The head of Australia’s chief spy agency has used his annual Director-General’s Annual Threat Assessment to outline a raft of threats against the nation’s national security, and cyber espionage is well and truly an active issue.
In a June 24 address, Mike Burgess outlined how ASIO had uncovered “nation state hackers” attempting to gain access to and maintain persistence in the network of an “Australian critical infrastructure provider”.
“ASIO assessed the hackers were preparing for sabotage. They weren’t planting ‘digital dynamite’ as such; they were mapping out the network and maintaining access so they could cripple it at a time of their choosing,” Burgess said.
“Cyber sabotage is an evolving threat, and I have established dedicated teams to counter it. As ASIO’s understanding grows, so does our level of concern.”
While Burgess did not name names, he did say that the malicious activity of “one nation state in particular” was of serious concern, and at a scale that was “difficult to overstate”.
“You and they would be surprised how extensive our warrant coverage is,” Burgess said.
“We struggle to find a single country in our region that has not been compromised by this state’s cyber apparatus.
“Critical infrastructure in the energy and communications sectors, as well as infrastructure supporting the military, are top targets.”
In this specific instance, state-sponsored hackers were able to acquire login credentials for the critical infrastructure providers’ users, including several of the entity’s IT team and network defenders.
“ASIO identified, tracked, and attributed the hack, and worked with the victim company and our security partners to remediate the compromise – work which is ongoing.”
John Hultquist, Chief Analyst at Google Threat Intelligence, said that Burgess’ address was indicative of the unique challenges critical infrastructure operators face.
"The most effective cyberattacks on critical infrastructure take time to prepare, which means adversaries can’t wait until a conflict begins to start laying the groundwork. They have to dig into these networks far in advance, even in times of peace,” Hultquist told Cyber Daily.
“As a result, critical infrastructure operators are in the unique position of fighting conflicts in advance”.
You can read more about Director General Burgess’ address at Defence Connect.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.