iscover
ASIO Director-General Mike Burgess’ Annual Threat Assessment outlines chilling nation-state efforts to “cripple” vital national infrastructure.
The head of Australia’s chief spy agency has used his annual Director-General’s Annual Threat Assessment to outline a raft of threats against the nation’s national security, and cyber espionage is well and truly an active issue.
In a 24 June address, Mike Burgess outlined how the Australian Security Intelligence Organisation (ASIO) had uncovered “nation-state hackers” attempting to gain access to and maintain persistence in the network of an “Australian critical infrastructure provider”.
“ASIO assessed the hackers were preparing for sabotage. They weren’t planting ‘digital dynamite’ as such; they were mapping out the network and maintaining access so they could cripple it at a time of their choosing,” Burgess said.
“Cyber sabotage is an evolving threat, and I have established dedicated teams to counter it. As ASIO’s understanding grows, so does our level of concern.”
While Burgess did not name names, he did say that the malicious activity of “one nation-state in particular” was of serious concern and at a scale that was “difficult to overstate”.
“You and they would be surprised how extensive our warrant coverage is,” Burgess said.
“We struggle to find a single country in our region that has not been compromised by this state’s cyber apparatus.
“Critical infrastructure in the energy and communications sectors, as well as infrastructure supporting the military, are top targets.”
In this specific instance, state-sponsored hackers were able to acquire login credentials for the critical infrastructure providers’ users, including several of the entity’s IT team and network defenders.
“ASIO identified, tracked and attributed the hack, and worked with the victim company and our security partners to remediate the compromise – work which is ongoing,” Burgess said.
John Hultquist, chief analyst at Google Threat Intelligence, said that Burgess’ address was indicative of the unique challenges critical infrastructure operators face.
“The most effective cyber attacks on critical infrastructure take time to prepare, which means adversaries can’t wait until a conflict begins to start laying the groundwork. They have to dig into these networks far in advance, even in times of peace,” Hultquist told Defence Connect’s sister brand, Cyber Daily.
“As a result, critical infrastructure operators are in the unique position of fighting conflicts in advance.”
Want to see more stories from trusted news sources?
Make Defence Connect a preferred news source on Google.
Click here to add Defence Connect as a preferred news source.