22 Sep Cyber warfare Australia: Sleeper weapons deployed
EXCLUSIVE: It’s the invisible war happening 24/7, every day of the year.
Only when attackers flip a sleeper switch, which can cripple entire cities, do we realise we’ve been covertly under attack, sometimes for years.
Australia is no exception.
A cyber warfare expert told nine.com.au state-based actors have “absolutely” deployed backdoor malware on key government and corporate systems right now that could be activated at any moment.
Such attacks can turn off a city’s power grid, wreak havoc by shutting down major logistics infrastructure or hoover up political and corporate secrets.
Fergus Hanson, director of the International Cyber Policy Centre at the Australian Strategy Policy Institute, described Russia, China, Iran and North Korea as extremely “sophisticated” actors.
“If they want to get into any system, they absolutely can,” he said.
“There would be states that have pre-deployed across our networks right now.”
He feared government, public and private sector businesses across Australia were “not fit for purpose” to detect cyber attacks launched by the most advanced actors.
“Essentially every piece of every piece of software is vulnerable, there’s no software that is unbreakable,” Mr Hanson said.
“There’s a backdoor to everything. It’s really just a matter of resources and time to get in.”
In June, Prime Minister Scott Morrison said Australian institutions, including hospitals and state-owned utilities, had come under intensive cyber attacks.
Mr Hanson explained how nation states with advanced and fearsome capability have to “constantly” be attacking systems and networks in other countries.
Cyber attackers have to protect the vulnerabilities they have successfully exploited, to ensure it remains undetected and viable.
Sleeper backdoors can be groomed for years, in preparation for a zero-day attack.
This allows attackers to “hold a point” in a network to be able to “deploy attacks and weapons”.
In 2015, Russian hackers successfully knocked out an electrical power grid in the Ukraine.
And in 2010, the US famously sabotaged an Iranian nuclear enrichment facility.
But most attacks are never seen, and it is notoriously difficult to confidently assign blame.
Israel and the United Kingdom, alongside the US, Russia, China, Iran and North Korea, have the most developed cyber capabilities in the world.
Australia’s offensive and defensive cyber capabilities were in “reasonable shape” given the size of its economy, Mr Hanson said.
And he applauded the government’s June announcement in the midst of the coronavirus destroying federal budgets.
But he urged the Federal Government to raise its game if they really wanted to “turn the dial”.
He also accused government departments of needing to do more to start complying with government cyber security standards.
“It’s still a long road to go.”
Contact: [email protected]