# Divij Bhaw — Cybersecurity & Geopolitics Research > Evidence-based policy and technical analysis on Geo-Politics, Cybersecurity, and National Security. Research at the intersection of technology, policy, and society. ## Explore - [Research & Analysis](https://www.divsanalysis.com/research.md): All published research and analysis - [About](https://www.divsanalysis.com/about.md): Background and biography - [Contact](https://www.divsanalysis.com/contact.md): Contact information --- Source: https://www.divsanalysis.com/ --- # Divij Bhaw > Cybersecurity consultant Divij Bhaw is a [GIAC Certified Forensic Analyst ](https://www.giac.org/certifications/certified-forensic-analyst-gcfa)specialising in digital forensics and incident response. He works as a cybersecurity consultant developing bespoke adversarial cyber threat emulation exercises, with experience across both public and private sectors. Based in Perth, Western Australia, Bhaw serves as a Youth Advisor for the U.S. Consulate, supporting initiatives related to AUKUS, defence, and critical minerals supply chains. He has completed a Bachelor of Arts in Politics and International Relations at the University of Western Australia. His academic background and cybersecurity expertise enable him to tackle technical and strategic policy challenges. He is committed to advancing Australian national interests and strengthening resilience across the Indo-Pacific. His work focuses on supporting secure technological cooperation and strategic engagement in an increasingly contested regional security environment. --- Source: https://www.divsanalysis.com/about --- # Research & Analysis > Evidence-based research and analysis on cybersecurity, technology policy, and geopolitics. - [Can Computers Think? Connectionism and the Systematicity of Thought](https://www.divsanalysis.com/research/can-computers-think-connectionism-and-the-systematicity-of-thought.md): Can connectionist models of cognition, particularly artificial neural networks, explain the compositional nature of human thought, and what does this reveal about the debate over whether computers can replicate mental processes? — 2026-05-24 - [Harvest Now, Decrypt Later: Securing Sea Lines of Communication in the Era of Quantum-Enabled Espionage ](https://www.divsanalysis.com/research/harvest-now-decrypt-later-securing-sea-lines-of-communication-in-the-era-of-quantum-enabled.md): Australia’s national security is being undermined by concentrated undersea cable vulnerabilities and outdated cryptographic standards, making accelerated, mandatory adoption of post‑quantum cryptography essential to counter imminent “harvest‑now, decrypt‑later” espionage threats. — 2026-02-11 - [Trump’s Budget Cuts: Is America Ready for the Next Wave of Supply Chain Cyberattacks?](https://www.divsanalysis.com/research/trump-s-budget-cuts-is-america-ready-for-the-next-wave-of-supply-chain-cyberattacks.md): As cyber threats escalate, Trump’s proposed budget cuts to key cybersecurity agencies raise concerns about America’s readiness for the next wave of software supply chain attacks. This article explores the growing risks to critical infrastructure and the need for stronger cyber resilience. — 2025-05-23 - [Powering the Future: U.S.-Australia Cooperation in Clean Energy Storage](https://www.divsanalysis.com/research/clean-energy-supply-chains.md): Australia’s clean energy transition depends on stronger energy storage and diversified supply chains. Partnering with the U.S. on battery technology, renewable innovation, and local manufacturing can reduce reliance strengthen energy security, and support Net Zero goals. — 2024-08-24 --- Source: https://www.divsanalysis.com/research --- # Can Computers Think? Connectionism and the Systematicity of Thought **Published:** 2026-05-24 · **Author:** Divij Bhaw · **~10 min read** **Topics:** Technology , AI, Philosophy > Can connectionist models of cognition, particularly artificial neural networks, explain the compositional nature of human thought, and what does this reveal about the debate over whether computers can replicate mental processes? --- ### Introduction From a connectionist perspective, mental representations are understood as distributed patterns of activation across networks, where meaning emerges from the structure of these patterns rather than from discrete symbolic tokens (Buckner & Garson, 2025). A key challenge to this approach is the systematicity argument developed by Fodor and Pylyshyn (1988), which claims that human cognition is inherently structured and compositional. According to this view, the ability to entertain a given thought implies the capacity to entertain systematically related thoughts, suggesting an underlying symbolic architecture that classical models are better suited to explain. In response, Smolensky (1988) argues that connectionist systems can account for systematic and compositional properties without requiring explicit symbolic rules. He proposes that such structure can emerge from subsymbolic, distributed processes within neural networks. Together, these positions frame an ongoing debate over whether cognitive architecture is fundamentally symbolic or whether systematic cognition can be fully explained through connectionist mechanisms. ### What is Connectionism, ANN, and Systematicity? Within cognitive science, connectionism is a movement that leverages artificial neural networks (ANNs) to examine aspects of human cognition and intellectual abilities (Buckner & Garson, 1997). ANNs are computer systems inspired by early models of sensory processing in the brain (Krogh, 2008). Neural networks consist of a large number of interconnected units (nodes) arranged in structured layers that simulate simple neuron activity, akin to how the human brain processes data. These units are segregated into three classes: - Input nodes - Hidden nodes - Output nodes ![Neural Networks Architecture](https://cdn.sanity.io/images/prfa3qsc/production/41e83352d9342ccd5979a345a4f4297790a0a69c-1600x1008.png) *Neural Networks Architecture [source](https://www.geeksforgeeks.org/deep-learning/artificial-neural-networks-and-its-applications/)* ANN models compute outputs by taking data from other nodes or external sources via input nodes, weighting each input, and summing them to determine an output (Krogh, 2008). Outputs and patterns of activation are determined by the weights (connection strengths) between nodes. Representation in connectionism is distributed across patterns of activation across nodes, mathematically expressed as vectors of numbers that encode a system’s state (Buckner & Garson, 1997). In classic ANN models, if the total input exceeds a threshold, the output of the unit is one; otherwise, it is zero (Krogh, 2008). By applying algorithms that mimic processes of real neurons, ANNs “learn” to solve problems, often achieving results associated with human intellect (Krogh, 2008). Experiments using ANN models have demonstrated the ability to learn skills such as: - Facial recognition - Reading - Grammatical structure detection ANNs learn by adjusting their node weights using backpropagation to increase output accuracy. This involves: 1. Sending inputs forward to generate a prediction 1. Comparing the prediction with the correct answer 1. Calculating error 1. Modifying node weights to reduce error through gradient descent While ANN provides a computational framework for understanding cognitive processes, critics such as Fodor and Pylyshyn (1988) question whether these systems can capture the systematic structure of human cognition. Systematicity refers to the idea that if a mind can entertain structured thoughts composed according to certain rules, it can also entertain other closely related thoughts (Fodor & Pylyshyn, 1988). For example, if a person can understand: > “John loves Mary” they can also understand: > “Mary loves John” These related thoughts demonstrate that mental representations are composed of components (“John,” “Mary,” and “love”) that can be recombined in structured ways. Fodor and Pylyshyn argue that this reliable pairing of cognitive capacities reflects an underlying combinatorial structure rather than an accidental feature of cognition. ### Evaluating Fodor and Pylyshyn’s Systematicity Argument Fodor and Pylyshyn (1988) argue that ANNs lack the symbolic and syntactic architecture required to demonstrate systematicity of thought. They maintain that classical symbolic cognitive architecture is necessary to explain the core properties of human thought, and that connectionist models fail to replicate these properties independently. This supports the *Language of Thought* (LOT) hypothesis, which claims that cognitive processes operate on mental representations whose compositional relations generate meaning. According to Fodor and Pylyshyn (1988), classical models involve: - Combinatorial mental representations - Structure-sensitive mental processes Thrane (1988) defines symbolic representation as a relational process in which one entity (“A”) represents another (“B”) within a shared context. This generates mental representations expressed through symbols whose meanings derive from interpretation of external objects. Combinatorial mental representations are structured symbols whose meanings are determined by both semantic content and syntactic arrangement of constituent parts, much like sentences in a language (Fodor & Pylyshyn, 1988). Structure-sensitive mental processes are operations that depend on syntactic structure rather than overall similarity or patterns of activation. Together, these elements form the basis of the LOT hypothesis and explain how a finite set of symbols can generate an infinite number of thoughts. Fodor and Pylyshyn argue that connectionist models struggle because they lack this combinatorial structure. In connectionist systems: - Representations are distributed across nodes - Meaning arises from activation patterns rather than discrete symbolic parts As a result, ANN models struggle to explain why certain cognitive capacities necessarily co-occur. For example, if an ANN learns to represent: > “John loves Mary” it does not automatically follow that it can also represent: > “Mary loves John” unless it has been explicitly trained on that example. Each configuration must be learned as a distinct pattern rather than derived from shared structure. Fodor and Pylyshyn therefore argue that connectionist models treat representations as unstructured lists that cannot recombine shared components. Without language-like syntax, connectionist models struggle to distinguish representational roles and contents, resulting in an architecture that lacks the formal compositionality required for systematicity. ### Smolensky’s Counter to Fodor and