Australia says hacks surging, state-sponsored groups targeting critical
infrastructure
Send a link to a friend
 [November 15, 2023]
By Renju Jose and Byron Kaye
SYDNEY (Reuters) -State-sponsored cyber groups and hackers have
increased assaults on Australia's critical infrastructure, businesses
and homes, a government report said, adding that its new defence
agreement with Britain and the U.S. had likely made it more of a target.
Reports of cybercrime surged 23% to more than 94,000 in the financial
year to June, the Australian Cyber Security Centre said in its annual
threat report on Wednesday.
It estimated there was a hack on Australian assets every six minutes.
"The cyber threat continues to grow," Defence Minister Richard Marles
told ABC Radio. "We're also seeing a greater interest from state actors
in Australia's critical infrastructure."
The report said that was party due to the new AUKUS defence partnership
"with its focus on nuclear submarines and other advanced military
capabilities".
In May, the Five Eyes intelligence alliance and Microsoft said a
state-sponsored Chinese hacking group was spying on U.S. critical
infrastructure organisations. The U.S., Canada, New Zealand, Australia
and the UK make up the Five Eyes intelligence sharing network.
Techniques used by the China hacking group could be used against
Australia's critical infrastructure including telecommunications, energy
and transportation, the report said.
Marles said Australia's relationship with China, its largest trading
partner, was "complex" and the government had never pretended the
relationship would be easy. Diplomatic and trade ties between the two
countries have stabilised recently after several disputes since 2020.
"We value, clearly, a productive relationship with China ... but China
has been a source of security anxiety for our country and we prepare for
that as well," Marles said.
The spike in cyber intrusions prompted the government in February to set
up an agency to help coordinate responses to hacks. It is also
overhauling federal cyber laws - details of which are due to be released
next week - and the government has said it will make it compulsory for
companies to report ransomware incidents.
[to top of second column]
|
A 3D printed model of men working on computers are seen in front of
displayed binary code and words "Hacker" in this illustration taken,
July 5, 2021. REUTERS/Dado Ruvic/Illustration/File Photo
The average cost of a cybercrime to its victim rose 14%, the report
said.
"This sort of evidence gives the government the requirement to have
a much closer relationship between industry and government," said
Matthew Warren, director of the RMIT University Centre for Cyber
Security Research and Innovation.
"Some of the statistics are quite frightening."
The Australian Securities and Investments Commission also said this
week that a survey of 700 companies had found 44% did not manage
risks associated with third parties like supply chain partners
accessing confidential data. It also found that 58% had limited or
no measure to protect confidential data and 33% had no cyber
incident response plan.
Cyber attacks against Australia will continue to rise until
organisations started putting more effort into security and the risk
management of their information assets, said Nigel Phair,
cybersecurity professor at Monash University.
This month, a cyber incident at DP World Australia, one of the
country's largest ports operators, forced it to suspend operations
for three days.
The shakeup of the country's cyber security rules was triggered by
the 2022 data theft at telecoms provider Optus, which exposed
personal information of 10 million Australians.
(Reporting by Renju Jose and Byron Kaye in Sydney; Editing by
Lincoln Feast and Edwina Gibbs)
[© 2023 Thomson Reuters. All rights
reserved.]This material
may not be published, broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
 |
