What do the hackers want from Australia?
China has invisible hacking software that can effortlessly copy any files it wants. And the latest cyber attacks are sending Australia a message.
It sounds like the plot for a Hollywood movie, but last month reports emerged that China had unleashed a new and terrifying cyber hacking tool in Australia.
The invisible hacking software, called Aria-body, had never been detected before by investigators.
What it could do was extraordinary. According to The New York Times, it could be used to remotely take over a computer and copy files before effortlessly covering its tracks.
And the “fingerprints” of the cyber attack suggested it was linked to the Chinese military hackers.
RELATED: ‘Baseless nonsense’: China responds
The fear is that a sophisticated state-based actor using similar technology could bring the nation to grinding halt, tearing down IT systems for hospitals, police, communications and infrastructure and stealing trade secrets.
One known target of Aria was the office of the Western Australia Premier Mark McGowan, according to Israeli cyber security firm Check Point Software Technologies, but it had also been used across the Asia Pacific.
It’s just one example of a new wave of sophisticated cyber attacks, including against the NSW government, that prompted the Prime Minister Scott Morrison’s warning for the nation on Friday that a state-sponsored actor was targeting Australia.
So what is the message China is trying to send? Are they simply sending a message to Australia amid rising trade tensions? Is it payback over Australia’s pursuit over an inquiry into the origins of COVID-19?
What do the hackers really want? Anything and everything according to the Australian Strategic Policy Institute’s executive director Peter Jennings.
“There is almost no piece of data that China isn’t interested in,’’ Mr Jennings told news.com.au.
RELATED: Call that triggered cyber attack alarm
RELATED: The ‘invisible damage’ from malicious online attacks
One target could be COVID-19 vaccines and research designed to help China get one step ahead to prepare factories to produce medicines.
“What the Prime Minister has done today is tell them that we know what they are doing. And he’s hinted we could go much further in laying out information that they would find publicly painful,’’ he said.
While Mr Morrison diplomatically declined to say China was the chief suspect for the “malicious” attacks, he noted that only a few countries had the capability to conduct such an attack.
“I’m here today to advise you that, based on advice provided to me by our cyber experts, Australian organisations are currently being targeted by a sophisticated State-based cyber actor,’’ the Prime Minister said on Friday.
“We are very confident that this is the actions of a state-based actor. We have not gone any further than that. I can’t control what speculation others might engage in on this issue or, frankly, any other. I have simply laid out the facts as we know them and as we have disclosed today.
“As I just said, the threshold for attribution on these issues is high.”
But some questioned why Australia would raise the alarm now, given the attacks had been ongoing for months. Was the PM playing political with national security?
Not so, according to national cyber security analyst Alastair MacGibbon, who is now chief strategy officer at CyberCX.
“The stakes are high. I’ve said for years that the greatest existential threat we face as a society is a cybersecurity one,’’ he said.
“Now I say that in the same year, of course, that we’ve had catastrophic bushfires and now COVID-19 and yet I will still say to you that cybersecurity failure is likely to be the biggest – the biggest threat to our society.
“Everything is connected. Now, if a nation state is in those systems and engaging in espionage and probably also industrial espionage, that is the stealing of our intellectual property that is the actual powerhouse of our economy, then that is a very bad thing.
“And it takes access to then cause harm, and you know, if we have a criminal group or a nation state that sometimes even accidentally causes harm to those systems, it can be quite catastrophic. So this is a threat, and the fact that the Prime Minister came out today, as I say, is a good thing.”
Earlier this year, the Australian Strategic Policy Institute’s cyber security analyst Tom Uren warned there’s a real risk that China is targeting medical research into coronavirus treatments, intellectual property and sensitive trade information.
“In the current environment, when hospitals worldwide are struggling to cope with critically ill Covid-19 patients, any disruption can be a matter of life and death,” he wrote.
“The virus has drastically altered the consequences from risks we were previously prepared to accept. The security of hospitals has always been seen as crucial, but just mere weeks ago we were content to live with the consequences of poor hospital cybersecurity. As Covid-19 exploits weaknesses in the immune system of its human hosts, malicious cyber actors take advantage of the fear associated with the pandemic to exploit weaknesses in our computer systems and networks.”
But China has accused the United States of “hypocrisy” claiming the US is also involved in cyber attacks across the globe.
Foreign Ministry spokesman Geng Shuang said it was China that was “the biggest victim” of such attacks.
“China is a staunch upholder of cyberspace security and we have been the biggest victim of cyber attacks,” he said.
“We have been firmly opposing and combating all forms of cyber attacks. Our position is clear and consistent.”
In March, China accused the US Central Intelligence Agency’s (CIA’s) hacking group APT-C-39 of attacking a wide range of areas of China including aviation, scientific research institutions, internet companies and government agencies.
The Global Times reported on the cyber weapon that was deployed, Vault 7; and said the attacks were carried out over a period of 11 years.
The new cyber attack follows reports that Australia’s cyber intelligence agency, the Defence Signals Directorate, had concluded last year that China’s Minister of State security was responsible for a major attack on Parliament and political parties in the lead up to the 2019 election.
But Australia never released this report publicly, in an attempt to not to inflame rising trade tensions.