Australia under cyberattack: is the world facing a cyber pandemic?
Australia is once again under attack. This time, it has nothing to do with COVID-19. This time it is to do with a different type of malicious pandemic: a cyber pandemic.
Just a couple of weeks ago, Dan Lohrmann wrote for US magazine, Government Technology, “While the majority of people were focused this past week on peaceful protests against police brutality and the death of George Floyd, or rioting in some cities, or the surprisingly positive jobs numbers and stock market performance (not in Australia – ed), several well-respected leaders and groups are now predicting that a “cyber pandemic” is coming soon.”
The Australian government has reason to agree with that assumption. On Friday 19 June, Prime Minister Scott Morrison revealed all levels of Australian government, critical infrastructure and the private sector are being targeted in a "sophisticated state-based" cyberattack.
The attack is being carried out by a "a sophisticated state-based cyber actor".
Large scale attacks have been carried out and are increasing in frequency.
"This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers, and operators of other critical infrastructure," Mr Morrison said.
"What I simply can confirm is there are not a large number of state-based actors that can engage in this type of activity, and it is clear based on the advice that we have received that this has been done by a state-based actor," Mr Morrison said.
"With very, very significant capabilities."
Given Australia’s strained relations with China, many are assuming China to be the state-based actor although Mr Morrison is refusing to point the finger.
"I can't control what speculation others might engage in on this issue or, frankly, any other. I have simply laid out the facts as we know them and as we have disclosed today."
However, he did say "There aren't too many state-based actors who have those capabilities."
So far, the motivations behind the attack are unclear, but the government’s priority in this instance is to keep Australia’s infrastructure and businesses safe.
The government has already thwarted several cyberattacks, with Morrison saying that Australia is working with the best agencies in the world to negate these attacks.
"I can confirm that they have thwarted many, but this is a very complex area and it requires constant persistence and application and that's what they're doing.
"We know what is going on. We're on it but it is a day-to-day task that we're applied to and we will continue to do that to keep Australians safe."
China, Russia and Iran are the usual suspects when it comes to states being suspected of sponsoring cyber operations.
The deterioration of relations between China and Australia following Australia’s call for an inquest into the origins of coronavirus do point to China, but this is mere speculation.
No matter who is responsible, the attack is a wake-up call for all Australians, particularly organisations, to up their cybersecurity game. You may also seek out a cybersecurity product provider and advisory service such as WhiteHawk (ASX:WHK), which provides an online security exchange and works with government departments such as the US Department of Homeland Security as well as small businesses.
Defence Minister Linda Reynolds has urged all Australian organisations to be prepared.
“There is no doubt that malicious cyber activity is increasing in frequency, scale, in sophistication and in its impact,” she said.
“This activity harms Australia’s national security and also our economic interests.”
Reynolds outlined three steps all Australians should take to protect themselves and their businesses.
- Patch your internet facing devices promptly to ensure any web or email server is fully updated with the latest software.
- Use multi-factor authentication to secure your internet access infrastructure and your cloud-based platforms.
- Become an Australia Cyber Security Centre (ACSC) partner to ensure you get the latest cyber threat advice, to protect your organisation online.
On Friday, the Australian Cyber Security Centre and the Department of Home Affairs updated its technical advice, which outlines the steps to detect and mitigate such threats. It is available at cyber.gov.au.
Short-term positions in small, early stage ASX companies,
with high potential and near term price catalysts.
Focusing on resource exploration, early-stage tech, and biotech.
Exceptional opportunities across a broad range of
early-stage growth sectors with strong management.
Seeking 1,000% plus returns across medium to long-term holds.
Longer-term positions in a variety of sectors.
Seeking strong management where traction is established and have entered into a growth phase.
S3 Consortium Pty Ltd (CAR No.433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information only. Any advice is general advice only. Neither your personal objectives, financial situation nor needs have been taken into consideration. Accordingly you should consider how appropriate the advice (if any) is to those objectives, financial situation and needs, before acting on the advice.
Conflict of Interest Notice
S3 Consortium Pty Ltd does and seeks to do business with companies featured in its articles. As a result, investors should be aware that the Firm may have a conflict of interest that could affect the objectivity of this article. Investors should consider this article as only a single factor in making any investment decision. The publishers of this article also wish to disclose that they may hold this stock in their portfolios and that any decision to purchase this stock should be done so after the purchaser has made their own inquires as to the validity of any information in this article.
The information contained in this article is current at the finalised date. The information contained in this article is based on sources reasonably considered to be reliable by S3 Consortium Pty Ltd, and available in the public domain. No “insider information” is ever sourced, disclosed or used by S3 Consortium.