Australia Points The Finger At Russia For Cyberattacks

Uploaded on 2018-05-10 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE--International, INTELLIGENCE-Hot Spots-Russia, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

Australian intelligence agencies have identified Russia as the actor behind a series of cyberattacks on Australia, the US and the UK in 2017, the government has revealed. There is now a push to expand the powers of the country's cyber spy agency to collect intelligence on Australians is being backed by Home Affairs Minister Peter Dutton.

The controversial idea to restructure the Australian Signals Directorate (ASD) is strongly opposed by some in Cabinet who argue it is not necessary.

Recently thousands of unsecure Australian routers were accessed and Defence Minister Marise Payne (pictured) confirmed there were “potentially 400” Australian companies affected.

Despite the breach, the government said there was “no indication Australian information has been successfully compromised”.
The government's cyber-security office has contacted all the businesses on the list to alert them to the risk. 
In Australia, the hack only affected private companies. Treasurer Scott Morrison told SBS News “no Australian departments or agencies” were impacted.

Advice circulated by US and UK authorities warned Cisco routers, a common commercial brand, were affected.
Fergus Hanson, head of cyber security at the Australian Strategic Policy Institute, said the Russian government may have been trying to establish control over networks for use in later attacks.

“Essentially you've got Russia exploiting vulnerabilities in Cisco routers to potentially conduct a whole range of activities, from espionage to pre-positioning for attacks on critical infrastructure,” Mr Hanson said.

Cyber-attacks can, for example, cause widespread chaos by shutting down energy grids. Mr Hanson said the affected routers were old models that had not been patched with the latest software.

“They're legacy pieces of equipment that are being phased out but they've got vulnerabilities as a result of the fact that they, for example, have not been patched."

Cyber Security Minister Angus Taylor, who is in the US for a cyber conference, told SBS News the government was "now seeking to hold bad behaviour to account". He said it was now possible to identify the culprits behind many attacks, including state actors like Russia. Asked whether the government would publically name Russia and other actors more often in the future, Mr Taylor said "I think we will." 

Analysts have speculated Russia may use cyber-attacks to retaliate over recent Western airstrikes on Moscow's ally Syria. Russia said there would be consequences for the strike but did not offer any more detail.

While this hack occurred in 2017, Mr Hanson suggested there could be a connection, suggesting Australia and its allies may have believed the Russians were about to utilise the exploits they set up last year.

“What may be the case is they've had a particular piece of intelligence that might suggest, for example, the Russians are going to use a cyber means to respond to those attacks on Syria, they've threatened retaliation and they may be pre-empting,” Mr Hanson said.

He also suggested the three countries may have sat quietly on the intelligence because they were “using the knowledge” to understand Russia’s methods.Russia has not responded to the accusations, but regularly denies any role in state-sponsored hacking.

SBS:           ABC

You Might Also Read:

Russian Hackers Steal $10M From Banks:

Australia’s Sharp Turn To Information Warfare:

 

« GDPR: It’s A Marathon, Not A Sprint
Hacker Reveals What He’s Learned »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Australian Cyber Security Centre (ACSC)

Australian Cyber Security Centre (ACSC)

The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together into a single location.

Redbelt Security

Redbelt Security

Redbelt is a cyber security consultancy. We integrate people, systems, services and products to transform how your information security is delivered.

Adarma Security

Adarma Security

Adarma are specialists in threat management including SOC design, build & operation.

Meditology

Meditology

Meditology Services is a top-ranked provider of information risk management, cybersecurity, privacy, and regulatory compliance consulting services exclusively for healthcare organizations.

IntelliDyne

IntelliDyne

IntelliDyne is a leading information technology consulting firm enabling better mission performance through innovative technology solutions.

Campus cyber

Campus cyber

A project initiated by the President of the Republic, the Cyber Campus is the totem site of cybersecurity that brings together the main national and international players in the field.

OSC Edge

OSC Edge

OSC was founded with the vision of providing expert solutions in IT to government and businesses. OSC Edge empowers organizations with solutions that prepare them for today and tomorrow.

Triangle

Triangle

Triangle enable innovative business transformation by ensuring critical hybrid infrastructures are optimised, interoperable and secure.

Guardsman Cyber Intelligence (GCI)

Guardsman Cyber Intelligence (GCI)

GCI provides proven cyber intelligence solutions to protect your business against ever present physical and digital threats shadowing your online business.

Total Secure Technology

Total Secure Technology

Total Secure Technology provides trusted Managed IT Security and Managed IT Services for organizations looking to increase their cybersecurity defensive posture.

SektorCERT

SektorCERT

SektorCERT is the cybersecurity center for the critical infrastructure sectors in Denmark. We help detect and handle when critical infrastructure is exposed to cyber attacks.

Hack-X Security

Hack-X Security

Hack-X Security provide IT risk assessment and Digital Security Services. We are a trusted standard for businesses that must protect their data from cyber-attacks.

Intelidata Techedge Pvt. Ltd.

Intelidata Techedge Pvt. Ltd.

Intelidata are a Global Cyber Security Consultancy and Services firm that helps companies drive growth by minimizing risk and maximizing potential.

Coalition for Secure AI (CoSAI)

Coalition for Secure AI (CoSAI)

CoSAI is an open ecosystem of AI and security experts from industry leading organizations dedicated to sharing best practices for secure AI deployment and collaborating on AI security research.

Continent 8 Technologies

Continent 8 Technologies

Continent 8 Technologies is the leading provider of managed hosting, connectivity, cloud and cybersecurity solutions to the global online gambling industry.

Anthropic

Anthropic

Anthropic is a Public Benefit Corporation, whose purpose is the responsible development and maintenance of advanced AI for the long-term benefit of humanity.