Pylyshyn Smolensky (1988) rejects the claim that connectionist models cannot account for systematicity. Instead, he argues that systematicity can emerge from subsymbolic connectionist representations rather than symbolic ones. Subsymbolic representation refers to distributed encoding of knowledge across patterns of activation (Kelley, 2003). Information is not stored in any single location but distributed across network weights, allowing systems to function as autonomous learning systems operating in parallel. Rather than encoding explicit discrete items, subsymbolic models capture information implicitly through overall patterns of weighted connections that determine learned responses (Kelley, 2003). Smolensky argues that connectionist systems can encode symbols and roles within distributed structures that represent complex scenarios. ### Tensor-Product Variable Binding Smolensky (1990) proposed tensor-product variable binding (TPVB) as a mechanism through which connectionist models can encode structured symbolic information within subsymbolic representations. In TPVB frameworks: - Roles (subject, verb, object) are represented as vectors - Fillers (“John,” “Mary,” “love”) are also represented as vectors - These vectors are mathematically combined into structured bindings ![Tensor product representation of John loves Mary.](https://cdn.sanity.io/images/prfa3qsc/production/899d92fb8348a25d637eacc3b158def1ef13dd7b-3044x1092.png) *Tensor product representation of John loves Mary. [source](https://www.researchgate.net/figure/Tensor-product-representation-of-John-loves-Mary_fig1_215991898)* For example, in the sentence: > “John loves Mary” - “John” fills the subject role - “loves” is the verb - “Mary” fills the object role TPVB combines these role–filler relationships mathematically so that the system preserves relational structure. Through this strategy, connectionist systems can achieve systematicity because reassigning fillers to different roles, such as changing: > “[John] [loves] [Mary]” to: > “[Mary] [loves] [John]” requires only minor changes in vector bindings rather than entirely new symbolic rules (Cummins et al., 2001). Tensor-product representations represent a major theoretical advance because they demonstrate that connectionist systems can exhibit systematic behaviour without relying on language-like symbolic syntax. Smolensky further argues that compositional structure in cognition is inherently graded rather than perfectly discrete. According to this view: - Mental representations are approximations of underlying activation patterns - Symbols are emergent rather than fundamental - Systematicity arises through learned similarities in distributed representations rather than through an internal symbolic language. ### Conclusion Connectionism provides a framework for understanding cognition as emerging from distributed patterns of activation across neural networks. ANNs learn through backpropagation algorithms that enable them to analyse data and solve problems without explicit symbolic rules. However, Fodor and Pylyshyn (1988) argue that these systems cannot adequately explain the systematic and compositional structure of human cognition. Drawing on the Language of Thought hypothesis, they maintain that cognition requires classical symbolic architectures involving formal rule-based manipulation of representations. In their view, connectionist systems fail to explain why cognitive capacities occur in structured and interdependent clusters. Smolensky (1988), however, challenges this conclusion by arguing that systematicity can emerge from subsymbolic distributed representations. Through tensor-product variable binding, connectionist systems can encode roles and fillers within activation vectors while preserving relational structure without relying on symbolic syntax. Ultimately, the debate highlights a central question in cognitive science: > Is cognition fundamentally symbolic and rule-governed, or is it subsymbolic and emergent from neural network dynamics? ## Acronyms - **AI**: Artificial Intelligence - **ANN**: Artificial Neural Network - **LOT**: Language of Thought (hypothesis) - **NN**: Neural Network - **TPVB**: Tensor-Product Variable Binding ## References - Buckner, C., & Garson, J. (1997). Connectionism. - Cummins, R., Blackmon, J., Byrd, D., Poirier, P., Roth, M., & Schwarz, G. (2001). Systematicity and the Cognition of Structured Domains. The Journal of Philosophy, 98(4), 167–185. https://doi.org/10.2307/2678476 - Fodor, J. A., & Pylyshyn, Z. W. (1988). Connectionism and cognitive architecture: A critical analysis. Cognition, 28(1), 3–71. [https://doi.org/10.1016/0010-0277(88)90031-5](https://doi.org/10.1016/0010-0277(88)90031-5) - Kelley, T. D. (2003). Symbolic and Sub-Symbolic Representations in Computational Models of Human Cognition: What Can be Learned from Biology? Theory & Psychology, 13(6), 847–860. https://doi.org/10.1177/0959354303136005 - Krogh, A. (2008). What are artificial neural networks? Nature Biotechnology, 26(2), 195–197. https://doi.org/10.1038/nbt1386 - Smolensky, P. (1988). THE CONSTITUENT STRUCTURE OF CONNECTIONIST MENTAL STATES: A REPLY TO FODOR AND PYLYSHYN. The Southern Journal of Philosophy, 26(S1), 137–161. https://doi.org/10.1111/j.2041-6962.1988.tb00470.x - Thrane, T. (1988). Symbolic Representation and Natural Language. Nordic Journal of Linguistics, 11(1–2), 151–173. https://doi.org/10.1017/S0332586500001797 --- Source: https://www.divsanalysis.com/research/can-computers-think-connectionism-and-the-systematicity-of-thought --- # Harvest Now, Decrypt Later: Securing Sea Lines of Communication in the Era of Quantum-Enabled Espionage **Published:** 2026-02-11 · **Author:** Divij Bhaw · **~25 min read** **Topics:** Cybersecurity , Quantum, Intelligence, National Security > Australia’s national security is being undermined by concentrated undersea cable vulnerabilities and outdated cryptographic standards, making accelerated, mandatory adoption of post‑quantum cryptography essential to counter imminent “harvest‑now, decrypt‑later” espionage threats. --- ### Executive Summary Australia’s economic resilience and national security depend on the continuous operation of undersea cable infrastructure. Given that 90% of the nation’s undersea cable landing sites are concentrated in just two metropolitan areas, these systemic chokepoints have created vulnerabilities that could be exploited well before the onset of an open conflict. These risks are no longer theoretical. The Australian Security Intelligence Organisation has warned that the country is facing unprecedented levels of espionage and is nearing the threshold of high-impact sabotage. Disruption to this critical infrastructure would trigger cascading, economy-wide consequences and undermine Defence’s operational capability. People’s Republic of China-backed Advanced Persistent Threats (APTs) are actively seeking to pre-position cybersecurity vulnerabilities within the nation’s backhaul networks ahead of an anticipated crisis. Advancements in cryptographically relevant quantum computers (CRQCs) exacerbate this threat by undermining the encryption mechanisms that secure data transmitted over submarine cable networks. Harvest-now, decrypt-later” attacks mean that encrypted data intercepted today may be exposed as early as 2028. Zero-day exploits and rerouting-based cyberattacks enable adversaries to scale their espionage operations, with APTs already amassing large volumes of sensitive data in anticipation of emerging decryption capabilities. Delaying the transition to Post-Quantum Cryptography (PQC) directly undermines Australia’s national security posture by exposing critical assets and classified information to heightened quantum-enabled threats. Without stronger regulatory mandates and accelerated PQC migration timelines, Australia risks being caught flat-footed. ### Introduction Australia’s reliance on submarine cable infrastructure underpins its economic prosperity but also represents a growing strategic vulnerability. Carrying approximately 99% of the nation’s internet traffic,[1] these cable systems have grown in strategic importance as emerging quantum-enabled decryption capabilities have increased the value of data transiting undersea networks. Amid intensifying strategic competition and rapid technological change, Australia’s reliance on digital connectivity has made its maritime data arteries central to national security. Since 2021, intensified grey-zone activity targeting seabed infrastructure in the Indo-Pacific has raised regional concern.[2] However, Australia has yet to fully address the security challenges involved in protecting these vital networks.[3] State-sponsored cyber-espionage campaigns targeting its backhaul networks have heightened the risk of disruption, leaving governments, Australian businesses, and Defence particularly vulnerable. This analysis examines the strategic risks created by state-sponsored cyber actors targeting Australia’s undersea cable infrastructure, while highlighting the nation’s unpreparedness to respond to emerging quantum-related cyber threats. The paper will identify regulatory gaps within current cybersecurity frameworks that underpin critical services and Defence’s supply chains, as well as proposed solutions to safeguard critical assets from quantum-enabled espionage. ### Australia’s Growing Dependence on Submarine Cable Infrastructure Australian society is structurally dependent on digital connectivity, with subsea cable systems forming the backbone of operational continuity across all critical sectors.[4] Australian utility services (96.7%), transport and logistics (93.8%), communications (99.3%), healthcare (99%), and financial sectors (97.9%), all exhibit high levels of digital connectivity and are reliant on functioning telecommunication networks to operate.[5] These networks are vital to Australia’s rapidly expanding digital economy, which reached $158.9 billion in 2024, accounting for 6.3% of total gross value added (GVA).[6] Australia’s financial sectors rely on these cable networks to support essential electronic payment systems. The Reserve Bank Information and Transfer System (RITS) moves on average $300 billion each business day, equivalent to 11% of GDP.[7] Given the deep interdependence on digital connectivity, any disruptions to these sea lines of communication would pose substantial risks to Australia’s economic stability and national security. Disruptions can rapidly cascade across sectors, amplifying economic, social, and national security impacts through the loss of essential services.