On 19 June, Prime Minister Scott Morrison, in concert with Defence Minister Linda Reynolds, announced: ‘Australian organizations are currently being targeted by a sophisticated state-based cyber actor.’ This was occurring ‘across a range of sectors, including all levels of government, industry, political organizations, education, health, essential service providers, and operators of other critical infrastructure’, they said. Morrison avoided using the word ‘attack’, and in the related advisory the Australian Cyber Security Centre stated that its investigation had ‘identified no intent by the actor to carry out any disruptive or destructive activities within victim environments’. ASPI International Cyber Policy Centre staff Danielle Cave, Tom Uren and Jocelinn Kang discuss and debate this development.
To all Australians, particularly those involved in decisions regarding cybersecurity, the message was clear that ‘Cybersecurity is important, we need to improve, and we all need to be wary of capable and determined adversaries.’ Chief information security officers should be using this press conference to push for more resources. To the nation-state conducting these activities, the message was: ‘Our government is concerned about these activities at the highest levels and we want them to stop.’
And to gain insight into what this threat looks like, the Australian public is currently reliant on snippets provided by former politicians and senior intelligence officials. Such as this passage from former prime minister Malcolm Turnbull’s autobiography:
[W]hat’s become increasingly apparent over the last decade is the industrial scale, scope and effectiveness of Chinese intelligence gathering and in particular cyber espionage. They do more of it than anyone else, by far, and apply more resources to it than anyone else. They target commercial secrets, especially in technology, even where they have no connection with national security. And, finally, they’re very good at it.
In the not quite two years since my government made the decision to keep high-risk vendors out of 5G in Australia, that has been proved to be the right call,” Mr. Turnbull said. Huawei’s chief corporate affairs officer, Jeremy Mitchell, said Mr. Turnbull’s comments were unjust and that the company had a “spotlessly clean” record on cybersecurity over its 16 years operating in Australia with network operators such as TPG, Vodafone and Optus.
He accused the former prime minister of hypocrisy in his public comments, saying Mr. Turnbull had been privately supportive of Huawei in his stint as both communications minister and Opposition communications spokesman, specifying his support in advancing its case in delivering technology to operators like Openreach in the UK, and being a guest at its company headquarters in Shenzhen. It claimed Huawei’s 5G ban would increase local operators’ deployment costs by up to $US300 million ($440 million) annually over the next 10 years, due to their need to rely on equipment from more expensive rivals like Ericsson and Nokia, and would mean up to 3.1 million Australians having delayed access to 5G by 2023. “Under Mr Turnbull’s tenure as minister for communications between 2013-2015 Huawei became the most successful 4G vendor in the Australian market, supplying well over half the Australian population with our technology and at no point did Mr Turnbull raise any security concerns with us,” he said.
Hackers based in China attempted over 40,000 cyber attacks on India’s Information Technology Infrastructure
Hackers based in China attempted over 40,000 cyber attacks on India’s Information Technology infrastructure and banking sector in the last five days, a top police official in Maharashtra said on Tuesday. Internet users should be watchful for such attacks including phishing attempts and conduct cybersecurity audits of their IT systems, officials of Maharashtra Cyber, the State Police’s Cyber Wing, said.
The spurt in online attacks from across the border was noticed after tensions rose between the two countries in eastern Ladakh, said Yashasvi Yadav, Special Inspector General of Police, cyber wing. Maharashtra Cyber collated information about these attempts and most of them were found to have originated in the Chengdu area in China, he said.
“According to our information at least 40,300 cyber attacks were attempted in the last four-five days on the resources in Indian cyberspace,” he said. The attacks aimed at causing issues such as denial of service, hijacking of Internet Protocol and phishing, Mr Yadav added. Indian Internet users should pay attention to the threat of such attacks, create robust – firewalls” and conduct cybersecurity audits, the IGP said. According to Maharashtra Cyber officials, these hackers are suspected to have a database of some 20 lakh Indian email IDs.
Indian government officials, as well as private Internet users, should especially guard against phishing, where an attempt is made to obtain confidential information such as passwords or passcodes by sending a fraudulent email or text message, they added. There could be phishing attempts by impersonating, online, government agencies, departments and trade associations overseeing the disbursement of government financial aid, they said.
One such fraudulent email ID was found to be “[email protected]” which sent bogus information about free Covid-19 testing for residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, officials warned.
Checkout more such content at: https://gogomagazine.in/category/social/