Defending What Keeps the Country Connected

Australia's communications network is among the most distributed pieces of critical infrastructure in the country. Towers sit on hilltops, in paddocks, on rooftops, and along highways — thousands of individual assets spread across every climate zone, often hours from the nearest city, with little to no on-site security presence on any given day.

Your operations team knows the technical health of your network intimately. You know which towers are ageing, which circuits are load-heavy, and which regions are most exposed to weather events. But technical health is only half the picture. The threats your network faces today extend well beyond equipment faults. They come from people — and people leave a trail well before they act.

Open-source intelligence closes that gap. By continuously monitoring publicly available data across social media, forums, news sources, and threat feeds, CRIMP gives telecom security teams early visibility into threats that no monitoring system pointed at the tower itself can detect.

The earlier you see a threat, the more options you have to act on it.

Use Case 1: Protecting Towers from Physical Threats

Between 2020 and 2022, coordinated disinformation campaigns linking 5G infrastructure to health risks and COVID-19 drove a wave of tower arsons and vandalism across Australia, the UK, and Europe. In Australia alone, dozens of incidents were recorded — cables cut, equipment cabinets pried open, fires deliberately lit at tower bases. Many of those responsible made their intentions known online days or weeks before they acted. The posts, the group chats, the event coordination — all of it happened in public view.

The challenge for telecom operators wasn't a lack of physical evidence after the fact. It was that no one was watching for the warning signs before the fact. By the time a field technician discovered the damage, the window for prevention had closed entirely.

CRIMP monitors open-source data 24/7 against a watchlist of your assets, locations, and keywords. When someone posts threatening language about a tower in a particular suburb, shares a location pin of a facility, or references coordinating action against towers in a region, CRIMP flags it. The alert surfaces in real time, with the original source, the relevant entities involved, and a risk score that reflects severity and credibility. Link analysis maps relationships between individuals, groups, and locations — so if the same network of accounts has been active near multiple sites, your team sees that pattern immediately rather than treating each instance as unrelated.

From Detection to Law Enforcement

A single credible threat caught early — before a tower is set alight — averts days of outage, hundreds of thousands of dollars in equipment replacement, and the coordination cost of emergency response.

Use Case 2: Building a Live Understanding of Your Assets

Managing a distributed telecom network means maintaining awareness across thousands of assets spread across every geography in the country. Most incident management workflows are reactive: something goes wrong, a report comes in, a technician is dispatched. That process works for confirmed faults, but it tells you nothing about what is developing near your assets right now.

CRIMP monitors geospatial signals entering and exiting the boundaries of your defined asset areas on a 15-minute refresh cycle, and correlates them with online signals across social media, public forums, news sources, and dark web environments. That combination — physical presence data and online intelligence — is what turns isolated data points into an actionable picture.

One unexplained boundary event at a tower site is a low-priority notification. A pattern of boundary events across thirty sites in the same geography, correlated with a surge in relevant online activity, is an intelligence picture that demands an organised response. CRIMP enables your team to see that picture across the whole estate simultaneously, against the same thresholds, in the same interface.

The 6G Transition Window

Australia's 3G network was switched off in 2024. The 5G rollout — and with it, a wave of new tower sites and equipment installations — is still underway across regional Australia. And within the decade, a further generational transition to 6G is expected to begin. The Australian Government joined a multi-nation 6G research and development agreement in 2024 alongside the US, UK, Japan, South Korea, Canada, France, Finland, Sweden, and Czechia. The US has since declared 6G a national security priority. Australia's telcos are already planning the 5G Advanced phase that bridges the two generations.

Each generational transition is a security event — not just a technical one. New tower deployments mean new physical assets requiring protection during construction and commissioning. New equipment contracts mean new supply chain relationships and new vendor dependencies, at a moment when the national security implications of those choices are under active scrutiny. Former government cyber adviser Alastair MacGibbon has publicly warned that collaboration with certain vendors on 6G infrastructure could create “extraordinary and irreversible national security risks.”

SOCI Act Obligations

For telecom operators subject to the Security of Critical Infrastructure (SOCI) Act, the Critical Infrastructure Risk Management Program (CIRMP) requires documented risk management across physical security, cyber security, personnel, and supply chain hazards. The two use cases above each contribute to that program directly — one addressing the physical threat environment, one addressing the operational risk picture. CRIMP provides both the monitoring capability and the reporting outputs required to demonstrate compliance. The intelligence it generates does not require manual assembly into a compliant format; the record is built as a natural output of daily operations.