[8] ![Total Volume of Data Downloaded (2019–2024).](https://cdn.sanity.io/images/prfa3qsc/production/b2c8069ea1cad061e41cbc4f58e40c12ce5e79c3-1024x466.png) *Total Volume of Data Downloaded (2019–2024). [source](https://www.accc.gov.au/system/files/internet-activity-report-december2024_0.pdf)* Sustained growth in national internet usage underscores Australia’s reliance on undersea cable infrastructure. Over the past five years, bandwidth consumption has risen by 109 %, increasing from 6.9 million terabytes in early 2019 [9] to 14.4 million terabytes by late 2024.[10] The surge in bandwidth consumption has been largely driven by Australian organisations embracing Cloud Infrastructure as a Service (IaaS) offered by hyperscalers (Google, Meta, Microsoft, Amazon, Cloudflare).[11] These firms account for the vast majority of global bandwidth consumption, with content delivery and cloud networks alone generating roughly three-quarters of international demand.[12] Driven by low cost on-demand infrastructure provisioning, cloud adoption among Australian businesses has increased from 19.4% in 2014 to 55.4% by 2020.[13] As of 2022, approximately 59% of Australian businesses now utilise cloud technology.[14] This trend is likely to continue as rapid advancements in artificial intelligence and its integration into various sectors of the economy have intensified demand for high-capacity connectivity.[15] Although hyperscalers have delivered economical and accessible digital infrastructure, they have enabled the offshoring of sensitive data, heightening the risk of foreign jurisdiction access.[16] ### The Impact of Disruptions on Concentrated Data Flows Australia’s reliance on cloud centric infrastructure has created structural dependencies on concentrated data channels, heightening the nation’s exposure to foreign interference. Australia’s external connectivity relies on 18 international submarine cables, with approximately 90% of cable landing sites concentrated in two metropolitan regions.[17] Sydney, which hosts roughly 11 cables (60% of national capacity), serves as the nation’s primary connectivity hub, while Perth, with five cables (30%), functions as the gateway to the Indian Ocean and Asian regions.[18] The concentration of undersea cable infrastructure has created systemic vulnerabilities that adversaries are likely to exploit during periods of heightened tension.[19] Driven by intensifying great-power competition, the Australian Security Intelligence Organisation (ASIO) warns that the nation is experiencing “unprecedented levels of espionage” and is approaching “the threshold for high-impact sabotage”.[20] State-sponsored Advanced Persistent Threats (APTs) are actively seeking to pre-position vulnerabilities within critical infrastructure networks to enable persistent, covert access and facilitate future disruption of core functions.[21] ASIO’s impact modelling indicates that espionage enabled sabotage of critical infrastructure could impose economy-wide losses of up to $1.16 billion per incident.[22] State-backed disruption operations would severely undermine essential services, impacting government, industry, universities, and the wider community. ASIO’s assessment concludes that a week-long disruption to digital, technology intensive industries could incur economic losses of up to $5.93 billion.[23] Cumulative disruptions of digital and logistics systems would likely degrade the Australian Defence Force’s operational capability by constraining access to critical inputs (e.g., fuel, transport, data feeds, and materiel), creating supply-chain vulnerabilities that an adversary could exploit long before a conventional conflict fully unfolds.[24] ![Map of submarine cables landing in Australia. Source.](https://cdn.sanity.io/images/prfa3qsc/production/bc88eeab9e6ba175d7822de54cdd183310ade19d-1024x698.png) *Map of submarine cables landing in Australia. Source. [source](https://www.acma.gov.au/international-submarine-cables-landing-australia)* ### Compromised Cable Landing Stations: Routing and Zero-Day Exploits While intercepting data within the maritime domain remains difficult, cable landing stations (CLS) present a high-reward, low-cost target for APTs.[25] Submarine Line Terminal Equipment (SLTE) and Remote Network Management Systems (RNMS) notably face heightened disruption risks. Given that SLTEs aggregate massive data flows at a single, fragile junction, they are an attractive target for adversaries.[26] The limited number of SLTE/RNMS vendors, coupled with RNMS’s reliance on common operating systems (e.g., Linux, Windows NT), makes them particularly vulnerable to cyber intrusion.[27] People’s Republic of China (PRC)-linked APTs, such as Salt Typhoon and Volt Typhoon, have targeted major telecommunication providers and backbone infrastructure to facilitate large-scale data exfiltration.[28] The United States (U.S.) government’s assessments indicate that Volt Typhoon’s activities are not consistent with traditional cyber espionage operations and assess with high confidence that the APT group is pre-positioning initial access points ahead of an anticipated conflict.[29] These groups have experience utilising sophisticated techniques to bypass protective network segmentation boundaries and establish cross-segment persistence.[30] PRC-aligned APTs may attempt to compromise optical transport network devices (DWDM/OTN/ROADM control-planes), which converts undersea cable signals to terrestrial signals.[31] These systems provide the critical intermediate layer that links SLTEs to data centres and internet service providers.[32] Mercury ISS’s security audits of optical transport devices (Ciena Optical Multiservice Edge 6500) operating on the Southern Cross Cable Network identified outdated and vulnerable firmware components in use, including flaws that enable remote code execution (Log4Shell CVE-2021-44228).[33] Their assessment indicates that major telecom providers are still utilising unpatched 2017-era software.[34] Machine in the middle (MITM) or passive eavesdropping attack vectors targeting the optical transport layer would allow adversaries to block specific wavelengths or intercept data packages traversing through backhaul networks.[35] ![Front Haul Diagram of CLS architecture.](https://cdn.sanity.io/images/prfa3qsc/production/913b997816cd6fbb1d3b6d8713dfe89e8040c521-1024x576.jpg) *Front Haul Diagram of CLS architecture. [source](https://blog.equinix.com/blog/2024/10/15/what-is-a-cable-landing-station/)* By degrading CLS availability or exploiting upstream network vulnerabilities in the Border Gateway Protocol (BGP), the PRC has the capability to reroute undersea cable traffic towards its surveillance infrastructure. BGP determines how data packets are routed between CLS, selecting the most efficient path to their destination.[36] By manipulating BGP route announcements, particularly during periods of network instability, the PRC could covertly reroute Australian and regional transit internet traffic.[37] Rerouting attacks would enable adversaries to scale MITM interception and data exfiltration operations. This threat is well established. In 2016, malicious BGP announcements silently rerouted traffic from Canada to South Korean government websites through China for nearly six months, enabling sustained surveillance.[38] Similarly, in 2010, China Telecom briefly hijacked about 15% of global internet routes for roughly 18 minutes, likely exposing U.S. government and military-related traffic.[39] Mitigating or detecting stealthy BGP attacks at scale remains difficult, as the protocol is effectively trust-based and lacks universal, verifiable cryptographic validation.[40] The true scope of the risks involved remains unclear as the PRC is known to stockpile undisclosed “zero-day” vulnerabilities to strengthen its cyber capabilities.[41] China’s vulnerability-disclosure architecture systematically diverts newly discovered flaws away from public reporting.[42] The PRC mandates that new vulnerabilities must be reported to the Ministry of State Security (MSS) within 48 hours of being discovered, allowing Beijing to assess whether those exploits can be used against foreign targets.[43] Their offensive cyber capabilities operate under a “military–civil fusion” framework, where private and civilian industry cyber resources are integrated with intelligence and military agencies.[44] That arrangement allows APTs to embed supply chain vulnerabilities that can be strategically activated.[45] The Australian Government should invest in federally funded bug bounty programs to identify supply-chain weaknesses in critical infrastructure networks. This would bring Australia into alignment with the United States and the United Kingdom, which have adopted such programs to systematically identify and report vulnerabilities.[46] At a time of unprecedented espionage activity, any unaddressed weaknesses that allow critical systems to be compromised risk eroding allied confidence in the nation’s information security posture.[47] ### Harvest-Now, Decrypt-Later: Quantum Decryption Threat Concentrated data channels have enabled “harvest-now, decrypt-later” (HNDL) attacks, in which adversaries collect encrypted traffic today with the expectation that future cryptographically relevant quantum computers (CRQCs) will enable its decryption.[48] As CRQCs and quantum optimisation algorithms mature, sensitive data harvested through state-sponsored espionage campaigns may become accessible, particularly data transiting undersea cable networks or stored within large cloud service providers.[49] APT groups are already amassing large volumes of encrypted data in anticipation of these capabilities.[50] Modern systems rely on symmetric and asymmetric cryptographic schemes, most commonly the Advanced Encryption Standard (AES) for symmetric encryption and Rivest–Shamir–Adleman (RSA) for asymmetric encryption.[51] AES encryption is used for fast encryption of data at rest (such as files and disks), while RSA-2048 bit encryption is utilised for online communications, encrypted email, key exchange and financial transactions.[52] The security of these schemes depends on the assumed computational infeasibility of certain mathematical problems.[53] RSA is secure under the belief that integer factorization is computationally infeasible by traditional systems.[54] Classical computers would require on the order of hundreds of trillions of years to break RSA-2048.[55] However, sufficiently powerful quantum computers undermine these computational hardness assumptions that secure modern systems. CRQCs leverage quantum mechanics and quantum bits (qubits) to process information. Unlike conventional systems that utilise classical bits (0 or 1), Qubits exist in a probabilistic state that is simultaneously both 0 and 1.[56] This enables parallel computation, which allows CRQCs to solve complex mathematical problems exponentially faster than traditional computers.