Business on frontline in cyberspace ‘war’
Businesses face having their entire systems crippled by cyber criminals, Assistant Defence Minister Andrew Hastie warns.
Assistant Defence Minister Andrew Hastie says businesses face having their entire systems crippled by cyber criminals and has called for a shift in thinking to protect the nation’s digital sovereignty, as the Australian and US governments push back against state-sponsored hackers. The step-up will be supported by a new international cyber and critical technology engagement strategy, which puts Australia at the forefront of efforts by Western nations to resist attempts by countries, including China, to undermine democracies.
Amid a wave of cyber attacks targeting Australian companies, critical infrastructure operators and governments, Mr Hastie told The Australian that “increasingly we’re going to see war, or coercive activities, carried out in cyberspace”.
The government’s cyber security industry advisory committee, chaired by Telstra chief executive Andy Penn, met on Tuesday to discuss the ongoing cyber-crime threat to businesses.
The Biden administration last week warned of new Microsoft Exchange server vulnerabilities, linked to China, and imposed sanctions against Russia over the devastating SolarWinds cyber attack, which compromised US government agencies and companies. Mr Hastie, who is urging Australian businesses and individuals to patch their Microsoft Exchange systems after initial security updates were ineffective, said he strongly backed the increased international focus on cyber attacks.
“This is a critical recognition that cyber is the new battlefield and we must continue to co-operate to counter threat actors,” he said. “We’ve always talked about sovereignty in territorial terms, but we need to start thinking and talking about what it means for Australia to retain and protect its digital sovereignty.
“Cyber is low cost, it’s hard to attribute when someone conducts a cyber attack, and you can do it anytime, anywhere.”
Foreign Minister Marise Payne on Wednesday said the international cyber and critical technology strategy would support responsible conduct in cyberspace in the Indo-Pacific region and protect the nation against technologies that can “significantly enhance or pose risks to Australia’s national interests”.
The critical technologies include artificial intelligence, 5G, the Internet of Things, quantum computing and synthetic biology.
Under the strategy, the Morrison government will inject $37.5m into strengthening the cyber capabilities of South Pacific and Southeast Asian countries and co-sponsor a proposal to establish a UN program for responsible state behaviour online.
“We can’t have individual states trying to dominate international standard-setting bodies in pursuit of their own economic and ideological interests,” Senator Payne said.
The US Office of the Director of National Intelligence this month warned of the growing cyber risks posed by China, Russia, Iran and North Korea. It said China presented a “prolific and effective cyber-espionage threat”, possessing substantial cyber-attack capabilities and a growing influence threat.
The threat assessment warned China “can launch cyber attacks that, at a minimum, can cause localised, temporary disruptions to critical infrastructure within the US”.
It also said cyber threats “from nation states and their surrogates will remain acute”, with hostile countries using cyber operations to “steal information, influence populations, and damage industry, including physical and digital critical infrastructure”.
Home Affairs Minister Karen Andrews, who this month took part in talks with counterparts from the US, Canada, New Zealand and Britain about cyber and ransomware attacks, said the government was working to combat threats through its legislation to “enhance security and resilience of critical infrastructure assets … from cyber crime”.
“Cyber criminals continue to pose risks to Australians and Australian businesses, and I’m committed to ensuring our response is commensurate to the gravity of this threat,” she said.
The Australian Cyber Security Centre last week updated its security advice to “critical” after new vulnerabilities were discovered in Microsoft Exchange 2013, 2016 and 2019, which could be “exploited by attackers to gain persistent access”.
Microsoft’s Threat Intelligence Centre last month attributed the attacks on its software to HAFNIUM, a “group assessed to be state-sponsored and operating out of China”.
More Coverage
Message to minister: ‘Pull your head in and sort it out’
The nation’s most vulnerable mental health patients demand psychiatrists be looked after as a charity boss urges system change.
‘Recognise Palestine now’: ALP activists’ post-ceasefire call
Labor activists have demanded Anthony Albanese immediately recognise Palestine, despite the Prime Minister’s attempt to neutralise the conflict as an election issue post-ceasefire.