access and VPNs to connect to work. It does however note a few bright spots in 2021, including the US Cybersecurity and Infrastructure Security Agency’s (CISA) frequently updated Known Exploited Vulnerabilities Catalog and its binding directive for federal agencies to patch flaws within a certain timeframe. Also the main reason the security industry can measure such a spike in zero-day attacks is because zero-day exploits are being detected and analyzed quicker. More

Organisations using Russian-linked software or products have been told to take time to consider the risk involved with using those technologies following Russia’s invasion of Ukraine. New guidance from the National Cyber Security Centre (NCSC) – part of GCHQ – says organisations in several key areas in particular should reconsider the risk of using Russian-controlled products as part of their network or supply chain because of the risk of potential cyber attacks. The NCSC said that Russian law already contains legal obligations on companies to assist the Russian Federal Security Service (FSB), and the pressure to do so may increase in a time of war. And while it said there was no evidence that the Russian state intends to suborn Russian commercial products and services to cause damage to UK interests, the absence of evidence is not evidence of absence. “In our view, it would be prudent to plan for the possibility that this could happen,” said Ian Levy, technical director at the NCSC in a blog post. “You may choose to remove Russian products and services proactively, wait until your contract expires (or your next tech refresh), or do it in response to some geopolitical event. Alternatively, you may choose to live with the risk,” said Levy.He added: “Whatever you choose, remember that cyber security, even in a time of global unrest, remains a balance of different risks. Rushing to change a product that’s deeply embedded in your enterprise could end up causing the very damage you’re trying to prevent.”NCSC said organisations providing services to Ukraine and organisations or individuals doing work that could be seen as being counter to the Russian state’s interests, making them retaliatory targets for cyber attacks, should reconsider their risk.Organisations involved in critical infrastructure, the public sector and high-profile organisations which if compromised, could represent what the NCSC describes as a ‘PR win’ for Russia are also urged to think about the risks of using Russia-linked software and technology products. National security departments in government were advised against using cloud-enabled products where the supply chain included states like Russia in 2017, but following the invasion of Ukraine, others are being urged to consider the risks too. It’s not possible for the NCSC to provide custom guidance on managing risk to every business, but it’s urging organisations to err on the side of caution, particularly if they’re more likely to be a target of Russian cyber aggression because of the invasion of Ukraine. Organisations should also consider how they could protect their network if those services are abused. “This conflict has changed the world order, and the increased risk and uncertainty aren’t going away any time soon. However, the best thing to do is to make plans, ensure your systems are as resilient as practical and have good recovery plans,” said Levy.  SEE: A winning strategy for cybersecurity (ZDNet special report)

Ukraine Crisis

The NCSC also notes that any additional sanctions against Russia could means that services could be stopped at a moment’s notice, so organisations should examine how they would mitigate this. Russian-state backed hackers are accused of being the perpetrators of several major hacking campaigns, including the SolarWinds supply chain attack.  In many instances, these attacks target the lowest hanging fruit, abusing unpatched software, weak passwords and poor network management. Organisations are urged to apply security patches and use strong passwords to help protect networks from nation-state hackers – and other cyber criminals who use the same tactics. One of the most widely used forms of Russian-owned software is Kaspersky antivirus. According to the NCSC, individual users are highly unlikely to be targeted by any potential cyber attacks which look to abuse the software, meaning that “it’s safe to turn on and use at the moment,” according to Levy.Nonetheless, it’s warned that if Kaspersky were to be subject to sanctions and the antivirus software stopped receiving updates, users may need to switch to another provider. The NCSC will continue to evaluate the potential risk of cyber attacks by Russia – and other hostile groups – which could target the UK. The NCSC has previously issued guidance on what organisations can do to help protect their networks from cyber attacks which might occur as a result of Russia’s invasion of the Ukraine. MORE ON CYBERSECURITY More

