Australia's cyber intelligence organisation, the Australian Signals Directorate (ASD), has partnered with its equivalent agencies from the Five Eyes intelligence alliance to publicly accuse China of orchestrating cyber attacks on crucial U.S. infrastructure providers. This announcement is a unique occurrence where a nation-state is openly linked to cyber attacks.
The ASD, along with cybersecurity agencies from the U.S, U.K, Canada, and New Zealand, attribute these cyber incursions to a China state-sponsored cyber entity, colloquially known as "Volt Typhoon". Notably, the hackers reportedly employed sophisticated malware strategies that bypassed the need to embed any code into the targeted systems.
In an alert to Australian entities, ASD flagged the complex tactics employed by the malicious group. Microsoft corroborated that Volt Typhoon has been active since mid-2021 and has primarily aimed at critical infrastructure organisations in Guam and the U.S.
The targeted sectors encompass communications, manufacturing, utilities, transportation, construction, maritime, government, IT, and education. The actor's observed behaviour indicates an intent for espionage and to maintain stealthy access for as long as possible.
Cyber Security Minister Clare O'Neil firmly stated that despite warming relations with Beijing, Australia will not hesitate to openly accuse China of these cyber attacks. She emphasised the importance of transparency and informing Australians about these threats to national security.
Simultaneously, the ASD has initiated the first in a series of national cyber security drills, starting with the nation's major banks and the Reserve Bank of Australia. The aviation industry is next in line, with similar drills planned across various key industries over the next year and a half. The purpose of these exercises is to simulate realistic scenarios, ensuring preparedness for potential attacks that could cripple major banks, disrupt water sources, or cause power outages.
Alastair MacGibbon, Chief Strategy Officer at CyberCX, warned that these hacking incidents serve as a harbinger for future attacks on countries like Australia. He stressed that this should act as a wake-up call for owners of critical infrastructure.
In response to these attacks, the Five Eyes alliance has issued a 24-page advisory notice, providing "threat hunting advice" to system operators worldwide. It outlines that these attacks could be duplicated against critical infrastructure operators and various other sectors across the globe.
Foreign Minister Penny Wong has concurrently announced the appointment of a new ambassador for cyber affairs and critical technology, former Home Affairs official Brendan Dowling. Furthermore, Richard Feakes, a career diplomat, has been assigned as Australia's next ambassador for counter-terrorism.
CNC EDITORS INSIGHTS:
The escalating cyber tensions between China and the Five Eyes alliance, which includes Australia, is a critical aspect of the evolving geopolitical landscape. This is an indicator of the continuing power struggle in cyberspace between major world players.
These incidents highlight the importance of strengthening cyber resilience across all sectors. As countries increasingly rely on digitised systems, the potential impact of cyber attacks on national security and economies is growing. Therefore, ongoing collaboration among international cybersecurity agencies is paramount.
The Australian government's transparency and proactive stance in dealing with these threats are commendable. The coordinated drills across key industries not only aim to ensure preparedness but also signal a strong message to potential threat actors. It signifies the country's commitment to defending its digital space and ensuring the security of its national infrastructure.
Lastly, the appointments of ambassadors for cyber affairs and counter-terrorism underline the government's prioritisation of these critical issues. This is a positive step towards bolstering Australia's international engagement and contribution to global cybersecurity and counter-terrorism efforts.
