Prime Minister Scott Morrison revealed Australian government departments and major industry leaders are under increasing levels of cyberattack, saying the advice from the security agencies was that this was driven by a state-based actor.
Speculation immediately turned to China, which has been engaged in an ongoing trade dispute with the Australian government, as well as an argument over the response to COVID-19.
“This act is targeting Australian organisations across a range of sectors including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure,” said Morrison.
Rather than a new specific attack, the announcement this morning was prompted by an increase in activity.
According to Morrison, “This is an ongoing activity. It hasn’t just started. This is a constant threat to Australia as it is to many other nations and you’d be aware of many other nations have highlighted similar activity in their jurisdiction. So, this has been a constant issue for Australia to deal with.”
Asked by reporters to respond to speculation that China was behind the attack, the PM demurred.
“The Australian Government is not making any public attribution about these matters. We though are very confident that this is the action of a state-based actor. We have not gone any further than. I can’t control what speculation. Others might engage in on this issue. We have simply laid out the facts as we know them and as we’ve disclosed today.”
“What I can confirm with confidence from the advice, the technical advice that we’ve received, is that this is the action of a state based actor with significant abilities and there aren’t too many state-based actors who have those capabilities.”
Morrison also said the government is studying the practices that the cyber attackers are employing “This is a very complex area and it requires constant persistence and application and that’s what they’re doing.”
According to Sean Duca, Vice President, Regional Chief Security Officer, Asia Pacific & Japan at Palo Alto Networks, “The state-based cyber-attack we have seen today, is another example of a sophisticated attack that we have witnessed targeting organisations around the world. The ‘Copy-paste compromises’ is the result of the actor’s heavy use of proof-of-concept exploit code and other tools that is almost identical to the open source.”
“From our analysis, there is similarity in the code reuse as the attacks made in February 2019 targeting the Australian Parliament House.”
He said Cybersecurity risks hold a level of uncertainty, however, the news today demonstrates the importance of a public-private partnership. He said it would enable a new level of flexibility and strength through the opportunity of knowledge sharing as cyber threats become more sophisticated.