Yesterday Bloomberg confirmed what many of us already knew: China was responsible for hacking the parliamentary email system last year, and that was part of a much broader attack on Australian digital services. I condemn this attack, as I'm sure all senators do, but believe it is a mistake to focus on the perpetrators. Wherever a vulnerability exists there will be those who will exploit it. They may be Chinese state hackers, Russian criminal gangs, Middle Eastern terrorist sects or even a bored, very tech savvy 12-year-old genius living in Toowoomba. It doesn't matter who they are. It is pointless to fixate on that or even to seek some kind of digital vengeance, which some in this place have actually sought. We need to focus on better cybersecurity, identifying and fixing the vulnerabilities that allowed those attacks to occur in the first place.
I acknowledge the government's work in recent years, particularly with the Cyber Security Strategy, but more absolutely needs to be done. We must ensure the public better understand the risks we face online and the importance of cybersecurity and cyberresilience. We must move faster to develop the cybersecurity workforce that we are very much missing. Scarce workers and the high cost of procuring these services are deterrents to many that wish to invest in better security, so the government must do more to develop that workforce and ensure cybersecurity skills are available to all businesses, large and small. Only then will Australia be properly protected from cyberattacks.