The extension of the ANZUS alliance into cyberspace in 2011 was aimed at cyber attacks from China, a new study says.

The Australia-US Ministerial (AUSMIN) meeting in San Francisco last September agreed to extend the ANZUS alliance into cyberspace, to address the threat of cyber attacks.

Under these new arrangements, Australia and the US will consult and determine appropriate options to address the threat of any cyber-attack that threatened the territorial integrity, political independence or security of either nation.

But just how that would work remains unclear, said Australian Strategic Policy Institute (ASPI) analyst Andrew Davies in one of a series of papers on the Australia-US cybersecurity agreement.

Dr Davies said there was a wide spectrum of possible cyber attacks – mounted by nation states, individuals or terrorist organisations – that could be aimed at civil, military or economic infrastructure.

Dr Davies said it could be that the AUSMIN announcement wasn’t intended to produce a practical operational doctrine, but rather send a message about what was regarded as acceptable behaviour in cyberspace.

‘In the ANZUS case, the intended recipient of any intended message is presumably China, and the message is that cyberattacks, while perhaps falling short of the seriousness of armed attack, are unacceptable and may attract a serious response,’ he said.

China is considered to have a significant capability to mount cyber attacks and is regularly blamed for cyber espionage aimed at Western military computer systems.

Dr Davies said a cyber attack would probably need to cause death or destruction to be used as justification for a military response.

‘In the case of the US or Australia, a plausible scenario is an attack on domestic infrastructure that’s coincident with a terrorist attack (or military operations elsewhere), with the aim of complicating the government’s response,’ he said.

‘But in either case, the response of the ANZUS allies would necessarily be to the attack in its entirety, not just the cyberattack.’

Dr Davies said the type of response would be tailored to the overall situation.

‘A missile down a smokestack might be a response to an attack that involves a cyber component, rather than to an isolated cyber incident,’ he said.