Jakub Porzycki/NurPhoto via Getty ImagesWarnings this week from the Australian Security Intelligence Organisation (ASIO) about sabotage threats marked an important shift in tone.And they raise important questions about how the Australian government should respond.Breaking from past practice, ASIO Director-General Mike Burgess said Chinese state-linked hackers have scanned, mapped and in some cases infiltrated Australian critical infrastructure. According to Burgess, these groups are no longer focused on stealing information. They are preparing to disrupt or shut down key systems in a future crisis.For many years, ASIO avoided naming specific countries in public. For the first time, Burgess described Chinese hackers trying to gain access to telecommunications, energy and transport networks. He said high-impact sabotage is now a real threat. The new message names the state actor directly, as well as the potential for devastating consequences. The many forms of hard and soft powerTo understand why this matters, consider how China’s activities abroad have changed over time. Past debates in Australia often centred on China’s soft power, or the ability to win influence through “attraction and persuasion”, and sharp power. This involves using covert influence, political pressure and media manipulation to shape public opinion without using force. China uses soft power as a form of influence. Burgess described something different. This threat does not involve persuasion or interference in debate. It is about the ability to disable telecommunications, shut down water systems, interrupt electricity supplies or damage the financial system.This is preparation to use coercion during a crisis. One can imagine a scenario where Australia’s ability to respond to a blockade or invasion of Taiwan is hampered by a shutdown of critical infrastructure.Burgess is therefore right to highlight the seriousness of the threat. China has shown that control of digital systems is central to geopolitical competition. Maintaining access to foreign infrastructure is a strategic advantage. As Australia becomes more reliant on digital networks, weaknesses in those systems become national security concerns.The risk of digital authoritarianism - at homeThere is, however, a second issue that deserves attention. In responding to foreign cyber threats, Australia risks adopting some of the very same digital tools used in authoritarian states such as Russia and China. Research on digital authoritarianism shows that many authoritarian governments use control of digital networks to manage their own populations. They monitor citizens, limit information and use technology to enforce political order. Digital authoritarianism is on the rise. Burgess’ warning suggests this model is being exported. The aim is to control digital life at home, but also to gain the ability to interfere with digital systems overseas if needed.In recent years, Australian governments have proposed measures that go well beyond traditional cybersecurity. These include mandatory age checks for social media, strict online limits for minors and expanding the duties of technology companies to assist with national security goals. These proposals are framed as necessary for public safety. Yet they show a willingness to extend state power deeper into digital life.Earlier analysis of sharp power in Australia showed the country’s institutions can be both robust and unusually willing to grant the state wide authority. Burgess’ speech at a business conference reinforces this trend. He addressed government agencies but also corporate boards, telling them national security is now their responsibility, as well. Much of Australia’s critical infrastructure is owned or operated by private companies. Expecting these companies to act as extensions of national security policy risks blurring the line between public and private roles.We need to protect democratic normsThis shift is not necessarily improper, but it does carry risks. A defining feature of digital authoritarianism is the merger of state security priorities with corporate behaviour. If this boundary weakens, Australia could slowly move toward practices it has long opposed.It is possible to strengthen national resilience without taking this path. A democratic society can defend its networks and deter cyber threats while maintaining openness and accountability. Burgess is correct that Australia faces a serious and evolving challenge. China’s cyber operations reflect wider geopolitical changes. But an effective response requires protecting both infrastructure and democratic norms.Australia needs a balanced and sophisticated response. Stronger cyber defences are necessary, but they must come with clear limits on state power, transparent rules for data access and protections for speech.China’s cyber operations, which are part of a wider strategic contest, are indeed a serious threat. But if Australia reacts by expanding security powers without restraint, it risks weakening the freedoms it aims to defend.The authors do not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and have disclosed no relevant affiliations beyond their academic appointment.