Australia faces a “persistent threat” from state-backed hackers, the country’s signals intelligence agency said Wednesday, highlighting the particular danger of Russian and Chinese cyberattacks on critical infrastructure.
Australia has been hit by a string of high-profile hacks in the past 12 months, including one late last week that crippled major ports for three days.
Without laying blame for specific hacks or intrusions, the Australian Signals Directorate singled out Moscow and Beijing as among the country’s greatest cyber threats in its latest report.
State-backed hackers would probably continue targeting water supplies and electricity grids, the directorate said, and would likely ramp up efforts to steal military secrets from Australia and its allies.
Australia’s AUKUS defense pact with the United Kingdom and the United States could be a prime target, the report warned.
Under the AUKUS deal, Australia is set to acquire nuclear-powered submarines and develop advanced technology such as artificial intelligence and hypersonic missiles.
“The AUKUS partnership, with its focus on nuclear submarines and other advanced military capabilities, is likely a target for state actors looking to steal intellectual property for their own military programs,” the report said.
It highlighted an incident in May in which Beijing-backed hackers briefly infiltrated “critical infrastructure sectors” in the United States, warning that China could deploy similar techniques to gain access to Australian systems.
State-backed hackers are also creating “bespoke tools” to infiltrate government networks, the report warned, pointing to the Russian “Snake” malware network dismantled by the United States this year.
In that case, Russian spies used sophisticated malware to infect government networks and research facilities across some 50 countries.
Asked about the report’s findings on Wednesday, Australian Defense Minister Richard Marles said key trade partner China has also been “a source of security anxiety for our country”.
Cybersecurity experts have said that inadequate safeguards and company stockpiling of sensitive customer information have made Australia a target for hackers.
Major ports handling 40 percent of Australia’s freight trade ground to a halt late last week after hackers infiltrated computers belonging to operator DP World.
Medibank, Australia’s largest private health insurer, said last November that hackers had accessed the data of 9.7 million current and former customers, including medical records related to drug abuse and pregnancy terminations.
In September 2022, telecom company Optus fell prey to a data breach of similar magnitude in which the personal details of up to 9.8 million people were accessed.