Defence Minister Linda Reynolds today told businesses how to improve their cyber security as Australia faces a series of major cyber attacks from a ‘sophisticated state actor’.
Cyber experts said it was the first time in history that an Australian defence minister had addressed the nation with specific technical tips to avoid being hacked.
She urged businesses to check their security systems and take extra steps such as ensuring employees use multi-factor identification to log in to devices.
Defence Minister Linda Reynolds (left) today told businesses how to improve their cyber security as Australia faces a series of major cyber attacks from a ‘sophisticated state actor’
Senior sources have told Daily Mail Australia that government agencies believe China is behind the relentless campaign to hack into the systems of Australian companies. Pictured: Chinese people at an internet cafe
Ms Reynolds also warned companies to download recent software, secure their cloud-based platforms and report any breaches to the Australia Cyber Security Centre.
She said: ‘Firstly, patch your Internet facing devices promptly, ensuring that any web or email servers are fully updated with the latest software.
‘Secondly, ensure you always use multifactor authentication to secure your Internet access, infrastructure and also your CLOUD-based platforms.
‘Thirdly, it’s important to become an Australia Cyber Security Centre partner to ensure you get the latest cyber threat advice to protect your organisation online.’
Prime Minister Scott Morrison said a ‘sophisticated state-based actor’ was behind ongoing attacks which have been happening for ‘many months’ but have dramatically increased recently
He refused to name any suspects but said there are ‘not a large number’ of countries which can carry out such large-scale cyber operations.
Senior sources have told Daily Mail Australia that government agencies believe China is behind the relentless campaign to hack into the systems of Australian companies and government service providers.
Dane Meah of cyber security firm, InfoTrust, said the announcement ‘serves as a reminder that cyber security is crucial.’
‘Often security projects are one of the first to be scaled back during a recession and this could potentially cause even more damage to the Australian economy if we see businesses start to fall victim to these attacks,’ he said.
‘Our advice to businesses would be to complete a review of the controls, policies and procedures they currently have in place, including testing a response plan and making staff aware of threats.’
Senior sources have told Daily Mail Australia that government agencies believe China is behind the campaign. Pictured: Chinese President Xi Jinping at the 70th Anniversary of the founding of the People’s Republic of China in October
Beijing and Canberra have been at loggerheads since Australia became the first nation to call for an inquiry into the origins of coronavirus in March.
China retaliated by slapping an 80 per cent tariff on Australian barley and telling students and tourists not to travel Down Under in an apparent attempt to damage the Australian economy.
Intelligence officials attributed a major cyber attack on the Australian parliament last year to China – and critics say intensifying attacks could be part of a Chinese campaign to intimidate or bully Australia as tensions over trade foment.
Cyber expert Nick Savvides, director of strategic business at Forcepoint, told Daily Mail Australia there could be a other motivations for the attack.
He said a state actor could be trying to gain a foothold in Australia’s systems to shut down schools, hospitals and key industries in the event of war.
Another aim could be to access classified government or commercial information, according to Professor Matthew Warren of RMIT University.
Mr Savvides said he believes Mr Morrison made the announcement today to tell the attackers ‘we’re on to you and we know what you’re up to’.
A huge cyber attack has been aimed at the Australian government. Pictured: PM Scott Morrison
Chinese troops marching during a military parade in Tiananmen Square in Beijing to mark the 70th anniversary of the founding of the People’s Republic of China
The Australian Cyber Security Centre said in a statement the attacker has been using various ‘spearphishing’ techniques such as sending links to credential harvesting websites, emails with links to malicious files, and emails with other ‘click-through events’.
Australian Strategic Policy Institute executive director Peter Jennings said he is 95 per cent sure the attacker is China.
‘The Russians could do it. The North Koreans could do it, but neither of them have an interest on the scale of this. They have no interest in state and territory government or universities,’ he told The Australian.
‘The only country that has got the interest to go as broad and as deep as this and the only country with the sophistication and the size of the intelligence establishment to do it, is China.’
We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the trade craft used
Prime Minister Scott Morrison
The Prime Minster said investigations by the Australian Cyber Security Centre so far have not found any personal data has been leaked.
He said ‘many’ entities have been targeted but the success of the attacks has been ‘less significant’.
‘Australian organisations are currently being targeted by a sophisticated state-based cyber actor,’ he said today after calling a press conference at short notice.
‘This activity is targeting Australian organisations across a range of sectors, including all levels of Government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure.
‘We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the trade craft used,’ he said.
‘Regrettably, this activity is not new. Frequency has been increasing.’
Mr Morrison said he would not name the enemy government because the threshold for attributing a cyber attack is very high.
He said he has spoken to Five Eyes allies including UK Prime Minister Boris Johnson last night – and also informed leader of the Opposition Anthony Albanese and state and territory leaders.
