The advisory panel — led by Telstra chief executive Andy Penn — has also called for tougher legislative powers to enable security agencies to support the private sector against cyber attacks and less reliance on concentrated technology supply chains.

The expert panel report, released on Tuesday, urged the government to impose “clear consequences” against state-based actors and criminal outfits maliciously targeting Australians.

The report, which made 60 recommendations including 25 priority actions, comes amid accusations that China is actively waging “industrial-scale” mass cyber attacks against Australian interests and a global pushback against Huawei’s involvement in critical networks, including 5G.

In the panel’s advice to Home Affairs Minister Peter Dutton, the panel said enhanced law enforcement, diplomatic and economic sanctions, and public statements targeting nation-states should be considered a key objective for the government’s cyber security strategy.

Mr Dutton said that there was “no doubt the cyber threat landscape” was rapidly evolving, stressing the importance of governments and industry “working together” to protect Australians online. The cyber security strategy is expected to be finalised ahead of the October 6 budget,

The advisory panel, which met 13 times since November, includes Mr Penn, Tesla chair Robyn Denholm, former US Homeland Security secretary Kirstjen Nielsen, Vocus chair Bob Mansfield, NBN Co chief security officer Darren Kane and Northrop Grumman Australia chief executive Chris Deeble.

Ms Nielsen said while decisions to publicly link cyber ­attacks with state-based actors were “very complex”, there was a “right time and a right way in which to do it”.

She said the use of attribution, along with economic and diplomatic sanctions, were effective deterrents.

The former White House deputy chief of staff said Australian authorities should adopt a wholistic approach to understanding cyber security risks, suggesting governments were often best placed to provide situational awareness and the flow of information, including classified intelligence, to the private sector.

The panel told the government there was a need to better define “critical infrastructure and systems of national significance” and to use existing legislative and regulatory frameworks to provide “safe harbours” for companies in relation to information sharing.

“All levels of government should take steps to better protect public sector networks from cyber security threats. Government agencies should be required to achieve the same or higher levels of protection as privately owned critical infrastructure operators. Different levels of government should collaborate to share best practices and lessons learned,” the report said.

“On detection, recommen­dations include that government establish automated, real-time and bi-directional threat-sharing mechanisms between industry and government, beginning with critical infrastructure sectors.”

Mr Penn said the panel’s recommendations were “designed to create robust and adaptable defences able to evolve as threats evolve and technologies change”.

“Today, technology sits at the very heart of the lives of most Australians and increasingly shapes our economy, our society and our future.

“It is fast changing how we live, learn and work, and embracing our digital future will be central to our post-COVID-19 recovery and long-term competitiveness,” Mr Penn said.

“At the same time, we need to be alert to the fact this acceleration in the digital economy exposes us to a greater risk of cyber threats. We are seeing increased levels of malicious cyber activity, both state-based and criminal.”

The frequency of cyber crime and hacking has dramatically increased across the country during the COVID-19 pandemic and sparked concerns over Australia’s ability to defend itself as the digital economy expands.

Scott Morrison, who last month pledged “significant investment” to beef up Australia’s cyber security defences, recently unveiled a $1.35bn package significantly expanding the country’s cyber defence and intelligence warfare program.

The 10-year package included an army of 500 newly trained specialists tasked with protecting the country from attack and hunting down spies.

More related stories

Politics

Nat MP backs Canavan as leader who can call ‘bulls—t’ on Paris Agreement

Llew O’Brien has flagged his vote for Matt Canavan over David Littleproud, saying the Paris Agreement targets were ‘not in Australia’s interest’.

Read more

Inquirer

Why I changed my mind about quotas: ‘woman problem’ calls for compromise

Liberals face an existential choice: adapt – and bring in more women into positions of power – or perish as a political force.

Read more