The most alarming element of the multi-faceted cyber-attack launched on Australian organisations is the risk it poses to Australia’s critical infrastructure - the very services on which society depends including our water supply, power grids and telecommunications systems. Cyber-attacks on businesses are damaging enough, but the impacts of a successful attack on any of these critical services could be catastrophic, such as shutting down the electricity grid. Critical infrastructure often eludes the public’s attention as a major source of cyber risk, but it remains highly susceptible to targeted attacks, as past experience shows. Earlier this year Israel’s wastewater treatment plants suffered a series of co-ordinated attacks. Fortunately, there was no significant damage. In 2015 an attack on Ukraine’s power grid left 230,000 people without power for up to six hours. Today’s announcement by the Prime Minister illustrates the need for sophisticated cyber security practices, policies, and technology to protect our critical infrastructure. Australia cannot afford to suffer catastrophic damage to its critical infrastructure at the best of times, and thanks to COVID-19 these are far from the best of times.  Read Less