[57] Shor’s algorithm enables a sufficiently powerful quantum computer to solve these hardness assumption problems efficiently, rendering RSA-2048 and asymmetric based protocols vulnerable.[58] Symmetric encryption is not immune. Grover’s algorithm accelerates exhaustive key searches, reducing the cost of brute-force attacks and effectively halving the security of AES.[59] This is particularly alarming, as RSA-2048 underpins core authentication mechanisms and highly sensitive correspondence, while AES is trusted to safeguard classified data.[60] ![How does a harvest now, decrypt later attack work?](https://cdn.sanity.io/images/prfa3qsc/production/f1959042bb56c1a1950375b6a70bc4354544c8fb-1024x462.jpg) *How does a harvest now, decrypt later attack work? [source](https://www.paloaltonetworks.com/cyberpedia/harvest-now-decrypt-later-hndl)* In response, the U.S National Institute of Standards and Technology (NIST) has released Federal Information Processing Standards (FIPS) engineered to withstand attacks from quantum computers.[61] These post-quantum cryptography (PQC) standards are designed to secure a wide range of electronic information and enable organisations to begin transitioning away from quantum-vulnerable public-key cryptography.[62] The three finalised standards expected to see widespread adoption include FIPS 203 (ML-KEM) for general encryption, FIPS 204 (ML-DSA) for primary digital signatures, and FIPS 205 (SLH-DSA) as a hash-based backup digital signature scheme.[63] Major cloud providers including, AWS, Google Cloud, Microsoft Azure, and Cloudflare have already begun integrating PQC schemes ahead of NIST’s finalised standards.[64] To mitigate exposure to HNDL attacks, the Australian Government must work closely with hyperscalers to accelerate PQC adoption timelines, particularly across cloud services that underpin critical infrastructure. Hyperscalers and the Government should support PQC as the default configuration, strengthen organisational awareness of HNDL attacks, and accelerate migration pathways across the public and private sectors. ### Caught Flat-Footed, Accelerated Q-Day Timeline Advances in the maturity of quantum algorithms are accelerating the approach of “Q-Day,” the point at which quantum computers can break today’s public-key cryptography.[65] Publicly known improvements in quantum decryption optimisation have significantly reduced the resources required to break RSA-2048, indicating a growing and imminent threat. In 2012, estimates suggested such an attack would require around one billion physical qubits, placing it well beyond realistic feasibility.[66] By 2019, work by Gidney and Ekerå reduced the estimated RSA-2048 decryption requirement to roughly 20 million physical qubits (6,200 logical qubits) with an execution time of roughly eight hours, shifting the attack from infeasible to theoretically practical.[67] As of 2025, estimates from Google researcher Gidney indicate the same attack could be completed in under a week using fewer than one million physical qubits (1,400 logical qubits), a 95% reduction from his 2019 estimate.[68] Commercial CRQC roadmaps reinforce this trajectory. IonQ’s aggressive projections indicate that it aims to build systems capable of approximately 1,600 logical qubits by 2028,[69] while more conservative estimates by IBM place systems of around 2,000 logical qubits in the early 2030s.[70] This implies that “Q-Day” could become commercially feasible as early as 2028. The Australian Signals Directorate (ASD) recommends that organisations begin transitioning to PQC by 2028, prioritising critical systems and sensitive data.[71] By the end of 2030, organisations should have completed their PQC transition.[72] However, given the accelerating pace of CRQC development and the fact that HNDL activity is already occurring, these timelines are increasingly tight and may leave organisations exposed during the transition window. Accelerated PQC migration timelines are needed to mitigate immediate threats and avert irreversible long-term risks. Despite the imminent threat, only 5% of organisations consider it a near-term priority or have a defined PQC transition plan.[73] The CSIRO 2025 Quantum Readiness Survey shows Australia is profoundly unprepared for the post-quantum transition, with half of organisations unaware of ASD’s 2030 PQC deadline.[74] The study spanned critical sectors (telecoms, finance, energy/water, transport, health, and public administration/safety) that all report a lack of PQC awareness, leaving them exposed to HNDL attacks.[75] Over 70% of organisations are unaware of or unsure about the cryptographic shift itself, and 65.4% remain unsure or uncommitted to migration.[76] Fewer than 29% have taken any action, and just 3.8% have an allocated budget, leaving 77% with no funding, no plans, or no visibility at all.[77] ![ASD’s 2025 recommended PQC transition timeline. ](https://cdn.sanity.io/images/prfa3qsc/production/dec7383b434c0d0bc779d97b92a52b7b47b22781-990x692.jpg) *ASD’s 2025 recommended PQC transition timeline. [source](https://www.cyber.gov.au/business-government/secure-design/quantum/planning-for-post-quantum-cryptography)* ### Closing Regulatory Gaps to Mitigate HNDL Exposure The Australian Government must urgently address gaps within the Security of Critical Infrastructure (SOCI) Act 2018 and Defence Industry Security Program (DISP) to minimise exposure to HNDL risks. Under DISP, contractors must meet or exceed ASD Essential Eight Maturity Level 2 for all corporate ICT systems used for Defence correspondence.[78] However, the Essential Eight framework does not explicitly address HNDL risks or provide any guidance on PQC, which leaves a critical gap in protection against emerging cryptographic threats.[79] DISP allows entities that comply with other international security standards, such as ISO 27001:2022, to demonstrate compliance.[80] However, ISO/IEC 27001 Control 8.24 requires cryptography to be applied where risk warrants it, without prescribing specific algorithms or methods.[81] This means the current use of RSA remains acceptable, and there is no explicit regulatory pressure to transition to PQC. Organisations that store, process or transmit SECRET or TOP SECRET classified information must comply with the ASD Information Security Manual (ISM), as required by the Australian Government’s Protective Security Policy Framework (PSPF).[82] PQC is endorsed but not currently mandatory under the ISM and organisations are strongly encouraged to prepare for a 2030 PQC transition.[83] RSA remains an ASD-approved cryptographic algorithm under the ISM and may be used in accordance with approved key sizes.[84] Under PSPF Release 2025, the use of ASD-approved PQC algorithms is only mandatory for newly procured cryptographic equipment and software (PSPF Requirement 0212).[85] The PSPF and ISM do not mandate immediate PQC uplift for existing systems, provided those systems remain authorised and compliant with current ISM controls. In practice, organisations may achieve DISP and PSPF compliance while still relying on vulnerable cryptographic algorithms, introducing systemic risk across Defence’s supply chain. This exposes classified information, Defence research and development, and intelligence to heightened HNDL exposure. Defence must close this gap by embedding HNDL risk management and mandatory PQC transition planning into DISP to proactively mitigate CRQC threats across its supply chains. Under Part 2A of the SOCI Act, and pursuant to section 30AH, the Critical Infrastructure Risk Management Program (CIRMP) Rules require responsible entities to comply with subsection 8(4), including adoption of an approved cyber security framework such as ISO/IEC 27001:2015 or the ASD Essential Eight.[86] PQC was not a practical consideration in 2015 when ISO 27001:2015 was formalised, reflecting the threat landscape of that period rather than emerging quantum risks. Proposed enhancements to the CIRMP Rules, include the adoption of ISO/IEC 27001:2023.[87] However, neither the ASD Essential Eight nor ISO/IEC 27001:2023 mandates PQC or have HNDL mitigation strategies. As a result, entities are largely left to self-select controls, with minimal regulatory pressure to plan for quantum-era threats. The Australian Government must amend the CIRMP Rules to require ASD’s ISM as the baseline cybersecurity framework to ensure PQC resilience across its critical infrastructure and minimise the impact of PRC-enabled HNDL espionage campaigns. ### Policy Recommendations - Mandate post-quantum cryptography for all classified ICT systems under the Protective Security Policy Framework, explicitly including legacy systems to mitigate “harvest now, decrypt later” threats and protect critical assets. - Mandate compliance with the ASD Information Security Manual across the SOCI Critical Infrastructure Risk Management Program and the Defence Industry Security Program to safeguard classified information from quantum-enabled threats. - Strengthen partnerships with hyperscalers to accelerate post-quantum cryptography adoption among Australian businesses, bridging the transition gap ahead of 2028. - Take proactive measures by investing in federally backed vulnerability research and bug-bounty programs to systematically identify and remediate supply-chain weaknesses affecting critical infrastructure. ### Conclusion As great-power competition intensifies, rapid advances in quantum decryption leave Australian businesses and Defence’s supply chains increasingly vulnerable to Chinese-backed espionage campaigns. Current cybersecurity regulations entrench existing harvest-now, decrypt-later risks by allowing organisations to defer PQC transitions until 2030, leaving classified and sensitive information exposed. Organisations compliant with current cybersecurity frameworks remain vulnerable, as compressed Q-Day timelines could render intercepted encrypted data accessible as early as 2028. Immediate action is required to close existing cybersecurity gaps and apply regulatory pressure to drive PQC adoption, particularly among organisations subject to Protective Security Policy Framework, Defence Industry Security Program, and Security of Critical Infrastructure (Act) obligations. Given that 77% of Australian organisations lack awareness of the imminent quantum decryption threats, the Australian government must work with hyperscalers and cloud service providers to accelerate PQC adoption. The Australian government should invest in federally funded bug bounty programs to systematically identify and remediate cybersecurity supply-chain vulnerabilities. Without proactive cybersecurity measures, Australia risks