According to reports, the Federal Government of Australia believes that China is the nation behind ongoing cyber attacks on Australian institutions, including hospitals and state-owned utilities. Prime Minister Scott Morrison, has been quoted that Australian organizations are currently being targeted by a sophisticated foreign “state-based” hacker.
Senior sources have confirmed that China is the source of the attacks, although the PM has declined to formally name the country publicly. “This activity is targeting Australian organizations across a range of sectors, including all levels of government, industry, political organizations, education, health, essential service providers and operators of other critical infrastructure,” Mr Morrison said.
The Sydney Morning Herald has opined that the cyber attack campaign has been going on for months. They believe the campaign started after the previous Turnbull government decided to protect Australia from Beijing’s intrusions. Firstly, there was an introduction of laws against foreign interference in Australian democratic systems and secondly, the ban on Chinese telecoms equipment supplier Huawei from the 5G mobile phone network. As both of these measures took effect in 2018, what we are seeing now is a result of these actions. In April, after the Morrison government decided to call for an inquiry into Covid-19, Beijing stepped up the attacks.
According to the publication, the nature of attack is quite unique. Its a ‘wide and shallow’ approach that probes government, corporate, research, institutional and political systems. They are not attempting to destroy or disabling them. Also, the attacks are not designed to steal intellectual property or industrial secrets. Simple techniques such as phishing emails and invitations to click on fake links are also used. Therefore, the federal government is considering it a “mapping effort”, as sources have told SMH.
These intrusions are looking for connections and networks, ascertaining relationships between individuals in the political realm, the fusion of companies and bureaucracies and how decisions are being made is all being factored in.
The Australian Government’s Signals Directorate recently released an advisory on this topic. It’s campaign summary said that the Australian Government is currently aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor.
It states that the actor has shown the capability to quickly leverage public exploit proof-of-concepts to target networks of interest and regularly conducts reconnaissance of target networks looking for vulnerable services, potentially maintaining a list of public-facing services to quickly target following future vulnerability releases.
When the exploitation of public-facing infrastructure did not succeed, the ACSC has identified the actor utilising various spear-phishing techniques. This spear-phishing has taken the form of:
They are recommending that all institutions in Australia practice prompt patching of internet facing software, operating systems and devices. Multi-factor authentication across all remote access services is also essential. This includes:
Perhaps most worryingly, is that the Global IT Professional Association, ISACA, recently stated that only 40% of technology professionals and leaders in Australia were highly confident that their cybersecurity teams were ready to detect and respond to the rising cybersecurity attacks occurring during COVID-19.
Sources: ABC Australia, Sydney Morning Herald, Australian Government and ISACA
Follow Asia Blockchain Review on:
We provide information about Asia Blockchain Review latest activities as well as global blockchain news and research. Subscribe to our Newsletter now or Contact us