Scott Morrison and defence secretary at press conference

Cyber attacks against Australia are state-backed, PM says

Image credit: AAP Image/Mick Tsikas via REUTERS

Australian Prime Minister Scott Morrison used a news conference in Canberra to reveal that the country is being hit with ongoing state-backed cyber attacks.

“I’m here today to advise you that, based on advice provided to me by our cyber experts, Australian organisations are currently being targeted by a sophisticated state-backed cyber actor,” Morrison announced.

The attacks are widespread, targeting “government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure”. This activity is reportedly increasing in frequency, scale, sophistication and impact.

According to the Australian Cyber Security Centre, some of the techniques used in the attacks were copied from open-source code (“copy-paste compromises”); these were used in an attempt to compromise critical infrastructure. After these attempts failed, the state-backed actors used targeted phishing techniques in an effort to acquire passwords.

The government does not believe that any large-scale breaches compromising personal data have occurred so far as a result of the cyber attacks.

Morrison said he was speaking out about the cyber attacks in order to raise awareness of the threat and to encourage organisations to bolster their information security, particularly those supporting essential services and critical infrastructure. He said that the Australian Cyber Security Centre has been working with targeted organisations.

Morrison said that Australia is working closely with its allies in order to manage international cyber threats, having spoken to UK Prime Minister Boris Johnson about the issue this week. Morrison has also briefed the opposition leader in Australia on the issue.

The government will be launching a cyber-security strategy later this year, including a boost in funding to bolster cyber defences.

Morrison said that officials identified the cyber attacks as state-backed due to the “scale and nature of the targeting and the trade craft used”. However, Morrison declined to publicly accuse a country, as the threshold of evidence to do so would be “extremely high”.

“What I can confirm is that there are not a large number of state-based actors that can engage in this type of activity and it is clear, based on the advice that we have received, that this has been done by a state-based actor, with very significant capabilities,” he said.

There are a small number of states not allied to Australia with the capacity and precedent for these cyber attacks, e.g. China, Russia, Iran and North Korea. Cyber-security experts have consistently attributed cyber attacks in Australia to China, with Australian intelligence suspecting Chinese actors of being responsible for a cyber attack targeting parliament and all main political parties in 2019.

A Reuters report suggested that the Australian government views China as the most likely suspect for the recent spate of cyber attacks, with a source familiar with the matter telling the news agency: “There is a high degree of confidence that China is behind the attacks.”

The Chinese government has denied that it is responsible for the cyber attacks.

Australia-China relations have become somewhat strained in the past year. China recently introduced tariffs on some Australian goods and warned against travel to the country in response to Australia calling for an inquiry into the source of the novel coronavirus (which appeared to emerge from Wuhan, China, in 2019).

Sam Curry, chief security officer at Cybereason, commented: “Foreign actors are regularly testing the resiliency of networks in both the public and private sector and this is nothing new to Australia. How they respond is important and they are likely prepared.

“Australia, the US and other democratic nations may not be facing a traditional enemy with guns and tanks on the battlefield, but they are constantly fighting a host of adversaries in the digital space. Unless we work with our international allies and device a better strategy to confront this threat, it is far from certain that we will emerge victorious.”

Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.

Recent articles