Australia Is Being Cyberattacked by State Actor, Prime Minister Says – The Wall Street Journal


Share on facebook
Share on twitter
Share on linkedin

Via Wall Street Journal

SYDNEY—Businesses and government agencies in Australia are being targeted by a sophisticated state actor in a large-scale cyberattack, the country’s prime minister said, raising alarm that disruption caused by the coronavirus pandemic is increasing the vulnerability of institutions.

Prime Minister Scott Morrison didn’t identify the country responsible on Friday, but said not many countries have the resources to mount such a wide-ranging cyber assault. All levels of government, political organizations, education and health-care providers, infrastructure operators and others are being targeted, he said.

“We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the tradecraft used,” Mr. Morrison said, adding that the attacks have been increasing over a period of months.

Linda Reynolds, the defense minister, said all Australian organizations should be aware to the threat and take steps to protect their networks.

Security agencies have ramped up warnings about potential malicious cyberattacks in recent weeks, specifically on hospitals, medical-research facilities in addition to power and water networks. Staff members who would normally be located in control rooms or worksites—protected by both digital and physical security barriers—are now working remotely because of the pandemic, Australia’s lead cybersecurity agency said last month.

“There’s been a huge increase in the number of Australian businesses notifying their insurers that they’ve been the victim of a cyberattack,” said Ahmed Khanji, the chief executive and founder of Sydney-based Gridware Cybersecurity, which investigates attacks on behalf of insurers. “We’ve been doing all-nighters at least once or twice a week.”

Mr. Morrison said there was no evidence yet of major personal-data breaches. He said the government plans to release a new cybersecurity strategy in the coming months that will include significant investments.

Some analysts said China is one of the few countries with both the resources and motivation to mount such a broad campaign. Last year, Mr. Morrison also declined to identify which country was behind a cyberattack on computer systems in the country’s Parliament, though a security official at the time said certain shortcomings associated with that attack were similar to previous Chinese efforts.

Having the defense minister appear with Mr. Morrison on Friday underscored the seriousness of the issue, said Tom Uren, a senior analyst in cybersecurity at the Australian Strategic Policy Institute. Mr. Uren said Mr. Morrison’s remarks, in which he said the attack could only have come from a few well-resourced countries, sought to warn the perpetrator that Australia could publicly name it if the attacks don’t stop.

“The prime minister talked about it going on for months, increasing in scale, and affecting so many industries,” said Mr. Uren. “Those are all groups that the Chinese have hacked in the past, and for all of those to be ongoing at the same time means it’s a country with a large capability.”

Mr. Uren said the attackers were likely seeking information that could give their country a strategic advantage—perhaps even information about which coronavirus vaccines are most promising.

China denied being responsible for the cyberattack on Australia’s parliament. The Chinese Ministry of Foreign Affairs in Beijing didn’t have an immediate comment Friday.

Tensions between the two countries have been rising since Australian officials pushed for a global investigation into the origins of the pandemic, which first emerged in China. Chinese officials threatened a boycott of Australian beef and wine and placed a tariff on barley exports. Earlier this month, China warned its citizens not to travel to Australia due to what it said is a rise in racial discrimination.

“There’s lots of different ways in which you can hide your footprint, but increasingly some nations are deliberately leaving their footprint in order to make a statement,” said Alana Maurushat, professor of cybersecurity and behavior at Western Sydney University.

Gridware is one of the leading cybersecurity providers in Australia, delivering world-class outcomes for our clients. We are uniquely positioned as an independent advisor, giving clients the confidence that they have mitigated their cybersecurity risks to best-in-class standards. If your organisation requires an approach to cybersecurity that is robust and reflects best-standard approaches to the latest threats, get in touch with us today for a discussion.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.