The Australian Government has been targeted by a significant cyber attack.
Nine News is reporting that it is "of an incredible scale" and has been aimed at Government institutions and the private institutions within Australia.
LATEST: Little responds as Aussie suffers massive cyberattack
Australian Strategic Policy Institute executive director Peter Jennings told The Australian it was "very clear" that China was behind the cyberattack and that Scott Morrison was calling Beijing out.
• Lion ransomware attack: Speights back online, but supply problems continue for other beers
• Lion: Ransomware attack causing significant problems
• Toll says data stolen in second ransomware attack within months
• Premium - F&P Appliances latest to be hit by ransomware attack
Australian Prime Minister Scott Morrison told a press conference that he raised the attack United Kingdom Prime Minister Boris Johnson on Thursday night and also sought co-operation from Australia's Five Eyes intelligence partners, the United States, Canada, New Zealand as well as the UK.
Australia has long warned about the risk of the country becoming a target of cyber-attack - and these fears now seem to have come to fruition.
Morrison today blamed a "sophisticated state-based actor" for the attack.
"Australian organisations are currently being targeted by a sophisticated state-based cyber actor," Mr Morrison said.
"This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers, and operators of other critical infrastructure."
Australian Prime Minister Scott Morrison is set to release a statement today. Photo / File
Morrison said the investigation had shown no signs of citizen information being breached.
Morrison would not name the state that had sponsored the act.
"The Australian government is not making any attributions on the matter," he said.
"The threshold for attribution is very high. What I can confirm with confidence is that these are the actions of a state-based operator with significant capabilities."
He said there were only a small number of states that were capable of this kind of attack.
He said the act was considered "malicious" in nature.
"This has been a constant issue for Australia to deal with... It has been an issue of ongoing defence," Morrison said.
Morrison said the frequency of attacks had increased in recent months.
Cybercrime has been in New Zealand news recently, with Lion Breweries being attacked by ransomware.
The organisation behind this attack has requested over $1 million from the company.
Finn55 on June 19th, 2020 at 00:17 UTC »
It’s ok, the firewall around the MyGov server is top tier Norton.
braxxytaxi on June 18th, 2020 at 23:54 UTC »
There is an official technical bulletin up on the ACSC site right now. It goes through a number of commonly exploited vulnerabilities in remote access tools such as Citrix, but also covers widespread spearphishing and credential stuffing attacks on products such as Office 365/Microsoft Exchange.
They are recommending everyone enable MFA for all access.
Strangely enough - this happens the same week as a major Azure AD/MFA outage that only occurs in Australia? Something else is going on here.
BTW, if anyone has access to the IOCs they reference, can you send them my way?
Edit: IOCs here: https://www.cyber.gov.au/sites/default/files/2020-06/ACSC-Advisory-2020-008-Copy-Paste-Compromises-Indicators-of-Compromise.csv
SensitiveFrosting1 on June 18th, 2020 at 23:34 UTC »
Honestly kinda weird working in cybersecurity (in both the fedgov and private sectors) and seeing this. There have been some pretty serious incidents that have been news-worth, but not "address the nation" worthy. I wonder what's happened that has prompted this.
e: https://www.cyber.gov.au/sites/default/files/2020-06/ACSC-Advisory-2020-008-Copy-Paste-Compromises.pdf