The Transparent Tribe hacking group is back with a new malware arsenal and victim list including India’s government and military. Active since at least 2013, the advanced persistent threat (APT) group operates in at least 30 countries. However, the APT tends to focus on India and Afghanistan – with the exception being attacks recorded against human rights activists in Pakistan. Transparent Tribe, suspected of being of Pakistani origin, is also tracked by cybersecurity researchers using the labels PROJECTM, APT36, and Mythic Leopard. In 2020, Kaspersky found that the APT was the architect of ongoing cyberattacks against government and military personnel. Malware including Trojans, backdoors, and a propagation tool called USBWorm that quietly copied malicious code to removable drives were used at the time. Cisco Talos has provided an update on Transparent Tribe activities. On Tuesday, cybersecurity researchers Asheer Malhotra, Justin Thattil, and Kendall McKay said in a blog post that a campaign, ongoing since at least June 2021, has chosen the Indian government and military bodies as targets.Transparent Tribe uses phishing to deliver maldocs and malicious web domains to push its malware, which is primarily Windows-based. The fake websites used to deliver payloads mimic government and defense organizations and will serve visitors downloader executables, packaged up to appear to be friendly software, .PDFs, or image files. While past themes have included topics such as COVID-19, the APT moves with the times and adapts to different trends. The latest samples, deployed in 2022, include a fake version of Kavach, a multi-factor authentication (MFA) application. Talos says that the legitimate Kavach app is “widely used” by India’s military for accessing government resources. If a target executes the fake .NET executable, upon installation, a legitimate version of the app is installed — alongside a malware dropper. The second version of this infection vector might raise suspicion, though, as the full MSI installer for Kavach is pulled — as a 141MB package. Malicious payloads, including the Remote Access Trojan (RAT) CrimsonRAT are downloaded and executed. Since 2020, the .NET RAT is considered the APT’s “malware of choice” and is capable of extensive data theft and surveillance. However, Talos notes that Transparent Tribe continues to “incorporate new bespoke malware, indicating the actors are actively diversifying their portfolio to compromise even more victims.”Among the group’s current toolset are the long-standing ObliqueRAT malware, a new Python-based stager for deploying NET-based spyware and other Trojans, and a new .NET implant for executing arbitrary code. 

The new additions are “quickly deployable” malicious tools and RATs, Talos says. When the smaller payloads are used, the threat actors appear to accept their more limited capabilities as a trade-off compared to CrimsonRAT and ObliqueRAT.In addition, Transparent Tribe has not ignored mobile technologies in its quest for fresh victims. One tool, CapraRAT, is in constant development and has one goal: the theft of data from handsets. “This campaign furthers this targeting and their central goal of establishing long-term access for espionage,” the researchers say. “The use of multiple types of delivery vehicles and file formats indicates that the group is aggressively trying to infect their targets with their implants such as CrimsonRAT. Although not very sophisticated, this is an extremely motivated and persistent adversary that constantly evolves tactics to infect their targets.” Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

SBU
The Security Service of Ukraine (SBU) has destroyed five “enemy” bot farms engaged in activities to frighten Ukrainian citizens.  In a March 28 release, the SBU said that the bot farms had an overall capacity of at least 100,000 accounts spreading misinformation and fake news surrounding Russia’s invasion of Ukraine, which started on February 24 and has now lasted over a month.  According to the security service, the bot farms have “tried to inspire panic among Ukrainian citizens and destabilize the socio-political situation in various regions.” The SBU has accused Russia of operating the farms for conducting “large-scale information sabotage.” The farms were found in areas including Kharkiv, Cherkasy, Ternopil and Zakarpattia.  The bots used social media accounts to spread “distorted news” and propaganda related to the invasion.  SBU investigators raided several bot farms and seized items including over 100 GSM gateway devices, close to 10,000 SIM cards, laptops, and other computing equipment. Photos shared by the Ukrainian agency also appear to show the seizure of mobile phones, USB drives, and weaponry. 
