Australia Points The Finger At Russia For Cyberattacks

Uploaded on 2018-05-10 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE--International, INTELLIGENCE-Hot Spots-Russia, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

Australian intelligence agencies have identified Russia as the actor behind a series of cyberattacks on Australia, the US and the UK in 2017, the government has revealed. There is now a push to expand the powers of the country's cyber spy agency to collect intelligence on Australians is being backed by Home Affairs Minister Peter Dutton.

The controversial idea to restructure the Australian Signals Directorate (ASD) is strongly opposed by some in Cabinet who argue it is not necessary.

Recently thousands of unsecure Australian routers were accessed and Defence Minister Marise Payne (pictured) confirmed there were “potentially 400” Australian companies affected.

Despite the breach, the government said there was “no indication Australian information has been successfully compromised”.
The government's cyber-security office has contacted all the businesses on the list to alert them to the risk. 
In Australia, the hack only affected private companies. Treasurer Scott Morrison told SBS News “no Australian departments or agencies” were impacted.

Advice circulated by US and UK authorities warned Cisco routers, a common commercial brand, were affected.
Fergus Hanson, head of cyber security at the Australian Strategic Policy Institute, said the Russian government may have been trying to establish control over networks for use in later attacks.

“Essentially you've got Russia exploiting vulnerabilities in Cisco routers to potentially conduct a whole range of activities, from espionage to pre-positioning for attacks on critical infrastructure,” Mr Hanson said.

Cyber-attacks can, for example, cause widespread chaos by shutting down energy grids. Mr Hanson said the affected routers were old models that had not been patched with the latest software.

“They're legacy pieces of equipment that are being phased out but they've got vulnerabilities as a result of the fact that they, for example, have not been patched."

Cyber Security Minister Angus Taylor, who is in the US for a cyber conference, told SBS News the government was "now seeking to hold bad behaviour to account". He said it was now possible to identify the culprits behind many attacks, including state actors like Russia. Asked whether the government would publically name Russia and other actors more often in the future, Mr Taylor said "I think we will." 

Analysts have speculated Russia may use cyber-attacks to retaliate over recent Western airstrikes on Moscow's ally Syria. Russia said there would be consequences for the strike but did not offer any more detail.

While this hack occurred in 2017, Mr Hanson suggested there could be a connection, suggesting Australia and its allies may have believed the Russians were about to utilise the exploits they set up last year.

“What may be the case is they've had a particular piece of intelligence that might suggest, for example, the Russians are going to use a cyber means to respond to those attacks on Syria, they've threatened retaliation and they may be pre-empting,” Mr Hanson said.

He also suggested the three countries may have sat quietly on the intelligence because they were “using the knowledge” to understand Russia’s methods.Russia has not responded to the accusations, but regularly denies any role in state-sponsored hacking.

SBS:           ABC

You Might Also Read:

Russian Hackers Steal $10M From Banks:

Australia’s Sharp Turn To Information Warfare:

 

« GDPR: It’s A Marathon, Not A Sprint
Hacker Reveals What He’s Learned »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cyber Akademie (CAk)

Cyber Akademie (CAk)

Cyber Akademie is a training and education center providing high-quality training and information events on information security and data protection.

Seceon

Seceon

Seceon OTM, is a cyber security advanced threat management platform that visualizes, detects, and eliminates threats in real time.

Mitchell Sandham

Mitchell Sandham

Mitchell Sandham is an, independent insurance and financial services brokerage. Business products include Cyber/Privacy Liability insurance.

Malomatia

Malomatia

Malomatia is a leading provider of technology services and solutions in Qatar including information security.

OGiTiX

OGiTiX

OGiTiX Software AG is a German software manufacturer specializing in Identity and Access Management.

Lynx

Lynx

Lynx provides high added value services in the area of information systems security and ICT infrastructure building.

BELAC

BELAC

BELAC is the national accreditation body for Belgium.

Cyber Talents

Cyber Talents

CyberTalents is on a mission to close the gap of cyber security professionals shortage across the globe.

Ampere Industrial Security

Ampere Industrial Security

Ampere is an industrial security firm. We specialize in industrial control systems (ICS) and operational technology (OT) security.

Venari Security

Venari Security

Venari is an award-winning cybersecurity SaaS provider that has developed an ETA (Encrypted Traffic Analysis) platform which fundamentally changes the way encrypted traffic is analysed.

Stacklet

Stacklet

Stacklet provides cloud governance as code platform that accelerates how Global 2000 manages its security, asset visibility, operations, and cost optimization policies in the cloud.

SeeMetrics

SeeMetrics

SeeMetrics is an automated cybersecurity performance management platform that integrates security data and business objectives into a simple interface.

Suffescom Solutions

Suffescom Solutions

Suffescom Solutions is a leading blockchain development company, assisting businesses in harnessing the true potential of blockchain technology.

Dutch Research Council (NWO)

Dutch Research Council (NWO)

The Dutch Research Council (NWO) is one of the most important science-funding bodies in the Netherlands and ensures quality and innovation in science.

Sentryc

Sentryc

Sentryc provides automated monitoring of brands on online marketplaces and social media making online brand protection processes faster, more clearly structured and more efficient.

NextGen Cyber Talent

NextGen Cyber Talent

NextGen Cyber Talent is a non-profit providing a platform to increase diversity and inclusion in the cybersecurity industry.