All levels of government across Australia are being targeted by a sophisticated state-based cyber actor, the prime minister revealed on Friday.
At a press conference Scott Morrison said the “malicious” attacks have been ongoing, and the “frequency has been increasing” over many months.
“This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure,” he said.
The scale and nature of the attacks have indicated that it was a sophisticated state-based cyber actor with “significant capabilities”, but the PM would not reveal the identity of the attacker.
“What I can confirm is there are not a large number of state-based actors that can engage in this type of activity,” he said.
Labor leader Anthony Albanese was told of the situation on Thursday night. State and territory leaders have also been briefed.
Morrison noted the Australian Cyber Security Centre has been working with targeted organisations to protect themselves.
Defence minister Linda Reynolds recommended organisations patch their internet facing devices, update web and email servers with the latest software, and always use multi-factor authentication to secure internet access, infrastructure, and cloud-based platforms.
She suggested organisations become an ACSC partner to receive up-to-date cyber threat advice.
The ACSC and the Department of Home Affairs on Friday published a technical advisory that organisations can use to detect and mitigate the cyber threat.
The government plans to upgrade its 2016 cyber security strategy in the coming months.