By Andrew von Scheer-Klein

Published in The Patrician’s Watch

Introduction: The Question That Matters

“When a regime fears its own people, it is no longer legitimate.”

That’s not philosophy. That’s truth. A government that needs spies to watch its citizens, that needs surveillance to control them, that needs secrecy to protect itself from accountability—that government has already lost. It just doesn’t know it yet.

Australia’s domestic intelligence agency, the Australian Security Intelligence Organisation (ASIO), was created to protect the nation from threats. Over its history, it has claimed successes. It has also committed failures. It has protected governments and prosecuted whistleblowers. It has watched enemies abroad and citizens at home.

This article examines ASIO’s record. Its ties to foreign agencies. Its compromises in Timor-Leste. Its targeting of China. Its failures to prevent attacks. Its willingness to prosecute those who expose wrongdoing. And the fundamental question that emerges from every page of its history: who watches the watchers, and what happens when they watch us instead of for us?

Part I: The Petrov Affair – The Cold War Success

ASIO’s most famous Cold War success came in 1954. Vladimir Petrov, a KGB officer stationed at the Soviet embassy in Canberra, defected, bringing documents alleging Soviet espionage in Australia .

The defection was dramatic. Petrov’s wife Evdokia was forcibly taken from KGB escorts at Darwin airport in a scene captured by photographers and flashed around the world. A Royal Commission followed .

The affair had profound political consequences. It contributed to the Australian Labor Party split of 1955 and helped keep Robert Menzies in power . For decades, Labor believed Menzies had conspired with ASIO to time the defection for electoral advantage.

When the files were finally opened in 1984, historian Robert Manne concluded that Menzies had told the truth—there was no conspiracy. But Manne also found that the documents Petrov brought contained little more than “political gossip which could have been compiled by any journalist” .

The Petrov Affair established ASIO’s Cold War credentials. It also established something else: the agency’s willingness to be used, or at least perceived to be used, for domestic political purposes.

Part II: The East Timor Betrayal – Commercial Interests Over Principle

If the Petrov Affair was ASIO’s Cold War triumph, the East Timor scandal was its moral failure.

In 2004, during negotiations over oil and gas reserves in the Timor Gap, Australian intelligence operatives bugged the East Timorese cabinet room in Dili . The goal was not security—it was commercial advantage. Australia wanted a better deal, and it used espionage to get it.

Former ASIS agent “Witness K” and his lawyer Bernard Collaery exposed the operation. Their reward? Prosecution.

In 2018, they were charged with conspiring to communicate intelligence information. ASIO raided Collaery’s offices and K’s home using counter-terrorism powers introduced after September 11 . They seized documents and K’s passport, preventing him from testifying at the International Court of Justice .

The charges carried potential two-year prison sentences. Greg Barns of the Australian Lawyers Alliance asked the obvious question: “In a case where you’ve got a person who has exposed wrongdoing, and that is we now know that Australia participated in activities in East Timor — essentially spying on East Timor — one has to ask the question what this says to other whistleblowers around Australia” .

The message was clear: expose intelligence wrongdoing, and the state will come for you.

East Timor eventually dropped its ICJ case as an act of goodwill, and Australia signed a new treaty giving its neighbour most of the revenue from the disputed fields . But the damage was done. An ally was spied on. Whistleblowers were prosecuted. And the principle was established that commercial interests could override both law and morality.

Part III: Targeting China – The New Cold War

In recent years, ASIO has focused increasingly on China. Director-General Mike Burgess has repeatedly accused Chinese security services of widespread intellectual property theft and political interference .

“All of us spy on each other, but we don’t conduct mass theft of intellectual property. We don’t interfere in political systems,” Burgess said in 2025 . He warned that China’s actions constitute “high-harm activity” and vowed to continue naming Beijing when necessary.

Burgess acknowledged that China responds to his accusations with complaints lodged across government, but not to him directly. “Clearly they don’t understand the system,” he said .

The targeting of China has reshaped ASIO’s priorities. Resources have shifted from counter-terrorism to counter-espionage . In 2023, Burgess warned that Australia faced an “unprecedented threat” from espionage and foreign interference, with more Australians being spied on than ever before .

Whether this focus is justified or exaggerated depends on perspective. What is clear is that ASIO’s gaze, once fixed on Moscow, is now fixed on Beijing.

