Australian-made software should now be considered a supply chain security threat as a result of the recently passed Assistance and Access Bill (“AA Bill”), which lets the government force Australian software developers to insert backdoors in secret without telling their employer, experts say.
The controversial bill has made waves in Australia, where the local IT industry fears the new law will destroy the growing tech sector in that country. “Australian developers should now be treated with suspicion just like the Chinese,” Alfie John, a security engineer in Australia, tells CSO. “The Australian government want to recruit average IT workers as spies…but the target isn’t a terror organization or an international crime gang. It’s the company they work for. But if they refuse or tell someone about it, they can face jail time. We are essentially spies not by choice [but] with guns to our heads.”
Any software developer under Australian jurisdiction could be forced to comply with such an order, including remote employees, branch office employees, open source contributors, plus any Australian software developers in the US who might want to return home someday.