Australian Defense Minister Linda Reynolds said on Thursday that her nation is under sustained cyberattack from what senior officials described as “a sophisticated state-based actor.”
Sources in the Australian intelligence community said the attacker is probably China, whose relations with Australia have deteriorated steadily over Australia’s call for a thorough investigation of the Wuhan coronavirus outbreak.
Prime Minister Scott Morrison spoke of a massive attack against “all levels of government, industry, political organizations, education, health” in June. Defense Minister Reynolds confirmed the attack is still ongoing, and indeed escalating.
“Cyber-enabled activities have the potential to drive disinformation, and also directly support interference in our economy, interference in our political system, and also in what we see as critical infrastructure, but more widely across many businesses and organizations in our economy,” Reynolds warned.
“This type of activity really does blur what we previously understood to be peace and war, which is what we call that grey zone in between,” she said.
“At one end of the spectrum there are opportunistic cyber criminals who target Australia and Australian companies for financial gain. And at the other end of the same spectrum, there are sophisticated and very well-resourced state based actors who are seeking to interfere in our nation,” Reynolds elaborated.
Australia’s ABC News noted that the Australian Defense Ministry regarded the June surge in cyber-espionage activity as a deliberate campaign waged by a hostile foreign power. Although Prime Minister Morrison and other top officials stopped short of accusing China by name, government sources and private security analysts said China was clearly the source of the attacks. A huge cyberattack on the Australian parliament and its three largest political parties ahead of the 2019 elections was also blamed on China.
The Australian Cyber Security Center (ACSC) released its first annual Cyber Threat Report on Thursday. Based on information provided by Australia’s security and law enforcement agencies, the ACSC logged 2,266 cybersecurity incidents and 59,806 cybercrime reports between July 2019 and June 2020, which works out to 164 cybercrime reports per day, or one every ten minutes.
The ACSC concluded that “malicious cyber activity against Australia’s national and economic interests is increasing in frequency,” with an especially troubling increase in ransomware attacks. Ransomware involves locking down the data in a computer system with a virus and offering to release it only if the victim pays the hackers a ransom. Few large private or government entities have the resources necessary to recover from a ransomware attack without a great deal of expensive – and, in the case of institutions like hospitals, dangerous – downtime.
The ACSC worried about increasing vulnerability from the advent of 5G networking and the Internet of Things (IoT), the model of modern life that fills every household with Internet-connected devices that could be hacked. The report found that Australian commonwealth, state, and territorial governments were the most common hacking targets.
According to the report, Australia’s cyber threats include a thriving black market of opportunistic hackers and “transnational cybercrime syndicates” as well as state-sponsored electronic terrorism. The threat environment grew noticeably worse as the dark web filled up with shops offering “cybercrime-as-a-service” software, high-end hacking tools for sale to enterprising vandals and thieves that give them capabilities once reserved for state actors.
The ACSC and many Australian security officials worried that the evolving cyber-threat environment could only be effectively countered by surveillance and counter-espionage measures that make civil libertarians profoundly uncomfortable. Australia made its largest-ever investment in online security in June, allocating $1.35 billion for the ACSC and the Australian Signals Directorate (ASD), but the security situation evidently remains perilous.
Rachel Noble, currently head of the ASD and previously head of the ACSC, gave an unusually frank and somewhat gloomy speech this week in which she said counter-espionage has become a “near-impossible game” and warned, “the threat to our way of life is more real today than at any time I have known in my career.”
“Some Australians are agents of a foreign power. Some Australians are terrorists. Some Australians take up weapons and point them at us and our military. Some Australians are spies who are cultivated by foreign powers and are not on our side,” Noble said.
“Transparency is important but not at the expense of us losing the very capability that we use to keep Australia safe. There is a careful balance to be struck,” she contended.