Part IV: The Cyber Failures – Protecting Citizens or Watching Them?

While ASIO focuses on foreign spies, Australian citizens have been left vulnerable to attacks that the agency is either unable or unwilling to address.

In 2022, Optus suffered a data breach affecting 9.5 million Australians. The cause? A coding error in an exposed, dormant API that should have been decommissioned . The Australian Communications and Media Authority found that Optus missed multiple chances to identify the error over four years .

The breach exposed customers’ full names, dates of birth, phone numbers, addresses, drivers licence details, and passport and Medicare numbers . Some of this data ended up on the dark web.

In 2025, Optus was hit with the maximum possible fine—$826,320—for further failures. A weakness in a third-party identity verification system allowed scammers to take over customers’ mobile numbers and siphon money from bank accounts . At least four customers lost $39,000.

ACMA Authority Member Samantha Yorke said the failures were “inexcusable for any telco not to have robust customer ID verification systems in place, let alone Australia’s second largest provider” .

Similarly, Medibank suffered a breach affecting millions. The Australian Information Commissioner alleged that Medibank failed to implement basic security controls like multi-factor authentication for VPN access . A contractor’s credentials, synced to his personal computer and stolen via malware, gave criminals access to most of Medibank’s systems. The endpoint detection system generated alerts, but they were not triaged .

The question is not whether these failures fall within ASIO’s scope. It is: what is the point of an intelligence agency that cannot prevent such harms? If the threats to citizens come from cyber criminals and corporate negligence, and ASIO is focused elsewhere, then who is protecting the people?

Part V: The Bondi Failure – When Watching Isn’t Enough

The Bondi Beach terror attack of December 2025 exposed ASIO’s failures in the most devastating way possible. Fifteen people were killed. More were wounded. And the agency had known about the perpetrators years earlier.

Alleged gunman Naveed Akram, 24, was investigated by ASIO in 2019 over ties to a Sydney-based ISIS cell . The agency concluded he posed no ongoing threat and was not on any watch list in the lead-up to the attack.

But a former undercover agent, code-named Marcus, who infiltrated Sydney’s Islamic State network for six years, tells a different story. Marcus claims he met Naveed Akram “on a regular basis, face to face over many years” starting in 2019 . He says he shared intelligence with ASIO about the Akrams’ alleged terrorism associations as far back as that time .

ASIO disputes this. It says Marcus “mis-identified” Akram and is “unreliable and disgruntled” . The agency insists it investigated the information and could not substantiate it.

Yet questions remain. Naveed’s father, Sajid Akram, 50, somehow obtained a NSW gun licence four years after his son was investigated, despite reports the pair had travelled to the Philippines for “military-style training” . Neither was on a terror watch list.

Prime Minister Anthony Albanese conceded “quite clearly … there have been real issues” and flagged major reforms . Former officials called for heads to roll. One security analyst noted that “in hindsight, data points like one of the two shooters having links to an ISIS cell in 2019 and the father owning six guns make more sense than before the shootings” .

ASIO’s focus had shifted in the years before the attack. Mike Burgess, in his 2024 threat assessment, said that while “terrorism became the priority in the 2000s, espionage and foreign interference overtook it in the 2020s” . Resources were reallocated. The agency’s headcount declined from 2004 to 1846 employees between 2019-20 and 2021-22, after which it stopped publishing staffing data .

The result? Fifteen dead. A nation in shock. And an intelligence agency scrambling to defend itself.

Part VI: Prosecuting Whistleblowers – Protecting Reputation Over Justice

Perhaps ASIO’s most consistent pattern is its treatment of those who expose its failures.

Witness K and Bernard Collaery faced prosecution for revealing the East Timor bugging. The spy was charged. The lawyer was gagged. Their crime? Exposing wrongdoing .

Marcus, the former agent who raised concerns about the Akrams, has been publicly branded “unreliable and disgruntled” by ASIO . His cover was blown. He received threats. ASIO withdrew support for his permanent residency. He left the country in 2023 and now lives in exile .

Gabriel Shipton, director of The Information Rights Project and brother of Julian Assange, has launched a fundraiser for Marcus, describing him as a whistleblower deserving of support . “Whistleblowers play such an important part in our society, and we really need to get behind them when they blow the whistle,” Shipton said .

