The Australian Signals Directorate, acting on information provided by the Australian Criminal Intelligence Commission, has waged a multi-agency campaign against malicious foreign cyber actors.

The ASD-led operation – launched amid a surge of cyber attacks from state-based actors and cyber criminal groups targeting governments, critical infrastructure operators, companies and individuals – was sparked after the cyber security agency “identified the business model adopted by the sophisticated criminal syndicates”.

Australian Federal Police officers supported the strike against offshore cyber criminals in tandem with international security counterparts.

Defence Minister Linda Reynolds said the major cyber operation had “protected hundreds of Australians and thousands more foreigners from organised and sophisticated foreign cyber criminals”.

“These cybercriminals have been targeting Australians through COVID-19 themed SMS phishing campaigns that are designed to trick Australians into downloading advanced criminal malware onto their mobile phones,” Senator Reynolds said.

“ASD is using its offensive cyber capabilities to attack the cybercriminals’ tools – disrupting their operations and interrupting their ability to exploit Australians.”

Senator Reynolds, who will launch a series of cyber security campaigns on Wednesday raising awareness about ransomware and online shopping risks, said the ASD had “successfully disrupted the business model of key foreign cybercrime syndicates targeting Australians and exposing potential victims to significant financial losses.”

Home Affairs Minister Peter Dutton said the threat of foreign actors has been “amplified through malware developers selling or renting out their products through the dark web” and making high-end hacking tools more accessible to unsophisticated criminal groups.

“We can’t sit by while a marketplace exists for sophisticated cybercrime tools to be used against Australians,” Mr Dutton said.

In an interview with The Australian last month, former National Security Agency director Mike Rogers warned the rise in cyber and ransomware attacks was “going in the wrong direction”.

Admiral Rogers, who led US Cyber Command and the Central Security Service, said some nation states had begun outsourcing criminal activity to “cyber mercenaries” and private companies to penetrate, manipulate, shutdown, degrade and surveil systems.

“It’s getting tougher and it’s broadening. If you look at ransomware, there is little correlation to size and little correlation to sector. You’re seeing ransomware explode across the spectrum of businesses as well as public sector governments,” Admiral Rogers said.

Off the back of Scott Morrison’s ten-year $1.67bn Cyber Security Strategy, the federal government is preparing a raft of cyber security legislation aimed at shoring up the defences of Australian companies and critical infrastructure.

The government will put legislation into the parliament over the next week aimed at broadening the definition of critical infrastructure outside the electricity, gas, water and maritime sectors.

The proposed laws will also provide step-in powers allowing national security agencies to support industries in disrupting and repelling cyber attacks.

The Australian last week revealed a regional Queensland water provider and national food wholesaler had been targets of cyber attacks during the pandemic.

Hospitals, aged care homes and healthcare providers have also been targeted by foreign-based cyber actors in the past 18-months, with security agencies expressing concern over vulnerabilities across Australia’s healthcare networks.

Regis Aged Care – one of the nation’s biggest nursing home operators – in August confirmed it had been targeted in a cyber attack by an “overseas third party”. The cyber attack copied data from the company’s IT system and publicly released personal data.

The Australian Cyber Security Centre, which falls under ASD, currently lists the cyber threat to hospitals and aged care operators as “critical”.

More related stories

Business

White hints at his WiseTech cultural makeover recruiting old faces

WiseTech exec chair Richard White described to a Sydney investment conference how he was bringing back a crew of loyalists to the software company where his grip on power grows.

Read more

Technology

ChatGPT has the answers, leaving Google searching for its own

AI is fast changing the way people find information online, including how they use search giant Google, and in turn, how Google makes money from advertisers, sparking a ‘seismic shift’.

Read more