Experts blame China for massive cyber attack on Australia
Australian political parties, government organisations, health and essential service providers are currently the target of a "sophisticated" cyber attack by China.
A foreign entity has conducted a widespread across all levels of government and a range of businesses including political organisations, education, health and essential service providers.
Cybersecurity experts are certain China is the only nation that could have orchestrated such a widespread and sustained series of hits Australian systems.
Matt Warren, the director of the RMIT centre of cybersecurity research and innovation, said the series of hits on key offices and sectors had all the markers of a coordinated "reconnaissance" attack by Beijing.
"This fits the proforma of China for their sorts of attacks," Prof Warren told the Herald Sun.
"It's a wakeup call.
"Because it's a reconnaissance attack, they were just collecting information.
"They are also sending the message to the Australian government that this is their capability."
A reconnaissance attack involves a foreign nation hacking into as many systems as possible to gain information and understand the level of vulnerability with IT systems for future hits.
Russia, Iran and North Korea were the only other nations that could have pulled off an attack like this, but Prof Warren said Australia was not one of those nations' targets for this sort of hit.
The increased reliance on technology as people moved to work from home over the past three weeks has made Australia more vulnerable.
"As a society, we have become more dependent on our technology infrastructure," Mr Warren said.
"This sends a message to Australia that issues that are occurring in the physical world are occurring in the cyber."
Prime Minister Scott Morrison said the malicious activity was part of an increase in cyber attacks on the country.
"Australian organisations are currently being targeted by a sophisticated state-based cyber actor," Mr Morrison said.
"This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure.
"We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the tradecraft used."
According to Clive Hamilton, public ethics professor at Charles Sturt University and the author of Silent Invasion, the timing of the attack is "significant" and designed to send a clear message to Australia.
"It could well be that these cyber attacks are part of Beijing's campaign to punish Australia for its insubordination in calling for an inquiry into COVID-19", Hamilton told News Corp Australia.
But Mr Morrison would not say who the government understood to be behind the attack, but said there were only a few nations "with very significant capabilities" that would have been able to pull off an attack at this scale.
"The threshold for public attribution on a technical level is extremely high," Mr Morrison said.
"Australia doesn't engage lightly in public attributions and when and if we choose to do so is always done in the context of what we believe to be in our strategic national interests."
The threat to Australia was "constant" and the attacks were "malicious", he said.
"Those who are engaged in this are not doing this to help us," Mr Morrison said.
"That's certainly not their intention. You could describe it as malicious and that is why our awareness levels need to be raised."
It comes as South Australian Senator Rex Patrick demanded the government reveal which country was behind the attack.
"Prime Minister Scott Morrison's statement this morning confirms that Australia is under direct attack," Senator Patrick said.
"This looks like cyber warfare.
"The government should be upfront and tell the Australian people who the attacker is."
The Australian government is working with the Australian Cyber Security Centre.
Australian agencies have blocked a vast number of these attacks, but not all.
And investigations have so far not revealed any large scale personal data breaches.
Mr Morrison said he spoke with UK Prime Minister Boris Johnson about the threat on Thursday night.
"We work closely with, particularly our allies and partners when it comes to managing issues of cyber security threats," he said.
"That is a constant topic, as you would expect, particularly through Five Eyes partners."
Defence Minister Linda Reynolds said this attack and others like it were serious risks for the country.
"There is no doubt that malicious cyber activity is increasing in frequency, scale, in sophistication and in its impact," Ms Reynolds said.
"This activity harms Australia's national security and also our economic interests.
"It's vital that all Australian organisations are alert to this threat and take steps to protect their own networks."
Ms Reynolds said it was "vital" that all Australian organisations are "alert" to this cyber security threat and take steps to protect their own networks.
"All Australian organisations, who might be concerned about their vulnerability to sophisticated cyber compromise can take these three simple steps to protect themselves," he said.
"Firstly, patch your internet-facing devices promptly, ensuring that any web or
email servers are fully updated with the latest software.
"Secondly, ensure you always use multifactor authentication to secure your internet access, infrastructure and also your CLOUD-based platforms.
"Thirdly, it's important to become an ACSC partner to ensure you get the latest cyber threat advice to protect your organisation online."
Ms Reynolds said the cyber attacks harm Australia's security and "also our economic interests".
"There is no doubt that malicious cyber activity is increasing in frequency, scale, in sophistication and in its impact," she said.
Originally published as China blamed for massive cyber attack on Australia