Australia hit by 'state-based' cyber attack: What do we know so far?
The attacks have targeted all levels of the government, political organisations, essential service providers and operators of other critical infrastructure. But according to Australian PM Scott Morrison, there has been no large-scale personal data breaches.
Australian government and institutions are currently being targeted by an ongoing state-based cyber hack, Prime Minister Scott Morrison said on Friday, adding that the cyber attacks are widespread, covering "all levels of government" as well as essential service providers and businesses.
He said that a "sophisticated state-based actor" has been attempting to hack a wide range of Australian organisations for months and had stepped up its efforts recently.
WHO IS BEING ATTACKED?
The attacks have targeted all levels of the government, political organisations, essential service providers and operators of other critical infrastructure, Morrison said in a media briefing in Canberra.
"We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting," he said. Morrison said there were not a lot of state actors that could launch this sort of attack, but Australia will not identify which country was responsible.
WHEN DID THESE ATTACKS TAKE PLACE?
Morrison said the attacks are happening currently, but they aren't a new incident. "It hasn't just started," he said.
"This has been a constant issue for Australia to deal with and so I wouldn't say that there has been any one event or any one instance."
He said the frequency of the attacks had been increasing "over many months".
When asked about Australians' personal details being leaked, Morrison said: "The advice I have is that the investigations conducted so far have not revealed any large-scale personal data breaches".
Australia's Defence Minister Linda Reynolds, in similar comments, said advice showed no large-scale personal data breaches from the attack, as she urged businesses and organisations to ensure any web or email servers are fully updated with the latest software and the use of multi-factor authentication.
An Australian government source said Morrison's public declaration was an attempt to raise the issue with those who could be targeted. Australia's chief cyber intelligence agency said its investigations have so far found no evidence that the actor attempted to be "disruptive or destructive" once within the host's network.
Morrison said he had spoke with British Prime Minister Boris Johnson on Thursday about the issue, while briefings to other allies have also been conducted.
WHO COULD BE BEHIND AUSTRALIA CYBER ATTACK?
Cyber intelligence experts have long linked various hacks in Australia to China. According to them, China is one of the few states, along with Russia, Iran, and North Korea, which have the capacity for such attacks - and are not allied with Australia.
Last year, Australia's main political parties and Parliament were hit by a "malicious intrusion" on their computer networks carried out by a "sophisticated state actor".
Following that, Reuters had reported that Canberra had determined in March last year that China was responsible for the hacking attack on Australia's Parliament. But Australia never publicly identified that source of the attack and China denied it was responsible.
Relations between Australia and China have sunk to their lowest level this year, following Canberra's call for an independent probe into the source and spread of COVID-19 that first emerged in the central Chinese city of Wuhan late last year.
Following that call, Beijing imposed a series of bruising trade sanctions and urged its citizens and students to avoid travel to the country.