Australian Government and businesses hit by massive cyber attack from ‘sophisticated, state-based actor’
A wide range of political and private-sector organisations in Australia have come under cyber-attack carried out by a “sophisticated state-based cyber-actor”, the Australian government has revealed.
The PM Scott Morrison, disclosed the far-reaching attacks at a media conference in Canberra on Friday, while the defence minister, Linda Reynolds, declared that malicious cyber-activity was “increasing in frequency, scale, in sophistication and in its impact”.
The Australian Government is currently aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor.
The prime minister declined to respond to a specific question about whether it was China, after months of tensions in its relationship with Australia, but security experts later said they believed it, Russia and North Korea were the only countries that fell within Morrison’s description.
“I’m here today to advise you that, based on advice provided to me by our cyber-experts, Australian organisations are currently being targeted by a sophisticated state-based cyber-actor,” Morrison told reporters. “This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure.
“We know it is a sophisticated state-based cyber-actor because of the scale and nature of the targeting and the tradecraft used.
The government’s Australian Cyber Security Centre (ACSC) issued advice on Friday on the techniques used in the attacks, which it described under the banner “copy-paste compromises” because the attacker had copied heavily from open-source code.
The ACSC said the attacker had attempted to exploit public-facing infrastructure. But when that did not succeed, the attacker used personalised “spearphishing” techniques, including sending targets links to malicious files and websites aimed at harvesting passwords.
Morrison said the government was speaking publicly about the issue not to raise concerns but to raise awareness. He encouraged organisations, particularly those in health critical infrastructure and essential services, to “implement technical defences to thwart this malicious cyber-activity”.
The ACSC has been briefing Australian states and territories and working with targeted organisations to ensure their defences were appropriately raised.
The defence minister said increasingly sophisticated malicious cyber-activity harmed Australia’s national security and economic interests. Reynolds urged all Australian organisations to be alert to the threat and protect their networks.
Read more in this report from the Australian Cyber Security Centre: ACSC-Advisory-2020-008-Copy-Paste-Compromises
If you need help establishing your cybersecurity health status, give the team at Davichi a call or send an email through to cybersecurity@davichi.com.au. We will be more than happy to review your systems and processes and help you get on track and stay safe in these uncertain times.