Cyber offensive to hit Russian hackers
Australia could respond to last year’s major Russian cyber attack with further sanctions or by using its new offensive cyber capabilities, experts and government sources say.
Cyber Security Minister Angus Taylor yesterday announced the federal government would join the US and Britain in targeting Moscow as the architect of a global attack last August.
Sources said the government could use Australia’s new offensive cyber capabilities to hit back at Russia or look at law enforcement options or diplomatic and economic measures. The offensive capabilities can disrupt or degrade the computers or computer networks of adversaries.
Former Australian official and current head of AustCyber, Michelle Price, said further sanctions against Russia were on the cards. “Public attribution (of the attack to Russia) needs to be backed up with further action by the Australian government and sanctions would be on the table,” Ms Price told The Australian.
Defence Minister Marise Payne said up to 400 Australian companies were targeted by hackers, and Mr Taylor said there was “no indication” Australian government information had been compromised.
Instead, Australian intelligence agencies believe Russian hackers were systematically laying the foundation for future offensive cyber-attacks.
The agencies believe the hackers were not stealing information but rather they were nestling themselves into the systems so they could make a potentially devastating attack in the future, should they choose to do so.
Fergus Hanson, head of International Cyber Policy Centre at the Australian Strategic Policy Institute, said those responsible were likely preparing to disrupt critical infrastructure. “I think this attack, while there are limited details at this point, what it looks like is pre-positioning to allow for a potential attack on critical infrastructure,” he told the ABC.
“What that essentially involves is pre-positioning, gaining access to a network, and sitting there and waiting for the moment where you may want to conduct an offensive operation that involves delivering a payload that would for example turn off a power grid, change the routers so you can no longer run your operations in an energy system or in a telecommunications network.”
The intelligence agencies first noticed a sharp jump in the number of attempted hacks to breach network routers, switches and firewalls across the Australian economy about a year ago and at first believed it was the work of smart young criminals due to the random targets.
But a pattern emerged and they were targeting commercial available routers, especially Cisco Smart Install software, and it became clear the hackers were not criminals acting on their own.
Authorities shared their information with the US and the UK and now believe Russia was mounting a new international cyber campaign against the West, positioning itself to carry out a broad and potentially devastating cyber attack on Australia, the US and Britain if and when it wanted.
Mr Taylor is in the US meeting government officials to discuss responses to cyber threats.