Australia has in the past repeatedly declined to attribute specific cyber attacks waged by Beijing.
In June,2020,Prime Minister Scott Morrison warneda state-based actor was behind a series of cyber raids on all levels of government,industry and critical infrastructure,including hospitals,local councils and state-owned utilities.Australian security agencies believed China was probably behind the cyber raids but the federal government at the time declined to name the nation state involved.
Alastair MacGibbon,the former head of Australian Cyber Security Centre,said it was significant that countries like New Zealand and Japan and organisations such as NATO joined in the attribution.
“The coalitions of the countries and organisations speaks volumes to the significance of this type of event,” he said.
“It’s not been common for Australia to attribute malicious cyber activities to China so it should be treated as serious when it does occur.
“This was a particularly reckless series of acts by China and its contractors who,according to the allegation,have carried out criminal acts at the same time.”
Mr Morrison last month raised the alarm on theescalating wave of cyber attacks against all levels of industry and government in meetings with Britain’s top spies in London.
Loading
In a statement on Monday night,the Australian government said it joined international partners in “expressing serious concerns about malicious cyber activities by China’s Ministry of State Security”.
“In consultation with our partners,the Australian government has determined that China’s Ministry of State Security exploited vulnerabilities in the Microsoft Exchange software to affect thousands of computers and networks worldwide,including in Australia.
“These actions have undermined international stability and security by opening the door to a range of other actors,including cyber criminals,who continue to exploit this vulnerability for illicit gain.”
Australia said it called on all countries,including China,to act responsibly in cyber space.
“China must adhere to the commitments it has made in the G20,and bilaterally,to refrain from cyber-enabled theft of intellectual property,trade secrets and confidential business information with the intent of obtaining competitive advantage,” it said.
US Secretary of State Antony Blinken said Beijing “has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain”.
“These contract hackers cost governments and businesses billions of dollars in stolen intellectual property,ransom payments,and cyber security mitigation efforts,all while the MSS had them on its payroll,” he said.
Loading
The Chinese embassy in Canberra said China “firmly rejects the groundless accusations made by the Australian government on cyber issues,following the steps and parroting the rhetoric of the US”.
The embassy accused the US of engaging in “unscrupulous,massive and indiscriminate eavesdropping on many countries including its allies” and being a “world champion of malicious cyber attacks”.
It also said Australia had a poor record after it monitored the phone of former Indonesian president Susilo Bambang Yudhoyono and acted as an “an accomplice for the US’ eavesdropping activities under the framework of Five Eyes alliance”.
“What the Australian government has done is extremely hypocritical,like a thief crying ‘stop the thief’,” the Chinese embassy said in a statement.
While a certain type of cyber espionage is accepted in the international arena,withAustralia conducting its own offensive moves,there is growing concern that China and Russia have been using their capabilities for commercial and criminal means.
There has been a 200 per cent increase in reports of ransomware attacks to Australia’s premier cyber security agency,the Australian Cyber Security Centre,in recent months.
A ransomware is a form of malware which encrypts the victim’s files whereby the attacker then demands a ransom to restore access to their system.