eroding allied confidence in its information security posture and Defence’s operational readiness. ## Acronyms - **AES**: Advanced Encryption Standard - **APT**: Advanced Persistent Threat - **ASD**: Australian Signals Directorate - **ASIO**: Australian Security Intelligence Organisation - **AWS**: Amazon Web Services - **BGP**: Border Gateway Protocol - **CIRMP**: Critical Infrastructure Risk Management Program - **CLS**: Cable Landing Station - **CRQC**: Cryptographically Relevant Quantum Computer - **CSIRO**: Commonwealth Scientific and Industrial Research Organisation - **CVE**: Common Vulnerabilities and Exposures - **DISP**: Defence Industry Security Program - **DWDM**: Dense Wavelength Division Multiplexing - **FIPS**: U.S. Federal Information Processing Standards - **GDP**: Gross Domestic Product - **GVA**: Gross Value Added - **HNDL**: Harvest-Now, Decrypt-Later - **IaaS**: Infrastructure as a Service - **ICT**: Information and Communications Technology - **ISM**: Information Security Manual - **ISO**: International Organization for Standardization - **MITM**: Machine-in-the-Middle - **ML-DSA**: Module-Lattice Digital Signature Algorithm - **ML-KEM**: Module-Lattice Key Encapsulation Mechanism - **MSS**: Ministry of State Security (PRC) - **NIST**: National Institute of Standards and Technology - **OTN**: Optical Transport Network - **PQC**: Post-Quantum Cryptography - **PRC**: People's Republic of China - **PSPF**: Protective Security Policy Framework - **Q-Day**: Point at which quantum computers can break public-key cryptography - **RNMS**: Remote Network Management System - **ROADM**: Reconfigurable Optical Add-Drop Multiplexer - **RSA**: Rivest–Shamir–Adleman - **RITS**: Reserve Bank Information and Transfer System - **SLH-DSA**: Stateless Hash-Based Digital Signature Algorithm - **SLTE**: Submarine Line Terminal Equipment - **SOCI**: Security of Critical Infrastructure ## References - Andrew Horton, "The Achilles' Heel of a Digital Nation: Australia's Dependence on Subsea Cables," The Strategist (Australian Strategic Policy Institute), June 6, 2024, accessed November 24, 2025, https://www.aspistrategist.org.au/the-achilles-heel-of-a-digital-nation-australias-dependence-on-subsea-cables/. - Samuel Bashfield, "Defending Seabed Lines of Communication," Australian Journal of Maritime & Ocean Affairs 17, no. 4 (2025): 557–69, https://doi.org/10.1080/18366503.2024.2363607. - Bashfield, "Defending Seabed Lines of Communication." - Australian Government, Department of Home Affairs, Critical Infrastructure Security Centre, Critical Infrastructure Annual Risk Review 2025, 3rd ed. (Canberra, November 2025), accessed December 22, 2025, https://www.cisc.gov.au/resources-subsite/Documents/critical-infrastructure-annual-risk-review-2025.pdf. - Australian Bureau of Statistics, Characteristics of Australian Business, 2021–22: Table 1 – Use of Information Technology and the Internet by Businesses, 2021–22 (Catalogue no. 8167.0, DO 005), Excel file, 2023, accessed November 23, 2025, https://www.abs.gov.au/statistics/industry/technology-and-innovation/characteristics-australian-business/2021-22/81670DO005_202122.xlsx. - Australian Bureau of Statistics, Digital Activity in the Australian Economy: Table 1 – Share in Total Digital Activity Value Added (%), 2019–20 to 2023–24, Excel file, released October 24, 2025, https://www.abs.gov.au/statistics/economy/national-accounts/australian-national-accounts-supply-use-tables/latest-release#digital-activity-in-the-australian-economy. - Reserve Bank of Australia, "Non-cash Payments," Payments System, 2025, https://www.rba.gov.au/payments-and-infrastructure/payments-system.html#non_cash_payments. - Department of Home Affairs, Critical Infrastructure Annual Risk Review 2025. - Australian Competition and Consumer Commission, Internet Activity Report – December 2019 (Canberra: ACCC, April 2020), https://www.accc.gov.au/system/files/Internet%20Activity%20Report%20%28December%202019%29_2.pdf. - Australian Competition and Consumer Commission, Internet Activity Report: For the Period Ending 31 December 2024 (Canberra: ACCC, October 2025), https://www.accc.gov.au/system/files/internet-activity-report-december2024_0.pdf. - Henry McMillan et al., Head in the Cloud: Firm Performance and Cloud Service (Canberra: Productivity Commission, 2022). - Alan Mauldin, "International Bandwidth Demand Surpasses 6.4 Pbps," TeleGeography Blog, May 12, 2025, accessed November 24, 2025, https://blog.telegeography.com/used-international-bandwidth-reaches-new-heights. - McMillan et al., Head in the Cloud, 7. - Australian Bureau of Statistics, Characteristics of Australian Business, 2021–22 Financial Year (Canberra: ABS, 2023), https://www.abs.gov.au/statistics/industry/technology-and-innovation/characteristics-australian-business/latest-release. - Horton, "Achilles' Heel of a Digital Nation." - Australian Cybersecurity Magazine, "Data Beyond Borders—Australian Data Stored in Non-Australian Cloud Environments," October 28, 2024, https://australiancybersecuritymagazine.com.au/data-beyond-borders-australian-data-stored-in-non-australian-cloud-environments/. - TeleGeography, Australia: Submarine Cable Map, accessed November 25, 2025, https://www.submarinecablemap.com/country/australia. - TeleGeography, "Australia: Submarine Cable Map." - Jocelinn Kang and Jessie Jacob, "Connecting the Indo-Pacific: The Future of Subsea Cables" (2024). - Olivia Caisley, "Spy Chief Warns of China Espionage Threat to Business, Critical Infrastructure," ABC News, November 11, 2025, https://www.abc.net.au/news/2025-11-12/spy-chief-warns-of-china-espionage-threat-to-business/105999522. - Department of Home Affairs, Critical Infrastructure Annual Risk Review, 2nd ed. (Canberra, 2024), accessed December 7, 2025, https://www.cisc.gov.au/resources-subsite/Documents/critical-infrastructure-annual-risk-review-2024.pdf. - Anthony Morgan and Amelia Voce, The Cost of Espionage (Canberra: Australian Security Intelligence Organisation, 2025), https://www.aic.gov.au/publications/special/special-21. - Morgan and Voce, Cost of Espionage. - Benjamin Turnbull, "Cyber-Resilient Supply Chains: Mission Assurance in the Future Operating Environment," Australian Army Journal 14, no. 2 (2018): 41–56, https://search.informit.org/doi/10.3316/informit.344417545553155. - Zelie Petit, "Beneath NATO's Radars: Unaddressed Threats to Subsea Cables," Center for Strategic and International Studies (blog), December 2, 2024, https://www.csis.org/blogs/strategic-technologies-blog/beneath-natos-radars-unaddressed-threats-subsea-cables. - Petit, "Beneath NATO's Radars." - Justin Sherman, Cyber Defense across the Ocean Floor (Washington, DC: Atlantic Council, 2021). - Australian Cyber Security Centre, "Countering Chinese State-Sponsored Actors," August 28, 2025, https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/countering-chinese-state-sponsored-actors-compromise-of-networks-worldwide-to-feed-global-espionage-system. - U.S. Cybersecurity and Infrastructure Security Agency et al., "PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure," February 7, 2024, https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/prc-state-sponsored-actors-compromise-and-maintain-persistent-access-us-critical-infrastructure. - Infosecurity Magazine, "Chinese Espionage Targets VMware," July 25, 2025, https://www.infosecurity-magazine.com/news/chinese-espionage-targets-vmware/. - Submarine Networks, "Stations," accessed December 5, 2025, https://www.submarinenetworks.com/en/stations. - Submarine Networks, "Stations." - Mercury Information Security Services, Critical Links: Technical and Strategic Risk Assessment of Submarine Cable Infrastructure in the Pacific, version 2.0 (September 4, 2025), accessed December 3, 2025, https://mercuryiss.com.au/Submarine-Cable-Report. - Mercury Information Security Services, Critical Links. - Petit, "Beneath NATO's Radars." - Cloudflare, "What Is BGP? | BGP Routing Explained," accessed December 8, 2025, https://www.cloudflare.com/learning/security/glossary/what-is-bgp/. - Chris C. Demchak and Yuval Shavitt, "China's Maxim—Leave No Access Point Unexploited," Military Cyber Affairs 3, no. 1 (2018): 7. - Demchak and Shavitt, "China's Maxim." - Demchak and Shavitt, "China's Maxim." - Henry Birge-Lee, Maria Apostolaki, and Jennifer Rexford, "Global BGP Attacks that Evade Route Monitoring," arXiv (August 19, 2024), https://arxiv.org/abs/2408.09622. - Jasmine Latimore, "How China Is Using Network Vulnerabilities to Boost Its Cyber Capabilities," The Strategist, December 15, 2022, https://www.aspistrategist.org.au/how-china-is-using-network-vulnerabilities-to-boost-its-cyber-capabilities/. - Dakota Cary and Kristin Del Rosso, Sleight of Hand: How China Weaponizes Software Vulnerabilities (Washington, DC: Atlantic Council, September 6, 2023), https://www.atlanticcouncil.org/in-depth-research-reports/report/sleight-of-hand-how-china-weaponizes-software-vulnerability/. - Cary and Del Rosso, Sleight of Hand. - Peter Dohr, "China's Weaponization of Global Cyber Supply Chains," CSIS Strategic Technologies Blog, December 1, 2025, https://www.csis.org/blogs/strategic-technologies-blog/chinas-weaponization-global-cyber-supply-chains. - Dohr, "China's Weaponization of Global Cyber Supply Chains." - Adam Dobell and Ilona Cohen, "Australia's Cyber Strategy Needs a Vulnerability Disclosure Upgrade," The Strategist, April 9, 2025, https://www.aspistrategist.org.au/australias-cyber-strategy-needs-a-vulnerability-disclosure-upgrade/. - Dobell and Cohen, "Australia's Cyber Strategy Needs a Vulnerability Disclosure Upgrade." - Palo Alto Networks, "Harvest Now, Decrypt Later (HNDL): The Quantum-Era Threat," accessed December 11, 2025, https://www.paloaltonetworks.com.au/cyberpedia/harvest-now-decrypt-later-hndl. - Palo Alto Networks, "Harvest Now, Decrypt Later (HNDL)." - Joseph Federici, "Vying for Quantum Supremacy: US-China Competition in Quantum Technologies" (2025). - GeeksforGeeks, "Difference Between AES and RSA Encryption," last updated July 23, 2025, https://www.geeksforgeeks.org/computer-networks/difference-between-aes-and-rsa-encryption/. - GeeksforGeeks, "Difference Between AES and RSA Encryption." - Jonathan Katz and Yehuda Lindell, Introduction to Modern Cryptography (Boca Raton, FL: Chapman & Hall/CRC, 2007), chap. 8. - Katz and Lindell, Introduction to Modern Cryptography, 285–86. - QuintessenceLabs, "Breaking RSA Encryption—An Update on the State-of-the-Art," June 13, 2019, https://www.quintessencelabs.com/blog/breaking-rsa-encryption-update-state-art. - Federici, "Vying for Quantum Supremacy." - Federici, "Vying for Quantum Supremacy." - Paul Bagourd et al., "Practical Challenges in Executing Shor's Algorithm on Existing Quantum