The Australian Signals Directorate’s (ASD) cyber experts are cracking down on offshore cyber criminals who are using the coronavirus pandemic to target Australian businesses and households through scams and cyber attacks.
Telecommunications firms have also been engaged to block and takedown malicious websites.
Minister for Defence Linda Reynolds said the ASD has mobilised its offensive cyber capabilities to disrupt foreign cyber criminals responsible for a spate of malicious activities during COVID-19.
“Cyber criminals that are using the cover of cyber space and international borders to target Australians are not beyond our reach,” Minister Reynolds said.
“We are hitting back through the Australian Signals Directorate, who have already successfully disrupted activities from foreign criminals by disabling their infrastructure and blocking their access to stolen information.
“Some of these cyber criminals have even posed as health officials in an attempt to exploit vulnerable Australians, by infecting their computers with malware and stealing their private information.”
ASD Director-General Rachel Noble PSM said cyber criminals are expected to continue targeting Australians through their COVID-19 themed malicious activities.
“Our offensive cyber campaign has only just begun and we will continue to strike back at these cyber criminals operating offshore as they attempt to steal money and data from Australians,” Noble said.
The ASD’s Australian Cyber Security Centre (ACSC) is taking further action to mitigate and disrupt COVID-19 related cyber scams, working closely with Australia’s telecommunications providers to block access to websites identified as malicious.
The ACSC is also working with web browser companies Google and Microsoft to have the websites flagged as malicious, to ensure web users are warned about these sites before they are able to visit them.
“Close co-operation with telecommunications and IT companies is vital in providing increased protective barriers for Australians from these heartless cyber criminals,” Noble said.
The ASD has also issued an urgent warning to businesses over the use of insecure video conferencing apps as the use of free or cheap products explodes due to millions of Australians working from home.
The diligently product-agnostic advisory comes as desperate corporate staff separated from their work networks or struggling with skinny VPNs pile onto Zoom, with new Optus chief executive Kelly Bayer Rosmarin citing a thousandfold increase in usage of the app on Optus’ network alone.
A primary concern of the ACSC, which is now officially part of ASD, is whether video conference traffic is headed offshore where it could be intercepted and harvested by foreign spy services and hostile actors.
“The use of offshore web conferencing solutions introduces additional business and security risks. For example, laws in other countries may change without notice and foreign-owned service providers that operate in Australia may still be subject to the laws of a foreign country,” ASD said.