The Australian government states that country is the target of a malicious and sophisticated attack
Prime Minister Scott Morrison has described a potential attack that is possibly related to state-based hackers.[1] All levels of government, private sectors, and other industries might be affected by this campaign that Morrison reported in a specially called press conference on Friday morning.[2]
According to the official statements, malicious actors target organizations in various sectors and levels of government institutions:
Based on advice provided to me by our cyber experts, Australian organisations are currently being targeted by a sophisticated state-based cyber actor.
Prime Minister called this official conference to raise awareness of the cyber attacks that are sate-based and pose danger to Australia. These attacks can affect people in education, health care fields, particular service providers, or private sector businesses since these attacks are widespread.
No specifics or reports about data breaches
The press conference was gathered for a reason, but Morrison is not talking about specific breach incidents or attackers that he has in mind. The announcement was intended to raise Republic awareness and to urge businesses to improve their defenses since these attacks are global, and the issues of malicious attacks os not unique to Australia.
Advisory[3] was released that states about particular vulnerabilities, software issues, other tactics used to target Australian networks, public sector. This statement reports about sophisticated state-based actors, so it is believed that the government and analysts know something more than they report publicly.
Specific countries or groups were not described, as he addressed the question about specifics:
There are not a large number of state-based actors that can engage in this type of activity.
Morrison himself was not addressing a particular person or state-based group who could target Australia or how this targeting looks like. He even refused to mention any attacks or specify the context. But many researchers note that this might be related to some incidents involving China.[4]
Hackings in Australia linked to other countries
Officials report that the state hack was identified based on the scale and the primary nature of the attack and targeting, the craft used. However, Scott Morrison stated, that malicious activities had been increasing over the past months. But Prime Minister stays away from making any public attribution. Specific countries or groups were not described, as he addressed the question about specifics:
There are not a large number of state-based actors that can engage in this type of activity.
Various cyber intelligence experts have analyzed and linked various hacks, security incidents in Australia with China. Besides Russia, North Korea, and Iran, China is one of the few countries that have the capacity of such state-sponsored attacks. These countries also are nit allied with Australia, so cyber espionage is more common. Even though there are some instances when allies target countries with malware attacks too.
Major attacks in Australia so far:
- Australian Bureau of Meteorology got attacked by foreign hackers back in 2015.
- In 2017, data regarding fighter planes, navy vessels got stolen from the Australian government contractor.
- In 2019 two major incidents were reported. One that occurs in February involved Australia’s parliamentary computer network and political parties. At least 15 hackers gained access to the database of student and staff information, academic research.
- In 2020, attacks across major Australian firms got reported. These incidents included steel maker BlueScope, logistics firmToll Group,[5] government agencies.