SBU
However, investigators have not mentioned any arrests. Ukrinform reports that the country has launched a new fact-check bot, “Perevirka,” that citizens can use to identify fake online content.Ukraine has faced a barrage of cybersecurity incidents and breaches since the beginning of 2022, before the war began. This week, infrastructure belonging to the Ukrainian internet service provider (ISP) Ukrtelecom was the target of a cyberattack. For a time, connectivity collapsed to 13% of pre-invasion levels, but Ukrainian officials say the attack has since been “neutralized.”  Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

The Log4Shell vulnerability is being actively exploited to deliver backdoors and cryptocurrency miners to vulnerable VMware Horizon servers. On Tuesday, Sophos cybersecurity researchers said the attacks were first detected in mid-January and are ongoing. Not only are backdoors and cryptocurrency miners being deployed, but in addition, scripts are used to gather and steal device information. Log4Shell is a critical vulnerability in Apache Log4J Java logging library. The unauthenticated remote code execution (RCE) vulnerability was made public in December 2021 and is tracked as CVE-2021-44228 with a CVSS score of 10.0. Researchers have warned that Log4Shell is likely to continue for years, especially considering the bug’s simple exploitation. Microsoft previously detected Log4Shell attacks conducted by state-sponsored cybercriminals, but most appear to focus on cryptocurrency mining, ransomware, and bot activities. A patch was released in December 2021, but as is often the case with internet-facing servers, many systems have not been updated. According to Sophos, the latest Log4Shell attacks target unpatched VMware Horizon servers with three different backdoors and four cryptocurrency miners. The attackers behind the campaign are leveraging the bug to obtain access to vulnerable servers. Once they have infiltrated the system, Atera agent or Splashtop Streamer, two legitimate remote monitoring software packages, may be installed, with their purpose twisted into becoming backdoor surveillance tools.The other backdoor detected by Sophos is Silver, an open source offensive security implant released for use by pen testers and red teams. Sophos says that four miners are linked to this wave of attacks: z0Miner, JavaX miner, Jin, and Mimu, which mine for Monero (XMR). Previously, Trend Micro found z0Miner operators were exploiting the Atlassian Confluence RCE (CVE-2021-26084) for cryptojacking attacks.

A PowerShell URL connected to this both campaigns suggests there may also be a link, although that is uncertain. “While z0Miner, JavaX, and some other payloads were downloaded directly by the web shells used for initial compromise, the Jin bots were tied to the use of Sliver, and used the same wallets as Mimo — suggesting these three malware [strains] were used by the same actor,” the researchers say.In addition, the researchers uncovered evidence of reverse shell deployment designed to collect device and backup information. “Log4J is installed in hundreds of software products and many organizations may be unaware of the vulnerability lurking in within their infrastructure, particularly in commercial, open-source or custom software that doesn’t have regular security support,” commented Sean Gallagher, Sophos senior security researcher. “And while patching is vital, it won’t be enough if attackers have already been able to install a web shell or backdoor in the network.” Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Image: Asha Barbaschow/ZDNet
The federal government has released its 2022-23 federal Budget, containing a AU$9.9 billion kitty for bolstering cybersecurity and intelligence capabilities in the midst of a growing cyberthreat landscape around the world. The near-AU$10 billion will be spent across a decade under a program called Resilience, Effects, Defence, Space, Intelligence, Cyber and Enablers (REDSPICE). “This is the biggest ever investment in Australia’s cyber preparedness,” said Treasurer Josh Frydenburg, who announced the Budget on Tuesday night. Looking at how the federal government envisions the AU$9.9 billion will be spent, the Australian Signals Directorate (ASD) will be the biggest recipient of these funds. Over the next four years, the ASD will receive AU$4.2 billion to double its employee head count — amounting to 1,900 new jobs — triple its offensive cyber capabilities, double its cyber hunt and response activities as well as preserve its ability to deliver a “strategic advantage”. “The package will help ASD to keep pace with the rapid growth of cyber capabilities of potential adversaries, as well as being able to counter attack and protect our most critical systems,” according to Budget documents. REDSPICE will also provide funding for Australian industry and support new employment pathways through partnerships with educational institutions, particularly in the areas of data science and analysis, artificial intelligence, cybersecurity, and IT engineering.Prior to the federal government’s announcement of the AU$9 billion cybersecurity package, the Coalition had already conveyed a firm posture for ramping up cybersecurity. On Monday, Prime Minister Scott Morrison announced a new cyber and