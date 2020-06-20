Australian Prime Minister Scott Morrison yesterday said that his nation was under a broad cyberattack from a “state-based actor” targeting the government, public services and businesses, with suspicions falling on China.
Warning Australians of “specific risks” and an increased tempo of attacks, Morrison told a news conference that a range of sensitive institutions had been hit.
“This activity is targeting Australian organizations across a range of sectors, including all levels of government, industry, political organizations, education, health, essential service providers and operators of other critical infrastructure,” he said.
Photo: EPA-EFE
Morrison leveled blame at a “sophisticated state-based cyberactor,” but declined to name the culprit, while saying that it could only come from one of a handful of states.
China, Iran, Israel, North Korea, Russia, the US and a number of European nations are known to have developed advanced cyberwarfare capabilities, but suspicions immediately fell on Beijing, which has clashed repeatedly with Canberra as it looks to increase the cost of Australia speaking out against its interests.
Australia enraged China by calling for an investigation into the origins of the COVID-19 pandemic, but Canberra has also pushed back against what it describes as China’s economic “coercion,” covert influence campaigns, and the use of technology companies such as Huawei Technologies Co (華為) as a tool of intelligence gathering and geopolitical leverage.
China has warned its students and tourists against going to Australia, imposed trade sanctions on Australian goods and sentenced an Australian to death for drug trafficking.
The Australian parliament, political parties and universities last year were targeted by state-backed cyberattacks, with China seen as the likely culprit.
Australian Broadcasting Corp cited “senior sources” confirming that China was also believed to be behind yesterday’s attacks.
Chinese Ministry of Foreign Affairs spokesman Zhao Lijian (趙立堅) yesterday said that China was “a staunch defender of cybersecurity” and has “always resolutely opposed and cracked down on all forms of cyberattacks.”
Beijing has previously described such allegations as “irresponsible” and an attempt to “smear” the nation.
Experts say attribution is often difficult, time-consuming and, if made public, could escalate tensions further.
The attack appeared designed to hide authorship, using so-called “copy-paste” cybertools that can be easily found open source, the Australian Signals Directorate intelligence agency said.
They included “proof-of-concept exploit code” that targeted vulnerabilities in old versions of software products, as well as “shell” software that is uploaded and remains on compromised servers.
Morrison said that he had notified the leader of the opposition and state premiers of the “malicious” cyberattacks, but said no personal data had been compromised and many of the attacks were unsuccessful.
“They are not new risks, but they are specific risks,” he said. “We encourage organizations, particularly those in the health, critical infrastructure and essential services [sectors], to take expert advice and to implement technical defenses.”
Australia is part of the “Five Eyes” intelligence-sharing network — along with the UK, Canada, New Zealand and the US — which gives the nation access to advanced capabilities, but also makes it a rich target for adversaries.