Platforms," arXiv (2025), arXiv:2512.15330. - Fortinet, "Understanding Shor's and Grover's Algorithms and Their Impact on Cybersecurity," accessed December 21, 2025, https://www.fortinet.com/resources/cyberglossary/shors-grovers-algorithms. - Australian Signals Directorate, "Guidelines for Cryptography," last updated December 4, 2025, https://www.cyber.gov.au/business-government/asds-cyber-security-frameworks/ism/cyber-security-guidelines/guidelines-for-cryptography. - National Institute of Standards and Technology, "NIST Releases First 3 Finalized Post-Quantum Encryption Standards," August 13, 2024, https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards. - NIST, "NIST Releases First 3 Finalized Post-Quantum Encryption Standards." - NIST, "NIST Releases First 3 Finalized Post-Quantum Encryption Standards." - George Lawton, "The Cloud's Role in PQC Migration," TechTarget, July 7, 2025, https://www.techtarget.com/searchcloudcomputing/tip/The-clouds-role-in-PQC-migration. - Palo Alto Networks, "What Is Q-Day, and How Far Away Is It—Really?" accessed December 21, 2025, https://www.paloaltonetworks.com.au/cyberpedia/what-is-q-day. - Austin G. Fowler et al., "Surface Codes: Towards Practical Large-Scale Quantum Computation," arXiv (2012), https://arxiv.org/abs/1208.0928. - Craig Gidney and Martin Ekerå, "How to Factor 2048-bit RSA Integers in 8 Hours Using 20 Million Noisy Qubits," Quantum 5 (2021): 433. - Craig Gidney, "How to Factor 2048-bit RSA Integers with Less than a Million Noisy Qubits," arXiv (May 21, 2025), arXiv:2505.15917. - IonQ, "IonQ's Accelerated Roadmap: Turning Quantum Ambition into Reality," June 13, 2025, https://www.ionq.com/blog/ionqs-accelerated-roadmap-turning-quantum-ambition-into-reality. - IBM Quantum, IBM Quantum Roadmap: Development and Innovation Roadmap Explainer (IBM Corporation, 2025), https://www.ibm.com/downloads/documents/us-en/1443d5cda24021e4. - Australian Signals Directorate, "Planning for Post-Quantum Cryptography," first published July 6, 2022, last updated September 22, 2025, https://www.cyber.gov.au/business-government/secure-design/planning-for-post-quantum-cryptography. - ASD, "Planning for Post-Quantum Cryptography." - ISACA, "Despite Rising Concerns, 95% of Organizations Lack a Quantum Computing Roadmap," press release, April 28, 2025, https://www.isaca.org/about-us/newsroom/press-releases/2025/organizations-lack-a-quantum-computing-roadmap-isaca-finds. - Mohan Baruwal Chhetri et al., Quantum Shift: How Are Australian Organisations Navigating the Quantum Frontier (2025). - Chhetri et al., Quantum Shift. - Chhetri et al., Quantum Shift. - Chhetri et al., Quantum Shift. - Australian Government, Department of Defence, "Eligibility and Suitability," Defence Industry Security Program, https://www.defence.gov.au/business-industry/industry-governance/industry-regulators/defence-industry-security-program/eligibility-suitability/. - Australian Cyber Security Centre, "Essential Eight Maturity Model," https://www.cyber.gov.au/business-government/asds-cyber-security-frameworks/essential-eight/essential-eight-maturity-model/. - Department of Defence, "Eligibility and Suitability." - International Organization for Standardization and International Electrotechnical Commission, ISO/IEC 27001:2022 (Geneva: ISO/IEC, 2022). - Australian Government, Department of Home Affairs, Protective Security Policy Framework: Release 2025 (Canberra, July 2025), https://www.protectivesecurity.gov.au/system/files/2025-07/pspf-release-2025.pdf. - Australian Signals Directorate, Information Security Manual (Canberra, December 2025), https://www.cyber.gov.au/sites/default/files/2025-12/Information%20security%20manual%20%28December%202025%29.pdf. - Australian Cyber Security Centre, Guidelines for Cryptography, Information Security Manual (December 2025), https://www.cyber.gov.au/sites/default/files/2025-12/22.%20ISM%20-%20Guidelines%20for%20cryptography%20%28December%202025%29.pdf. - Department of Home Affairs, Protective Security Policy Framework: Release 2025. - Cyber and Infrastructure Security Centre, Guidance for the Critical Infrastructure Risk Management Program (Canberra: Department of Home Affairs, March 2025), https://www.cisc.gov.au/resources-subsite/Documents/guidance-for-the-critical-infrastructure-risk-management-program.pdf. - Australian Government, Department of Home Affairs, Consultation Paper: Proposed Amendments to Enhance the CIRMP Rules (Canberra, December 9, 2025), https://www.homeaffairs.gov.au/how-to-engage-us-subsite/files/consultation-on-enhancements-to-cirmp-rules/consultation-paper-proposed-amendments-enhance-cirmp.pdf --- Source: https://www.divsanalysis.com/research/harvest-now-decrypt-later-securing-sea-lines-of-communication-in-the-era-of-quantum-enabled Also published at: https://www.homeaffairs.gov.au/how-to-engage-us-subsite/files/consultation-on-enhancements-to-cirmp-rules/uwa-defence-and-security-institute.pdf --- # Trump’s Budget Cuts: Is America Ready for the Next Wave of Supply Chain Cyberattacks? **Published:** 2025-05-23 · **Author:** Divij Bhaw · **~6 min read** **Topics:** Cybersecurity , Politics, National Security, Supply Chain > As cyber threats escalate, Trump’s proposed budget cuts to key cybersecurity agencies raise concerns about America’s readiness for the next wave of software supply chain attacks. This article explores the growing risks to critical infrastructure and the need for stronger cyber resilience. --- With President Trump’s politicised budget cuts aimed at domestic cyber security agencies and the rise of AI-enabled cyberattacks, the United States (U.S.) faces a critical moment in its approach to cyber defence. As the global cost of cybercrime is projected to rise to USD[ 18 trillion by 2030](https://www.expressvpn.com/blog/the-true-cost-of-cyber-attacks-in-2024-and-beyond/), the U.S. is no longer prepared to withstand the next wave of state-sponsored cyberattacks. ### **Rescinding Policies and Restructuring Cyber Security Agencies** Following Trump’s return to the White House, several executive orders aimed at securing [cyber security and AI safety](https://www.alstonprivacy.com/last-minute-biden-cybersecurity-and-artificial-intelligence-executive-orders-survive-initial-trump-revocations/) set out by the [Biden administration were rescinded](https://www.csis.org/analysis/trumps-moves-modernize-us-technology-policy). Furthermore, Trump has disbanded the Department of Homeland Security’s Cyber Safety Review Board (CSRB) and made [cuts to](https://www.cyberdaily.au/government/11638-trump-administration-halts-funding-of-bureau-of-cyberspace-and-digital-policy) the Bureau of Cyberspace and Digital Policy (CDP), while committing to reducing [the size and scope](https://www.politico.com/live-updates/2025/01/17/congress/noem-cisa-off-mission-00198949) of the Cybersecurity and Infrastructure Security Agency (CISA).Trump’s[ cost-cutting measures](https://www.csis.org/analysis/trumps-moves-modernize-us-technology-policy) have been justified as part of broader efforts to streamline government operations. However, these decisions have drawn[ strong criticism](https://www.cybersecuritydive.com/news/trump-scrutiny-cisa-cuts/744619/) from national security experts, who argue that such actions have significantly weakened the nation’s ability to respond to hostile cyber operations, especially following Defense Secretary Pete Hegseth's announcement to[ halt U.S. Cyber Command's](https://www.washingtonpost.com/national-security/2025/03/01/trump-putin-russia-cyber-offense-cisa/) offensive operations against Russia. Cyber security has historically enjoyed bipartisan support, with members agreeing on its importance to national security. Nonetheless, [critics argue](https://www.politico.com/news/2023/10/22/conservatives-cyber-cisa-politics-00122794) that Trump’s crackdown on cyber security agencies stems from his grievance over the perceived politicisation of misinformation management by CISA. The Trump administration has claimed that CISA’s efforts to combat misinformation [disproportionately affected conservative voices](https://www.nextgov.com/cybersecurity/2025/01/democrats-worry-over-trump-funding-priorities-cisas-disinfo-efforts/402434/?oref=ng-author-river) during the 2020 U.S. presidential election and the COVID-19 pandemic. In response, CISA has placed [several employees ](https://cyberscoop.com/cisa-misinformation-disinformation-administrative-leave/)on administrative leave, specifically targeting members of its misinformation subcommittee. The crackdown mirrors Trump’s firing of former [CISA director Christopher Krebs](https://www.bbc.com/news/world-us-canada-54982360), who refuted voter fraud claims and vouched for the integrity of the 2020 election. The politicisation and defunding of key cyber security agencies have significantly hindered efforts to investigate foreign interference. As a consequence, the CSRB has been forced to halt its inquiry into major security incidents, including the [Salt Typhoon](https://federalnewsnetwork.com/federal-newscast/2024/10/dhs-cyber-security-safety-review-board-to-examine-salt-typhoon-attack/) attack by Chinese state-sponsored hackers, who were responsible for [breaching at least nine](https://www.darkreading.com/cyberattacks-data-breaches/china-salt-typhoon-charter-windstream-telecom-victims) telecommunications networks. ### **Challenges in Securing Open-Source Software Amid Policy Shifts** The uncertainty surrounding the transitional period has impeded CISA's role in securing open-source software (OSS) [in operational technology](https://www.cisa.gov/topics/partnerships-and-collaboration/joint-cyber-defense-collaborative/Securing-Open-Source-software-in-operational-technology). OSS is the backbone of the digital economy, with [95 per cent of enterprises](https://www.openlogic.com/blog/state-of-open-source-report-key-insights) using open-source projects in some capacity. OSS supports critical technology and is essential for intelligence systems, military communications, logistics, [critical infrastructure](https://www.endorlabs.com/learn/the-governments-role-in-maintaining-open-source-security), and advancements in AI and machine learning. As large users of OSS, governments bear some responsibility for [supporting the OSS ecosystem](https://www.interface-eu.org/publications/fostering-open-source-software-security). For example, the recent [XZ backdoor incident](https://nvd.nist.gov/vuln/detail/CVE-2024-3094) serves as a wake-up call for regulators to reassess and strengthen security practices surrounding OSS. The backdoor nearly became one of the most significant intrusion enablers, potentially providing attackers with immediate access to [millions of critical computer