critical technology centre that would be set up within the Office of National Intelligence. “The multi-agency centre will ensure Australia, working with our allies, can better anticipate and capitalise on emerging technologies,” said Morrison, who spoke at an event commemorating the ANZUS Alliance’s 70th anniversary. “With challenging and changing geopolitical realities — where technological advantage for our intelligence agencies is more important than ever — Australia is, as always, stepping up to do more. We look to, but we never leave it to the United States.” Morrison on Friday called organisations to prioritise trust over costs and efficiency when it comes to data security. “I tell you particularly in a more troubled world, especially from a data security point of view, supply chains are frankly more about trust now than they even are about efficiency or cost,” the Prime Minister said at the opening of Macquarie Telecom’s new AU$85 million data centre in Sydney. Days prior to that, Home Affairs Minister Karen Andrews launched an Australian Federal Police-led (AFP) cybercrime centre to bolster the country’s cybercrime fighting efforts, which cost AU$89 million. While the AU$9 billion figure packs a punch, the federal government has not provided details of how it will assess the effectiveness of these newly announced cyber efforts. Read more: The disappointment of Australia’s 2020 cybersecurity strategy Just two years ago, the Coalition handed down its 2020 Cyber Security Strategy along with AU$1.35 billion to Australia’s security agencies for the program called the Cyber Enhanced Situational Awareness and Response (CESAR) package. Since CESAR’s rollout, however, there have been limited updates regarding the effectiveness of the program in stopping cyberthreats. More funding for Australia’s digital economy strategy The federal government has also introduced an incentive for small businesses, companies with less than AU$50 million in turnover, to up their technology investment. The incentive will allow small businesses to deduct an additional 20% of the cost incurred on business expenses and depreciating assets that support their digital adoption, such as portable payment devices, cybersecurity systems, or subscriptions to cloud-based services. “From tonight, every AU$100 these small businesses spend on digital technologies like cloud computing, eInvoicing, cyber security, and web design will see them get a AU$120 tax deduction. Investments of up to $100,000 per year will be supported by this new measure,” Frydenburg said. This year’s federal Budget also sees more funding put towards Australia’s Digital Economy Strategy, which received AU$1 billion in last year’s Budget, with another AU$130 million over four years to be allocated. Of that new amount, AU$38.4 million will be used to implement further Consumer Data Right measures, while AU$30.2 million will be spent on a fourth cyber hub within the Australian Taxation Office, AU$18.6 million will be put towards shaping global critical and emerging technology standards, and AU$13.6 million will be used for continuing the digitalisation of the transport sector. STEM development receives over AU$45 million Outside of cyber, the federal government has pledged AU$45.4 million over five years to support STEM development in Australia. This consists of AU$33.4 million to the National Measurement Institute to deliver essential measurement standards and services that underpin business continuity and international trade and AU$5.3 million to improve the National Science and Technology Council’s provision of science and technology advice to the federal government. In addition, AU$6.7 million of the STEM package will be used to extend support for the Women in STEM Ambassador and Superstars of STEM initiatives, which are both focused on raising the profile of Australian women in STEM. Continuing the women in STEM focus, the federal Budget has also allocated a separate AU$3.9 million over two years to support women shifting into digitally skilled roles. In partnership with industry, this initiative will provide mentoring and coaching to facilitate a mid-career transition into the ‘tech workforce’. The new STEM funding comes after the federal government on Monday announced it made good on one of its commitments from last year’s Budget, delivering AU$10.7 million for digital cadetships — 10 months after the cadetship initiative was announced. Rocket man gets more fuelAustralia’s space sector also saw a big injection in this year’s Budget, with the federal government allocating AU$1.3 billion, AU$38.8 million per year, to grow the sector. The majority of those funds, AU$1.2 billion, will be used to establish a National Space Mission for Earth Observation to secure access to key earth observation data streams, build Australia’s sovereign capability, and enter agreements with international partners including for the procurement and operation of Australian Satellite Cross-Calibration Radiometer satellites. The remaining amounts will be put towards setting the conditions for rocket launches from Australia, fast-tracking the launch of space assets, and planning and streamlining future space plans. The move builds on the federal government’s “mission to triple the size of the sector and create up to 