Australia faces enhanced cyber risk from pro-Iran, pro-Russia actors
CyberCX executive director Katherine Mansted says small to medium enterprises are most at risk from ‘hackitivists’.
Australia and New Zealand face a heightened cyberattack risk from pro-Russian and pro-Iran actors in light of recent geopolitical tensions and government decisions, cybersecurity firm CyberCX has warned.
Raising the firm’s assessed threat level from “low” to “moderate”, CyberCX executive director Katherine Mansted said small to medium enterprises were most at risk.
She provided examples from the past year of websites being defaced by “hackitivists”, targeting a taxi service, an online retailer and an Australian school uniform manufacturer.
This represented a “new kind of threat”, she said, with an “expanded targeting set”, and government decisions now had to factor in these kinds of potential repercussions for small to medium businesses that otherwise had nothing to do with geopolitics. “This does not mean the government shouldn’t make decisions in the best interest of Australians in our diplomatic interests,” she said.
“What it does point out is the responsibility government has to prepare small to medium businesses to operate in an increasingly adversarial cyber domain where government decisions have cyber reverberations for small to medium enterprises.”
The firm cited “discussions within pro-Russia Telegram channels” about Australia’s recent decision to deploy a military Wedgetail aircraft to Poland in support of Ukraine, and deemed this and another aid decision by New Zealand had “temporarily increased the threat” to Australian and New Zealand organisations from pro-Russia actors.
The most likely form of attack would be distributed denial of service attacks – or DDOS – where malicious actors flood a web host with requests to make it inaccessible to other users.
Such pro-Russia attacks have mostly targeted sectors including government, defence, transport, and logistics, the firm said.
It cited previous Australian experience with Russian DDOS attacks. “In late 2024, pro-Russia ideologically motivated actors launched an unprecedentedly large DDOS attack campaign against Australia, focusing on government and transport sector organisations,” the report said. “We assess with moderate confidence that the primary driver behind increased targeting was Australia’s announcement of military aid for Ukraine during a period when no other countries had recently announced new aid.”
CyberCX said Australia’s support of US strikes against Iran’s nuclear sites had also led to elevated cyberattack threats from pro-Iran or anti-Israel actors.
“The most likely attack type for pro-Iran/anti-Israel actors is website defacement, followed by DDOS, followed by hack and leak,” the report read.
“The most likely targets are small to medium enterprises with poorly secured or misconfigured websites.”
CyberCX said it had seen 50 pro-Iran/anti-Israel actors claim 268 attacks against Australian or New Zealand organisations, mostly targeting small to medium businesses.
DDOS and website defacement attacks could cause reputational harm for the organisation and take resources to solve, CyberCX said.
“What we’re talking about is publicity-motivated, ideological cyber hackers, and they want oxygen, they want airtime, and that’s why they target Australian organisations,” Ms Mansted said.
More Coverage
Add your comment to this story
CEO caught on Coldplay kisscam resigns over scandal
Announcing its move in response to the viral incident that has intrigued millions, AI company Astronomer said it would share more details in coming days.
AI talent war rages amid exploding offers, secret deals, tears
Cutthroat recruitment efforts to land the smartest minds in Silicon Valley have hit a feverish new peak in recent days.
To join the conversation, please log in. Don't have an account? Register
Join the conversation, you are commenting as Logout