The way Scott Morrison revealed the latest cyber threat against Australia raised immediate fears of widespread attacks on critical systems.
So the Prime Minister soon faced questions over whether he was crying wolf when it emerged there was no single incident to trigger the alarm.
The companies that run the nation’s critical infrastructure – the banks, energy generators and others – did not report new attacks. No federal agency owned up to any intrusion in recent days.
What nobody said in public was the NSW government has seen significant attempts to hack its systems.
The threat is real and the source is known. China has been increasing its activity in this space this year. Morrison chose to call it out.
The increasing assertiveness from China is a factor. Beijing has put tariffs on Australian exports and warned students against travelling here, while at the same time fighting with India and alienating other countries in the region.
Morrison sees this as a shift by President Xi Jinping that needs a firm response because it is not justified by any Australian provocation. “Australia has done nothing to injure that partnership, nothing at all,” he said one week ago.
In this view of the world, Australian leaders have to respond more stridently when they see a rise in Chinese hacking.
The latest discussion of this threat began in a meeting of the national security committee of federal cabinet at 5.30pm on Thursday, which prompted Morrison to contact state premiers to arrange briefings on the problem.
Morrison also texted Labor leader Anthony Albanese that night, which led to a briefing on Friday morning for Labor frontbenchers Richard Marles, Penny Wong and Kristina Keneally.
Morrison delayed a flight to the Snowy Hydro project, where he was due to campaign for the Eden-Monaro byelection, in order to make a statement at 9am on Friday.
One expert said the growing scale of the Chinese intrusions into Australian systems suggested a “collection mission” to gather as much confidential information as possible from within governments and companies.
While the companies that sell tech security were quick to issue warnings in the wake of Morrison’s statement on Friday, it would be wrong to dismiss this as an imaginary problem or a political stunt.
The threat is likely to escalate and Australia will need to be better prepared. In a sense, this was a wake-up call for Morrison himself.
Morrison downgraded the position of cyber security minister after becoming leader but should restore that role to real seniority. As Labor cyber security spokesman Tim Watts has pointed out, too many government agencies still leave themselves exposed to attack.
The opportunity for change will come when the government releases its 2020 Cyber Security Strategy, a policy blueprint delayed by the pandemic. It cannot come soon enough.