20,000 new jobs by 2030”, a goal that was set out under the Australian Civil Space Strategy. Improving regional connectivity with another AU$1.3 billion Another big-ticket tech item in this year’s Budget is the AU$1.3 billion, to be allocated over six years, for improving regional telecommunications, including through providing greater mobile coverage and targeted solutions to address issues such as mobile congestion. The funding was provided as part of the government’s response to the Regional Telecommunications Review, which found NBN upgrades will widen the digital divide between rural and urban areas. Chief among the list of things that are part of the networking kitty is almost AU$815 million over five years to expand the mobile black spot, regional connectivity, and mobile network hardening programs. Meanwhile, AU$480 million of the AU$1.3 billion has been provided to the company responsible for running the NBN to upgrade its fixed wireless and satellite networks to improve services in regional, remote, and peri-urban Australia. The remaining amount will be used by Australia’s consumer watchdog to review mobile tower access fees. The rest of the techAddressing the floods across Australia’s eastern coast, the federal government announced it will implement a new cell broadcast messaging system, in collaboration with the state and territory governments, to ensure critical information can be provided to the Australian public concerning significant emergencies. The amount allocated to this new system was not disclosed. In terms of upping Australia’s privacy capabilities, AU$17 million over two years will be provided to support the Office of the Australian Information Commissioner in undertaking its privacy and regulatory functions, including in relation to social media and other online platforms. The information commissioner has been calling for more funding for years, having said during Senate Estimates earlier this year that it has been developing an increasing backlog of privacy complaints. For Australia’s eSafety agency, the federal government will invest AU$31.6 million over the next five years towards online safety initiatives as part of its new national plan to end violence against women and children. This includes over AU$27 million for the eSafety Commissioner to expand her office’s capabilities, which includes supporting victim‑survivors of technology-facilitated abuse. This funding was recommended by the parliamentary committee that ran Australia’s social media probe, which found social media companies were not doing enough to reduce online harm. The federal government has also provided an additional AU$96.8 million over four years for system upgrades to Australia’s health system. According to Budget documents, the upgrades will look to reduce manual processing and improve claim timeframes for patients and medical providers for Medicare services, the Pharmaceuticals Benefits Scheme, and other health-related payments. Australia’s flagship digital health initiative, My Health Record, also received more funding in this year’s Budget to the tune of AU$23.8 million over four years. This amount will be used to improve linkages with the My Health Record and provide additional funding to accredited practices for their provision of temporary telehealth services during the COVID-19 pandemic, and enable communities affected by natural disasters to access continued healthcare services via telehealth. At the end of last year, the federal government pledged over AU$100 million to make telehealth a permanent fixture within the country’s healthcare system. According to Budget documents, the federal government is also set to digitalise trust and beneficiary income reporting and processing as of mid-2024, which it said would give all trust tax return filers the option to lodge income tax returns electronically, increasing pre-filling and automating ATO assurance processes. Continuing with the ATO, the government has committed AU$6.6 million over the forward estimates period for the development of IT infrastructure required to allow the ATO to share single touch payroll data with state and territory Revenue Offices on an ongoing basis. The ATO’s patent box initiative, announced in last year’s Budget, has also received approval by the federal government to be expanded. As part of the expansion, the federal government will provide concessional tax treatment for corporate taxpayers who commercialise their eligible patents linked to approved agricultural and veterinary chemical products. “This measure is estimated to decrease receipts by AU$10 million, and increase payments by $13.4 million over the forward estimates period,” Budget documents say. Funding for the three ATO initiatives has already been provided by the federal government. For the ABS, AU$19.9 million over four years has been provided for the development of a new reporting application to enable businesses to submit surveys on business indicators directly through their accounting software. The Budget comes with the federal election looming in May, with the election for both houses set to be held by May 21 at the latest.  Updated at 9:11am, 30 March 2022 AEST: clarified the new 1,900 jobs from the REDSPICE program is part of the ASD doubling its headcount. Related Coverage More