systems](https://www.offsec.com/blog/xz-backdoor/) around the world. Such exploits are difficult to detect, and with the growing reliance on OSS, organisations are exposed to sophisticated attacks more than ever before. Navigating the OSS ecosystem poses a significant challenge for regulators, as vulnerabilities are often [hidden beneath layers of dependencies](https://www.atlanticcouncil.org/wp-content/uploads/2020/07/Breaking-trust-Shades-of-crisis-across-an-insecure-software-supply-chain.pdf). Moreover, attributing the origin and tradecraft of hackers is challenging, as skilled nation-state groups often mask their digital trails. ### **AI, Open-Source Security, and the Growing Cyber Threat Landscape** With industry embracing AI and open-source large language models (LLMs) in their operations, the role of cyber security regulatory bodies has become more important than ever before. The shock release of [DeepSeek ](https://www.bbc.com/news/articles/c5yv5976z9po)as China’s low-cost, open-source alternative to Western LLMs raises concerns about the future of AI supply chains. While businesses may be drawn to DeepSeek's cost efficiency, reliance on foreign AI providers carries long-term risks. Geopolitical tensions could lead to access restrictions, exposure to new attack vectors, compliance challenges, and [potential state-sponsored influence](https://www.armis.com/blog/deepseek-and-the-security-risks-part-i-low-cost-ai-disruption/). It remains unclear which cyber policies from the Biden Administration Trump will retain or discard going forward. Fluctuating government responses to LLM ecosystems and open-source regulatory requirements have created an opportunity for state actors to exploit the absence of enforcement mechanisms. Cyber policies protecting critical infrastructure, which have bipartisan support, are likely to endure. Yet the escalating risk surrounding software supply chain ecosystems, for example, underscores the urgent need for reforms in OSS security practices. ### **Strengthening Open-Source Security Through Collaboration** Collaboration between government and industry to reinforce open-source security is paramount. However, the politicisation of cyber security agencies creates vulnerabilities at a critical time. The U.S. risks falling behind in an evolving AI and cyber security arms race, leaving critical infrastructure vulnerable to sophisticated attacks. Stronger regulatory enforcement is needed, as weakening oversight of misinformation, AI, and software supply chains risks undermining the U.S.’s security posture. Supporting organisations such as the [Open Source Security Foundation (OpenSSF)](https://openssf.org/), [bug bounty programs](https://www.bugcrowd.com/blog/what-is-a-bug-bounty-program/), auditing OSS ecosystems, and mandating [dependency mapping](https://www.sonatype.com/blog/dependency-mapping-a-beginners-guide) for software vendors are essential steps in securing against software supply chain attacks. To safeguard national security, bipartisan support must be restored, and regulatory consistency for AI and OSS must be prioritised to maintain a resilient cyber security landscape. ## Acronyms - **AI**: Artificial Intelligence - **CDP**: Bureau of Cyberspace and Digital Policy - **CISA**: Cybersecurity and Infrastructure Security Agency - **CSRB**: Cyber Safety Review Board - **CVE**: Common Vulnerabilities and Exposures - **DHS**: Department of Homeland Security - **LLM**: Large Language Model - **OSS**: Open Source Software - **OT**: Operational Technology --- Source: https://www.divsanalysis.com/research/trump-s-budget-cuts-is-america-ready-for-the-next-wave-of-supply-chain-cyberattacks Also published at: https://www.youngausint.org.au/post/trump-s-budget-cuts-is-america-ready-for-the-next-wave-of-supply-chain-cyberattacks --- # Powering the Future: U.S.-Australia Cooperation in Clean Energy Storage **Published:** 2024-08-24 · **Author:** Divij Bhaw, Connor Clarke, Indigo Fairfield · **~11 min read** **Topics:** Clean energy, Critical minerals, Rare earth, Geopolitics > Australia’s clean energy transition depends on stronger energy storage and diversified supply chains. Partnering with the U.S. on battery technology, renewable innovation, and local manufacturing can reduce reliance strengthen energy security, and support Net Zero goals. --- ### Introduction Australia loses an estimated $9.3 billion annually due to insufficient clean energy storage.[1] Without effective storage systems, we risk wasting our vast clean energy resources during peak demand periods, which are crucial for a reliable and sustainable energy future. Australia’s reliance on China for much of the global renewable energy supply chain has raised concerns about energy security. To address this, Australia should strengthen its collaboration with the U.S. in developing advanced energy storage technologies, building on the recent U.S.-Australia Climate, Critical Minerals, and Clean Energy Transformation Compact. This partnership will support Australia’s energy transition goals and its commitment to achieving Net Zero emissions. Investments in storage technology are key to maximising clean energy use, reducing fossil fuel dependence, and building a more resilient energy infrastructure. ### China’s Dominance in Global Renewable Energy Supply Chains China continues to hold a dominant position in the global renewable energy market, particularly through its consolidation of manufacturing across various segments of the supply chain. This has resulted in a highly integrated solar photovoltaic (PV) and lithium-ion battery manufacturing industry. Over the past decade, China has controlled over 80% of all stages of PV manufacturing globally, from polysilicon and ingots to wafers, cells, and modules, with the Xinjiang province alone accounting for 40% of global polysilicon production.[2] Given China’s control over 87% of global lithium hydroxide and 66% of lithium carbonate supplies, critical components for battery manufacturing,[3] the significant jurisdictional and geographic concentration of production implies that potential disruptions from pandemics, natural disasters, technical failures, or political instability could severely impact global energy security and Australia’s clean energy goals.[4] With a focus on centralised manufacturing, China may impose trade restrictions on key material exports to maintain its competitive advantage, either in response to trade tensions or to prioritise domestic needs. In turn, the U.S. is expected to introduce tariffs to counteract risks associated with overcapacity and price depression caused by China’s policy-driven subsidies. These measures aim to counteract market distortions that undermine international competition.[5] To safeguard its renewable energy initiatives, Australia must diversify its solar and battery procurement strategy and reduce the risks associated with a heavily concentrated supply chain. The U.S. has acknowledged the need to adopt a set of tools to improve the resilience of its PV and lithium battery supply chain, including sourcing and processing critical minerals, through collaboration across the federal government, corporate stakeholders, the research community and international allies.[6] By working closely with Australia, which alone produces 52% of the world’s lithium,[7] the U.S. can develop a strong and self-sufficient clean energy sector, essential for more resilient supply chains, economic stability, and national security. ### Enhancing U.S.-Australia Collaboration in Clean Energy Storage Solutions There is a significant opportunity for impactful collaboration within the U.S.-Australia Alliance to enhance both countries’ clean energy storage capacity and capabilities through increasing U.S. investment in Australian battery solutions and enhancing bilateral technology exchanges and collaborative research and development efforts. The most significant barrier to Australia’s ability to secure a reliable, sovereign clean energy supply that can withstand environmental and geopolitical instability is its limited capacity to store the excess of clean energy it generates. Australia currently has an energy storage capacity of 3GW, with forecasts indicating that the country will require a minimum storage capacity of 22GW by 2030, and at least 49GW by 2050, to achieve its Net Zero target.[8] Australia is well positioned to be the primary partner of the U.S. in developing this capacity, due to both its supply of battery minerals and stable investment environment, and has demonstrated its commitment to enhancing its battery manufacturing industry through the release of the 2024 National Battery Strategy.[9] An example of the potential of this bilateral investment to create tangible change is the Hornsdale Power Reserve in South Australia. This 150-megawatt grid-connected battery, co-delivered by U.S. company Tesla, saved South Australian consumers over $150 million in its first two years of operation.[10] Since the establishment of the Hornsdale Power Reserve in 2017, the 2022 U.S. Inflation Reduction Act has created an enabling environment through which further U.S. investment in battery storage solutions can be facilitated, by incentivising the use of battery components from the United States and its allies.[11] U.S. decarbonisation company First Mode expanded its operations to Western Australia in 2022, and in 2024 exported its first Australian-built 264 kilowatt-hour battery to the U.S., where it will contribute to the decarbonisation of the U.S. mining and rail industry. The company credited Australia’s mining and engineering expertise, as well as the support and advocacy of the Australian Government, for its success, and will continue to operate from Perth and generate decarbonisation and battery solutions for both counties.[12] These examples illustrate that the Australian and U.S. Governments must continue to act to leverage the two countries’ complementary nature in the realm of battery storage solutions in pursuit of their shared objectives of establishing secure and resilient energy supply chains, and achieving Net Zero by 2050. ### Transitioning to Renewable Energy: Aligning Battery Technology With Clean Energy Sources To facilitate long-term supply chain resilience, a transition in battery technology must be aligned with a transition in energy sources, from the depletable to the renewable. Historically, Australia has been heavily reliant upon depletable energy sources including coal and imported oil, which, while providing a secure energy source, carries significant risks including; commercial instability, environmental impacts, and source dependency, all of which undermine Australia and the U.S.’ energy security.