Who was behind attack and why?
Prime Minster Scott Morrison has refused to name any suspects.
But Senior sources have told the ABC that government agencies believe China is behind the campaign to hack into the systems of Australian companies and government service providers.
Cyber expert Nick Savvides, director of strategic business at Forcepoint, told Daily Mail Australia there are ten to 15 states that could be behind the attack including Russia, China, Iran and North Korea.
He said motivation for a state-sponsored cyber attack can be to gain a foothold in an enemy’s systems to shut down schools, hospitals and key industries in the event of war.
‘Attribution is really hard because you can be anyone you want to be in cyber space,’ Mr Savvides said.
‘Hackers can make operations look like they come from another state by mimicking another state actor.
‘To some it may sound like Scott Morrison is trying to get out of naming a suspect but I sympathise with him.
‘We’re in a heightened geopolitical climate so you would want to be absolutely sure and have evidence you can publicly state before you name some-one.’
Mr Savvides said the Prime Minister had used ‘very powerful language’ by declaring the attack was by a state.
Chinese President Xi Jinping attends the opening of the National People’s Congress at The Great Hall Of The People on May 22
He said current trade tensions with China may lead people to believe the attack was ordered by Beijing – but another state could be capitalising on this to get away with it.
Mr Savvides said he believed Mr Morrison gave the press conference today to tell the attackers ‘we’re on to you and we know what you’re up to’.
Australian Strategic Policy Institute executive director Peter Jennings said he is 95 per cent sure it was China.
‘The Russians could do it. The North Koreans could do it, but neither of them have an interest on the scale of this. They have no interest in state and territory government or universities,’ he told The Australian.
‘The only country that has got the interest to go as broad and as deep as this and the only country with the sophistication and the size of the intelligence establishment to do it, is China.’
Defence Minister Linda Reynolds said: ‘There is no doubt that malicious cyber activity is increasing in frequency, scale, in sophistication and in its impact.’
She urged businesses to check their cyber security and take extra steps such as ensuring employees use multi-factor identification before logging in to devices.
Food and drink company Lion was forced to shut down production for eight days after a cyber attack on its systems on 8 June.
Mr Morrison said that attack was not related to the state attack announced today.
Lion, which produces Little Creatures, XXXX, Tooheys and James Squire, shut down its Little Creatures brewery in Geelong.
The education sector has been targeted by the cyber attacks which have been happening for months
Prime Minister Scott Morrison said the government has been targeted. Pictured: Parliament House in Canberra
The cyber attack has resulted in temporary shortages or out-of-stock products in kegs, bottles and cans.
An attack on the federal parliament and three largest political parties before the general election last year was earlier this year attributed to China by security agencies.
Matt Warren, from RMIT University Centre for Cyber Security Research and Innovation, said cyber attacks were ‘the new normal’.
‘It’s not that there’s an increase in cyber-attacks, but we’re seeing these attacks be more successful because what they’re focusing on is the human aspect,’ he told the Geelong Advertiser.
‘It also highlights that organisations aren’t prepared for it.
‘It’s actually a relatively easy cyber attack to recover from, but the problem is because organisations have now become complex, they haven’t kept up their backup resilience strategy to reflect their operations.’
Earlier this week Australia launched six warships into the Indo-Pacific for training operations ahead of huge show of force in the region with the US Navy.
HMA Ships Canberra, Hobart, Stuart, Anzac, Ballarat and Arunta all left their base in Sydney Harbour on Monday.
They will conduct ‘task group training’ before taking part in a warfare training exercise with the US and other allies known as the Rim of the Pacific in August.
Australia has launched six warships into the Indo-Pacific for training operations ahead of huge show of force in the region with the US Navy. Pictured: HMA Ships Stuart (foreground), Hobart and Canberra (background) depart Fleet Base East in Sydney
Left to right: HMA Ships Stuart, Hobart and Canberra depart Fleet Base East in Sydney for Force Integrated Training
The exercise is the world’s largest international maritime warfare training mission, held every two years from Honolulu, Hawaii.
A defence spokesman said the ships are ‘currently conducting maritime task group training under strict COVID-19 preventive measures’.
It comes amid trade tensions with China after Australia angered Beijing by calling for an inquiry into the origins of coronavirus which erupted in Wuhan.
In recent months China has increased training exercises in the Pacific and started trailing its first homemade aircraft carrier. Prime Minster Scott Morrison said China should not be shocked by the show of force.
‘These are our routine partnerships and exercises that we do. There’s nothing extraordinary about that,’ he told Sydney radio 2GB.
‘I don’t think it would cause anyone any surprise who are looking in from elsewhere.’
HMAS Sirius departs Fleet Base West for taskgroup force integrated training
Left to right: HMA Ships Canberra, Hobart and Stuart depart Sydney Harbour on Monday