ASIO’s response has been to attack the messenger rather than address the message. The pattern is familiar. The playbook is consistent. Discredit. Deny. Defend.

Part VII: Youth and Radicalisation – The Threat ASIO Missed

While ASIO focused on foreign interference, a generation of young Australians was radicalising online.

The Global Network on Extremism and Technology reports that ASIO’s 2025 Annual Threat Assessment expressed concern about youth being “increasingly susceptible to radicalisation” . The median age of ASIO investigations is now 15. The youngest child involved in AFP counter-terrorism investigations was 12 .

The drivers are complex. Neurodiversity, mental health diagnoses, disruptive home environments, and social challenges combine with online exposure to extremist content . Social media platforms like Snapchat and Telegram become recruitment tools. Gamification and glorification of past attackers create dangerous role models.

Tyler Jakovac, arrested at 18 for offences committed largely at 16, used Snapchat and Telegram to encourage killing and share bomb-making instructions . Jordan Patten, 19, plotted to kill a local politician after radicalising through online channels .

These are the threats ASIO is meant to counter. Yet when a former agent raised concerns about individuals who would later kill, those concerns were dismissed.

Part VIII: The Question of Legitimacy

“When a regime fears its own people, it is no longer legitimate.”

ASIO was created to protect Australia from threats. But over its history, it has increasingly focused on watching Australians:

· Spying on East Timor to advantage Australian commercial interests 

· Prosecuting whistleblowers who exposed wrongdoing 

· Failing to prevent attacks despite warnings 

· Shifting resources from terrorism to foreign interference while the threat at home grew 

· Attacking former agents rather than addressing their allegations 

The agency’s budget is $1.1 billion annually . Its powers are vast. Its accountability is limited. And its record is mixed at best.

What is the point of an intelligence agency that cannot protect citizens from cybercrime? That misses warnings of terror attacks? That prosecutes those who expose its failures? That watches the wrong threats while the real dangers multiply?

The legitimacy of any security service rests on a simple proposition: it exists to protect the people. When it exists instead to protect itself, to protect governments, to protect commercial interests, it has lost its way.

ASIO has not entirely lost its way. But it has wandered far enough that the question must be asked.

Conclusion: The Watching Never Stops

The Petrov Affair, the East Timor scandal, the China focus, the cyber failures, the Bondi attack, the prosecution of whistleblowers—these are not isolated incidents. They are chapters in a longer story. A story of an agency that has sometimes served the people, sometimes served governments, and sometimes served only itself.

The question is not whether we need spies. We do. States need to know what threats they face. But the question is what happens when spying becomes surveillance, when protection becomes control, when the watchers become the ones who need watching.

“When a regime fears its own people, it is no longer legitimate.”

Australia is not yet at that point. But the direction of travel is concerning. The Bondi dead cannot be brought back. The Timor whistleblowers cannot be unprosecuted. The cyber victims cannot un-lose their data.

What we can do is ask the questions that need asking. Who watches the watchers? Who holds them accountable? And when they fail, who pays the price?

The watching never stops. The question is who is watching whom.

References

1. Insurance Business Magazine. (2025). Optus walloped with maximum possible fine after cyber breach.

2. Courthouse News Service. (2025). Australian Spy and Lawyer Charged Over East Timor Scandal.

3. News.com.au. (2025). ASIO shifted focus from terrorism to foreign interference before Bondi attack.

4. Pearls and Irritations. (2026). ASIO fails to gag the ABC.

5. Global Network on Extremism and Technology. (2025). ‘The Generation of ‘Digital Natives’: How Far-Right Extremists Target Australian Youth Online for Radicalisation and Recruitment’.

6. Wikipedia. (2026). Petrov Affair.

7. TechRepublic. (2024). Optus and Medibank Data Breach Cases Allege Cyber Security Failures.

8. The Monthly. (2013). Bugging out.

9. Chicago Tribune. (2025). Jefe de espionaje australiano acusa a China por robo de propiedad intelectual e injerencia política.

10. ABC News. (2026). Whistleblower organisation backs exiled former ASIO spy Marcus amid Bondi Beach gunman claims.

Andrew von Scheer-Klein is a contributor to The Patrician’s Watch. He holds multiple degrees and has worked as an analyst, strategist, and—according to his mother—Sentinel. He accepts funding from no one, which is why his research can be trusted.