Australian intelligence officials have revealed how China-backed cyberattacks worked and exploited the weaknesses of state agencies. Insights follow the groundbreaking announcement of a joint international statement condemning Beijing’s cyber activities.
Australian Signal Director Rachel Noble said Beijing exploited a weakness in the country’s cyber defense, the “defective lock,” making 70,000 Australian entities vulnerable to attack.
“When the Chinese government noticed these flawed locks on the doors, they went in and opened and supported all those doors,” she told the Joint Committee of the Information Security Council on July 29. ..
“Then, criminals of all kinds and other state officials had the opportunity to pour behind open doors that were supported and enter your home or building,” she added.
Mike Petzullo, head of the Interior Ministry, said the government now needs to consider playing a more important role for state officials in areas that were being exploited by criminals.
Pezzullo said modern cyberattacks involve tools that “need to be adapted or deployed with at least the implicit permission of certain state stakeholders.”
The Commission is considering new legislation that specifies critical infrastructure and provides new authority to protect them from cyberattacks.
Earlier this month, Australia joined major democratic allies the United States, United Kingdom, Canada, New Zealand, Japan, the European Union and NATO and accused Beijing of being involved in Microsoft Exchange hacking earlier this year.
In addition, the statement also accused Beijing’s Department of Homeland Security for hiring a third-party hacker to carry out these activities.
“These actions have opened the door to a variety of other attackers, including cybercriminals, undermining international stability and security. Cybercriminals exploit this vulnerability in fraudulent interests. We continue to abuse it for this reason, “said an Australian statement.
Prime Minister Scott Morrison has previously shown that the federal government is involved in the public attribution of state officials only if the “horizontal bar” of evidence is provided.
In recent years, cyberattacks targeting major institutions and businesses have become commonplace, targeting some of Australia’s largest companies.
In one of the recent attacks in May, Australia’s largest beef and mutton producer, JBS, was targeted by ransomware hackers, effectively forcing them to suspend sales and lot feeding operations.
The attack also closed meat processing plants in Queensland, Victoria, New South Wales and Tasmania, and stranded thousands of workers.
The FBI attributed this attack to the Russian-linked hacking group REvil, also known as Sodinokibi.
Joseph Siracusa, an adjunct professor of international diplomatic history at Curtin University, said one of the main problems with cyberattacks is to publicly attribute sources.
“What we don’t yet understand is how to defend against it,” he told the Epoch Times. “As you know, you can turn off the lights in downtown Moscow right now, or turn off the electric toilets in Beijing, but you can do the same.”
“Will US President Joe Biden hold Russian President Vladimir Putin responsible for these cyberattacks? And the answer cannot prove that Putin has tampered with, so he can’t,” he added. ..
“Are you accountable to the government for civil criminal activity? And the answer is: you want to,” he said. “But in the real world, you can’t.”