‘Everything, Everywhere, All at Once’: Australia enters new age of high-harm cyber sabotage, says ASIO boss

“As one of my analysts put it, with an uncharacteristic nod to popular culture, ‘everything, everywhere, all at once’.

“A range of countries, some we consider friendly, have a relentless hunger for strategic advantage and an insatiable appetite for inside information. Most commonly, it is manifest in the theft of privileged information, information about government decision making, defence capabilities and intellectual property, or cutting-edge research, particularly if it has both military and civilian applications.

“Increasingly, though, foreign intelligence services are broadening their collection requirements. They are aggressively targeting the private sector projects and negotiations and investments that might give that foreign government and a foreign company a commercial advantage. And like criminals, they have been aggressively targeting customer data.”

In addition, Burgess outlined several unnamed espionage attacks, including a nation-state hacking attack seeking commercial advantage against a major Australian exporter, intelligence services seeking to buy access to sensitive personal data sets and land near sensitive military sites, as well as a visiting academic breaking into a restricted technology lab to film its contents.

“Australia has never faced so many threats at scale, at once … (Authoritarian regimes are) behaving more aggressively, more recklessly and more dangerously. More willing to engage in what we will call high-harm activities,” Burgess said.

“We expect sabotage, particularly cyber-enabled sabotage, to pose an increasing threat in the next five years, both in terms of adversary capability and adversary intent.

VIEW ALL

“Advances in technology, including artificial intelligence, and a proliferation of capabilities for sale or hire online make it easy for regimes to have the tools and the weapons they need to conduct sabotage. At the same time, our critical infrastructure networks are increasingly interconnected and interdependent, which expands the vulnerabilities and the potential access points.

“But more concerning from my point of view is the evolution in their (regimes’) intent. I’ve previously said we’re getting closer to the threshold for high-impact sabotage. Well, I regret to inform you, we’re there now.

“Nation-states have been building capability for decades ... With global tensions rising, some are more likely now to pull the trigger on higher harm activities. Authoritarian regimes are growing more willing to disrupt or destroy critical infrastructure to impede decision making, damage the economy, undermine war-fighting capabilities and sow social discord.

“They see sabotage as a tool of coercion, disruption, and distraction and retaliation to test national resolve, readiness and response.”

The ASIO boss further outlined cyber-enabled sabotage as an acute concern for Australia.

“Cyber is the most immediate vector for sabotage. It’s an attractive option for foreign regimes because it’s low cost but high impact, as well as being deniable and scalable,” he said.

“ASIO is aware of one nation-state ... conducting multiple attempts to scan and penetrate critical infrastructure in Australia and other Five Eyes countries, targeting water, transport, telecommunications and energy networks.

“This reconnaissance is highly sophisticated, using top-notch tradecraft to find your networks, test with vulnerabilities, knock on the digital doors and check the digital locks.

“And when they have penetrated your networks, they actively and aggressively map your systems and seek to maintain the system undetected access that enables them to conduct sabotage at a time and moment of their choosing.

“You may have heard about the oddly named Salt Typhoon and Volt Typhoon hacking groups … These hacking groups work for Chinese government intelligence and military agencies.

“Both groups were involved in the theft of sensitive information. But the real danger is the threat of sabotage, disruption to critical infrastructure … And yes, we have seen Chinese hackers probing our critical infrastructure here.

“The loss of availability in any part of our critical infrastructure can be devastating. Devastating for the company, devastating for the consumers, and devastating for our nation.

“Imagine the implications if a nation-state took down all of our networks, or turned off the power during a heatwave, or polluted our water supply, or crippled our financial system. I assure you these are not hypotheticals. Foreign governments have elite teams investigating these possibilities today.

“And there are multiple scenarios where nation-states’ intent could shift from stealing and meddling to disruption and damage, to cripple an Australian company as a trade competitor, to cause disruption or panic during a critical decision in Australia, like during an election or a major contract or trade negotiation. Or to deter or even prevent Australia from being able to defend its national interest in peacekeeping or conflict scenarios overseas.”