Australia’s government and institutions are being targeted by an ongoing sophisticated state-based cyber hack, Prime Minister Scott Morrison says.
Mr Morrison said the cyber attacks were widespread, covering “all levels of government” as well as essential service providers and businesses.
He declined to identify a specific state actor, adding no major personal data breaches had been made.
The activity has been increasing in frequency over many months, he said.
He said cyber experts had identified it as a state hack “because of the scale and nature of the targeting and the trade craft used”.
When asked whether that country had been identified, Mr Morrison said he would not make “any public attribution”.
“There are not a large number of state-based actors that can engage in this type of activity,” he told reporters on Friday.
He stressed that similar “malicious” activity had been seen in jurisdictions globally, making it not unique to Australia.
Cyber intelligence experts have long linked various hacks in Australia to China.
They say China is one of the few states, along with Russia, Iran, and North Korea, which have the capacity for such attacks – and are not allied with Australia.
“There’s always simmering tensions between Russia and China so really it comes down to those being the key actors they [Australia] would be referring to,” expert Joshua Kennedy-White told the BBC.
The unsaid part of the story: China
Shaimaa Khalil, BBC News Australia correspondent
The headline itself was clear. Many political, educational and health organisations have been targeted by a state-based cyber actor with “significant capabilities”. However, much about Mr Morrison’s press conference was understated.
For example, it was not clear why this announcement was made at this particular moment – given these attacks have been going on for a while. Mr Morrison made a similar announcement early last year.
Despite blaming a “sophisticated state actor”, he refused to name names – even after being directly asked about the country almost everyone was thinking about: China.
Relations between the countries have grown tense in recent years but have significantly worsened after Australia echoed the US in calling for an inquiry into the origins of the coronavirus, first detected in China late last year.
China has since imposed tariffs on Australian barley, stopped beef imports and warned Chinese citizens and students about the “risks” of travelling to Australia for tourism or education because of racist incidents.
Australia has also ratcheted up its rhetoric. Last week, Mr Morrison said he would not give in to “coercion” from Beijing.
It’s hard to be 100% sure that China could be behind this, but what we know is that Australia’s leadership has chosen a moment when its relationship with its powerful trading partner is at an all-time low to announce publicly that it is under cyber-attack from a powerful state.
Last year, Australia’s main political parties and parliament were hit by a “malicious intrusion” on their computer networks carried out by a “sophisticated state actor”.
The Reuters news agency reported that Australian intelligence agencies suspected China of carrying out the 2019 hack. Canberra declined to comment.
Speaking on Friday, Mr Morrison urged businesses – particularly health infrastructure and service providers – to improve their technical defences.
Cyber defence agencies had thwarted “many” hacking attempts but protection required “constant persistence and application”.
“We raised this issue today not to raise concerns in the public’s mind, but to raise awareness in the public’s mind,” Mr Morrison said.
“We know what is going on. We are on it, but it is a day-to-day task.”
Major cyber attacks in Australia
2020: Incidents reported across major Australian firms, including steel maker BlueScope, logistics firm Toll Group, and state government agency Services New South Wales
June 2019: The Australian National University revealed a “highly professional” group of up to 15 hackers gained access to student and staff details, as well as academic research, for about six months
February 2019: Australia’s parliamentary computer network and political parties were subject of an attempted attack by a “state actor”
2017: Information about fighter planes and navy vessels was stolen from an Australian government contactor.
2015: Foreign spies attacked theAustralian Bureau of Meteorology.