Global cyber security company CrowdStrike said the wiper malware AcidRain infiltrated the modems of the Viasat satellite net­work and wiped files clean, or overwrote them with corrupt data.

The unleashing of AcidRain on February 24 last year came less than one hour after Mr Putin announced his “special military operation’’ against Ukraine, and highlighted the growing use of cyber warfare by state actors.

CrowdStrike said the attack was “particularly notable, as it appeared specifically designed to disrupt Viasat satellite communi­cations network segments pro­viding connectivity to Ukraine”.

“While the true impact of this early action against Ukrainian government and military communications remains unclear, it was felt beyond its borders. At least three internet service providers across Europe were also affected by this disruption, resulting in outages for thousands of customers and the disruption of wind turbine network communications in parts of Germany,’’ CrowdStrike noted in its global threat assessment for 2023.

It comes as another report by leading cyber security firm Proofpoint revealed most Australian businesses successfully targeted by ransomware attackers paid up but only slightly more than half got data back after paying the ­ransoms.

Proofpoint’s annual State of the Phish report showed 90 per cent of Australian organisations surveyed had paid ransom – despite concerns that doing so encourages such attacks, and with the federal government considering whether to make paying cyber attackers a crime to stop the country being seen as a soft target.

The two reports come as the government continues to dial up its response to cyber threats, and companies are warned they must step up their cyber protections to prevent espionage and e-crime.

CrowdStrike research showed the Chinese Communist Party was the world’s most prolific spy, with “China-nexus adversaries’’ and those using similar tactics and techniques observed across nearly all of the 39 global industries and 20 geographic areas that CrowdStrike was tracking.

“Unsurprisingly, they overwhelmingly targeted Taiwan-based technology organisations, consistent with the likely economic espionage mission to achieve the CCP’s desire for cross-strait unification,’’ the CrowdStrike report found.

“China-based adversaries are mainly seeking to compromise entities in the aerospace, legal and academic sectors across North America. Weaponised Microsoft Office documents have been used to target The Philippines defence sector, Nepalese telecommunications, and Russian government.’’

The company repeated warnings that the AUKUS nuclear submarine deal was the subject of hacking attempts by China and North Korea. The deal had been “in the crosshairs of Australia’s cyber security adversaries since it was announced,’’ it noted, saying attempted cyber attacks by both countries highlighted how geopolitical tensions were “fuelling the cybersecurity impact China has over the region’’.

“Nation-state adversaries engaged in relentless network operations through 2022, emphasising the integral role these operations play in supporting state goals.’’

CrowdStrike noted that most cyber crime was emanating from Eastern Europe and Russia, but new groups were operating in different regions

Meanwhile Proofpoint reported cyber attackers had continued to hone their craft, with new techniques that overcame security measures such as multi-factor authentication, according to Proofpoint’s executive vice-president of cybersecurity strategy, Ryan Kalember.

More Coverage

Ukrainian drone gets within 80km of Kremlin

Marc Bennetts

China seeks peace in Ukraine crisis

Ruan Zongze

Yellen’s Kyiv mission of support

Marcus Walker, Andrew Duehren

Hard lessons from Ukraine for Australia’s Defence Force

BRENDAN NICHOLSON

Ellen WhinnettAssociate editor

Ellen Whinnett is The Australian's associate editor. She is a dual Walkley Award-winning journalist and best-selling author, with a specific interest in national security, investigations and features. She is a former political editor and foreign correspondent who has reported from more than 35 countries across Europe, Asia and the Middle East.

@ellenwhinnett

Ellen Whinnett

More related stories

Technology

Secrecy makes cyber hacks, worse says online security body

A new non-profit cybersecurity body wants companies hacked by ransomware gangs to share detailed reports on how they respond rather than keep their methods in commercial confidence.

Read more

Technology

‘We need Chinese EVs’ to combat climate change: Uber

The ride-sharing giant is partnering with Chinese electric vehicle maker BYD to make EVs more affordable and says high tariffs and US-style bans are not helpful in combating climate change.

Read more