Allies warned Beijing-backed cyber hackers using home computers to access power grids
AUKUS partners have been warned about a sinister shift in Beijing-sponsored cyber actors now targeting civilians.
Security
Don't miss out on the headlines from Security. Followed categories will be added to My News.
Australian intelligence has been warned Beijing state-sponsored hackers might look to “preposition” malware in ordinary home Wi-Fi routers as a backdoor to attack power and water grids.
Attempting cyber assaults directly on critical infrastructure or government and military agencies is not new and China-based hackers have persistently tried this here in recent times.
But American intelligence has told AUKUS partners of a sinister shift in Beijing-sponsored cyber actors now targeting civilians with outdated home internet routers as springboards to hack into critical national infrastructure including electricity and water, transport, aviation, hospital and communications.
The sleeper hack could sit undetected for years before being unleashed.
The warning came as the FBI in the US said it found malware planted by the Beijing-backed hacking group Volt Typhoon in outdated mostly NetGear and Cisco home and small office routers of hundreds of unsuspecting Americans.
It used the vulnerable domestic civilian routers to disguise its offshore origins thereby making it easier to then reach inside utilities.
The malware was not aimed at stealing an individual’s savings or identity or being used for espionage but rather to set up to infiltrate critical national infrastructure for an attack and create mass disruption.
Civilian home routers or those in small business were much more less likely to have had security patch upgrades than larger industry networks, public agencies or suppliers.
While Volt Typhoon has not specifically been found here yet, Australia’s former national security adviser and head of the Australian Cyber Security Centre (Australian Signals Directorate) Alastair MacGibbon said you wouldn’t know.
“Is China state inside Australia today? 100 per cent. That is not too long a bow to draw,” Mr MacGibbon said.
“Is it Volt Typhoon? Not that anyone is publicly saying but it could be absolutely because no-one has full visibility of what’s going on. By its nature when you look at the commentary coming out of the US out of date routers in homes and small business to use as jumping points.
“Are there out of date routers in Australia that the government can’t see? Yes of course and possibly could be controlled by a foreign nation. This is the nature of what we are trying to defend against, this is complex ageing technology that was never designed to be as connected as it is and we run our whole society on it.”
Mr MacGibbon, chief strategy officer at leading cyber security group CyberCX, said it’s sad but rational to expect a foreign adversary to look to preposition malware to ultimately attack a nation’s infrastructure.
More Coverage
Originally published as Allies warned Beijing-backed cyber hackers using home computers to access power grids
Age limits first step in big tech battle
The Albanese government says it’s holding ‘big tech to account’ and age limits for kids on social media are the first step.
Aussies’ private information sold for profit
Australians’ private information is being shared hundreds of times a day with online advertisers who resell and distribute it to unknown parties, putting people at risk of targeted scams.