Major cyber attack against Australian Government
In an urgent press conference called this morning in Canberra, Mr Morrison said the ongoing, « large-scale » hack was being executed by a “sophisticated, state-based cyber actor”. “This activity is targeting Australian organisations across a range of sectors, including all levels of government,
industry, political organisations, education, health, essential service providers and operators of other critical infrastructure,” Mr Morrison told reporters.
“We know it is a sophisticated, state-based cyber actor because of the scale and nature of the targeting and the tradecraft used. Regrettably, this activity is not new. Frequency has been increasing.”
Mr Morrison said the Australian Cyber Security Centre has been “actively working with targeted organisations to ensure that they have appropriate technical mitigations in place and their defences are appropriately raised”.
Asked which nation was suspected to be behind the attack, Mr Morrison said the “threshold for public attribution on a technical level is extremely high” and that Australia “doesn’t engage lightly in public attributions”.
“When and if we choose to do so is always done in the context of what we believe to be in our strategic national interests,” he said.
“What I can confirm is there are not a large number of state-based actors that can engage in this type of activity and it is clear, based on the advice that we have received, that this has been done by a state-based actor, with very significant capabilities.”
Mr Morrison would not be drawn on whether China was behind the attack. “I can only say what I have said,” he said.
“The Australian Government is not making any public attribution about these matters. We are very confident that this is the actions of a state-based actor. We have not gone any further than that. I can’t control what speculation others might engage in on this issue or, frankly, any other. I have simply laid out the facts as we know them and as we have disclosed today.”
It comes at a time of heightened tensions between Canberra and Beijing over China’s handling of the coronavirus outbreak.
Mr Morrison said the Opposition had been notified last night, as had state and territory premiers and chief ministers.
“A number of them have already been involved working with our agencies on these issues,” he said. “In addition to that there will be further technical briefings conducted with the states and territories today.”
Mr Morrison said the Government was announcing the issue today “not to raise concerns in the public’s mind but to raise awareness in the public’s mind”.
He said so far there had been no “large-scale personal data breaches” as a result of the attacks.
“This is the world that we live in,” he said. “These are the threats that we have to deal with. The fact that these threats present is not a surprise in this world in which we now live and the actions that we are taking are the actions that we need to take and we will continue to be as ever-vigilant as we possibly can.”
Asked if the scale of the attack was “unprecedented”, the Prime Minister said, “I don’t know if I would use that word.”
He reiterated that the attacks were “not new” but the “frequency has been increasing … over many months”. “It hasn’t just started,” he said.
“This is a constant threat to Australia, as it is to many other nations and you would be aware of many other nations having highlighted similar activity in their jurisdictions. This has been a constant issue for Australia to deal with and so I wouldn’t say that there has been any one event or any one instance.”
He said it had been an “issue of ongoing management, defence and cooperation, working with private operators, other governments, all levels of government and other organisations”.
Defence Minister Linda Reynolds said there was “no doubt that malicious cyber activity is increasing in frequency, scale, in sophistication and in its impact”.
“This activity harms Australia’s national security and also our economic interests,” she said. “It’s vital that all Australian organisations are alert to this threat and take steps to protect their own networks.”
She urged all Australian organisations to take three steps to protect themselves. “Firstly, patch your internet-facing devices promptly, ensuring that any web or email servers are fully updated with the latest software,” she said.
“Secondly, ensure you always use multi-factor authentication to secure your internet access, infrastructure and also your cloud-based platforms. Thirdly, it’s important to become an ACSC partner to ensure you get the latest cyber threat advice to protect your organisation online.”
Opposition Leader Anthony Albanese earlier said the government had invited Labor to take part in a security briefing.