[13] Through a transition to renewable clean energy sources, Australia and the U.S.’ energy supply will be more resilient to external risk factors and more sustainable with secure, renewable sovereign energy sources. As of 2023, coal accounts for 46% of electricity generation in Australia with renewable energy sources accounting for 35% of total electricity generation. Of the 35%, solar and wind collectively contribute 28% of total generation.[14] This shift represents meaningful progress in Australia’s transition away from a coal-dominated energy system, driven by a growing commitment to sustainability and global climate obligations. In this regard, the Australia-United States Climate, Critical Minerals and Clean Energy Transformation Compact (The Compact) has been a key enabler in fostering collaborative efforts in clean energy development. The continuing success of this transition hinges on the two pillars of the Compact, namely coordinating supply chains and accelerating market development and investment to support the clean energy economy, as well as supporting climate mitigation, adaptation, and resilience in the Indo-Pacific and beyond. These pillars, alongside robust R&D to advance next-generation energy technologies, are essential for driving the long-term success of clean energy collaboration between Australia and the U.S. Further development in technologies such as offshore wind, advanced solar photovoltaics, and green hydrogen not only offer sustainable energy solutions but also reduce Australia’s reliance on imported energy resources. The shift away from coal and traditional energy sources must also be managed equitably, ensuring Australia’s First Nations peoples and Traditional Owners are active partners in the transition. Historically, First Nations peoples have not been participants in traditional energy generation processes, an imbalance that is being reflected in the renewable energy sector. To date, only about 1% of renewable energy projects in Australia involve First Nations equity, a stark contrast to Canada, where 20% of such projects include Indigenous ownership.[15] Initiatives like the First Nations Clean Energy Network are crucial in this context, providing a vital forum for promoting equitable participation of First Nations peoples in the energy transition. Noting large-scale energy diversification projects will take place across regional and remote Australia, there is the opportunity to ensure First Nations peoples are not only appropriately consulted but are also development partners, especially as native title rights and interests expand across Australia.[16] ### Conclusion To ensure a rapid transition towards renewable energy sources, Australia and the U.S. must continue to build upon the Compact. Though the Compact provides a clear high-level framework, there is a critical need to develop a detailed, cross-government renewable energy research, development and innovation strategy. This strategy should be crafted in partnership with First Nations stakeholders, ensuring their rights and interests are incorporated into the future development of sustainable energy projects. To ensure a rapid transition towards clean energy, Australia and the U.S. need to move from promoting the transition, to having a clear, public facing strategy to guide implementation. ### Recommendations 1. Enhance research and development (R&D) financing, supported by the U.S. Inflation Reduction Act (IRA), to expedite the development of next-generation renewable energy technologies, including offshore wind, advanced solar photovoltaics, and green hydrogen. 1. Develop a renewable energy grid storage strategy that incorporates domestic production of solar photovoltaics and lithium-ion batteries, aimed at reducing dependency on China-dominated supply chains and supporting Australia’s clean energy transition initiatives. 1. Subsidies for home battery storage systems and support for large grid-scale projects should also be considered in the renewable energy grid storage strategy to address Australia’s inadequate clean energy storage infrastructure. Federal assistance in this area is essential. 1. Develop a detailed, cross-government strategy for renewable energy research, development, and innovation. This strategy should be crafted in partnership with First Nations stakeholders, ensuring their rights and interests are integrated into future sustainable energy projects. ## Acronyms - **EV**: Electric Vehicle - **IRA**: Inflation Reduction Act - **PV**: Photovoltaic - **R&D**: Research and Development ## References - C. Duong, ‘Untapped solar rooftop potential costing Australian billions each year, new report finds’, *UNSW News*, 10 April 2024, [https://www.unsw.edu.au/newsroom/news/2024/04/Untapped-solar-rooftop-potential-costing-Australian-billions-each-year-new-report-finds](https://www.unsw.edu.au/newsroom/news/2024/04/Untapped-solar-rooftop-potential-costing-Australian-billions-each-year-new-report-finds) [accessed 6 September 2024]. - International Energy Agency, *Solar PV Global Supply Chains* (Paris: IEA, 2022) [https://www.iea.org/reports/solar-pv-global-supply-chains](https://www.iea.org/reports/solar-pv-global-supply-chains) [accessed 23 August 2024]. License: CC BY 4.0. - Department of Industry, Science, and Resources, *National Battery Strategy: Priority 3 - Strengthening Global Supply Chains*, [https://www.industry.gov.au/publications/national-battery-strategy/priority-3-global-supply-chains](https://www.industry.gov.au/publications/national-battery-strategy/priority-3-global-supply-chains) [accessed 24 August 2024]. - International Energy Agency, *Solar PV Global Supply Chains* (Paris: IEA, 2022) [https://www.iea.org/reports/solar-pv-global-supply-chains](https://www.iea.org/reports/solar-pv-global-supply-chains) [accessed 23 August 2024]. License: CC BY 4.0. - White House, ‘Fact Sheet: President Biden Takes Action to Protect American Workers and Businesses from China’s Unfair Trade Practices’, *The White House*, 14 May 2024, [https://www.whitehouse.gov/briefing-room/statements-releases/2024/05/14/fact-sheet-president-biden-takes-action-to-protect-american-workers-and-businesses-from-chinas-unfair-trade-practices](https://www.whitehouse.gov/briefing-room/statements-releases/2024/05/14/fact-sheet-president-biden-takes-action-to-protect-american-workers-and-businesses-from-chinas-unfair-trade-practices) [accessed 25 August 2024]. - White House, *Building Resilient Supply Chains, Revitalizing American Manufacturing, and Fostering Broad-Based Growth: 100-Day Reviews under Executive Order 14017* (Washington D.C., June 2021) [https://www.whitehouse.gov/wp-content/uploads/2021/06/100-day-supply-chain-review-report.pdf](https://www.whitehouse.gov/wp-content/uploads/2021/06/100-day-supply-chain-review-report.pdf) [accessed 25 August 2024]. - World Economic Forum, ‘Chart: Which Countries Produce the Most Lithium?’, *World Economic Forum*, January 2023, [https://www.weforum.org/agenda/2023/01/chart-countries-produce-lithium-world/](https://www.weforum.org/agenda/2023/01/chart-countries-produce-lithium-world/) [accessed 25 August 2024]. - T. Monaghan, ‘Battery Storage: Australia’s Current Climate’, *Australian Energy Council*, 2024, [https://www.energycouncil.com.au/analysis/battery-storage-australia-s-current-climate](https://www.energycouncil.com.au/analysis/battery-storage-australia-s-current-climate) [accessed 27 August 2024]. - Department of Industry, Science, and Resources, *Charging Australia’s Renewable Future through the National Battery Strategy* (2024), [https://www.industry.gov.au/news/charging-australias-renewable-future-through-national-battery-strategy](https://www.industry.gov.au/news/charging-australias-renewable-future-through-national-battery-strategy) [accessed 26 August 2024]. - Hornsdale Power Reserve, *South Australia’s Big Battery* (2024), [https://hornsdalepowerreserve.com.au/](https://hornsdalepowerreserve.com.au/) [accessed 26 August 2024]. - White House, ‘Fact Sheet: Biden-Harris Administration Driving U.S. Battery Manufacturing and Good-Paying Jobs’, *The White House*, 2022, [https://www.whitehouse.gov/briefing-room/statements-releases/2022/10/19/fact-sheet-biden-harris-administration-driving-u-s-battery-manufacturing-and-good-paying-jobs](https://www.whitehouse.gov/briefing-room/statements-releases/2022/10/19/fact-sheet-biden-harris-administration-driving-u-s-battery-manufacturing-and-good-paying-jobs) [accessed 27 August 2024]. - Austrade International, ‘Australian Expertise Helps First Mode Transition Miners to Zero-Emission Trucks’, *Austrade International*, 2024, [https://international.austrade.gov.au/en/news-and-analysis/success-stories/australian-expertise-helps-first-mode-transition-miners-to-zero-emission-trucks](https://international.austrade.gov.au/en/news-and-analysis/success-stories/australian-expertise-helps-first-mode-transition-miners-to-zero-emission-trucks) [accessed 26 August 2024]. - Global Energy Network Institute, *Australia* (2002), [http://geni.org/globalenergy/library/national_energy_grid/australia/AustraliaCountryAnalysisBrief.shtml](http://geni.org/globalenergy/library/national_energy_grid/australia/AustraliaCountryAnalysisBrief.shtml) [accessed 1 October 2024]. - Department of Climate Change, Energy, the Environment and Water, *Electricity Generation* (2023), [https://www.energy.gov.au/energy-data/australian-energy-statistics/electricity-generation#:~:text=Fossil%20fuel%20sources%20contributed%2065,continued%20its%20long%2Dterm%20decline](https://www.energy.gov.au/energy-data/australian-energy-statistics/electricity-generation#:~:text=Fossil%20fuel%20sources%20contributed%2065,continued%20its%20long%2Dterm%20decline) [accessed 26 August 2024]. - C. Bowen, *Speech to National Press Club, Canberra ACT* (2024), [https://minister.dcceew.gov.au/bowen/speeches/speech-national-press-club-canberra-act](https://minister.dcceew.gov.au/bowen/speeches/speech-national-press-club-canberra-act) [accessed 1 October 2024]. - First Nations Clean Energy Network, *Western Australia Policy Overview: First Nations and Clean Energy* (2023), [https://www.firstnationscleanenergy.org.au/western_australia_policy_overview_first_nations_and_clean_energy](https://www.firstnationscleanenergy.org.au/western_australia_policy_overview_first_nations_and_clean_energy) [accessed 26 August 2024]. --- Source: https://www.divsanalysis.com/research/clean-energy-supply-chains Also published at: https://cdn.sanity.io/files/prfa3qsc/production/4748e37f9f5e8b86e51c92221f1c5e711ef6b7d5.pdf --- # Contact > Get in touch with Divij Bhaw — cybersecurity consultant and researcher. **Divij Bhaw** — Cybersecurity Consultant Email: [contact@divsanalysis.com](mailto:contact@divsanalysis.com) --- Source: https://www.divsanalysis.com/contact