Australia under attack from state-based cyber actor with ‘significant capabilities’

By Shannon Jenkins

Friday June 19, 2020

Prime Minister Scott Morrison at a press conference, reveals a state-based cyber attack targeting Australian government and business, at Parliament House in Canberra, Friday, June 19, 2020. (AAP Image/Mick Tsikas)

All levels of government across Australia are being targeted by a sophisticated state-based cyber actor, the prime minister revealed on Friday.

At a press conference Scott Morrison said the “malicious” attacks have been ongoing, and the “frequency has been increasing” over many months.

“This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure,” he said.

The scale and nature of the attacks have indicated that it was a sophisticated state-based cyber actor with “significant capabilities”, but the PM would not reveal the identity of the attacker.

“What I can confirm is there are not a large number of state-based actors that can engage in this type of activity,” he said.

Read more: Why COVID-19 is making utilities more vulnerable to cyberattack – and what to do about it

Labor leader Anthony Albanese was told of the situation on Thursday night. State and territory leaders have also been briefed.

Morrison noted the Australian Cyber Security Centre has been working with targeted organisations to protect themselves.

Defence minister Linda Reynolds recommended organisations patch their internet facing devices, update web and email servers with the latest software, and always use multi-factor authentication to secure internet access, infrastructure, and cloud-based platforms.

She suggested organisations become an ACSC partner to receive up-to-date cyber threat advice.

The ACSC and the Department of Home Affairs on Friday published a technical advisory that organisations can use to detect and mitigate the cyber threat.

The government plans to upgrade its 2016 cyber security strategy in the coming months.

About the author
Inline Feedbacks
View all comments
The Mandarin Premium

Insights & analysis that matter to you

Subscribe for only $5 a week


Get Premium Today