Australia - State-Based Cyber Attacks

The Australian Government publicly announced that government agencies, critical infrastructure, and businesses were being targeted by a sophisticated state-based cyber actor in a sustained campaign, widely attributed to China.

What Happened

On 19 June 2020, Prime Minister Scott Morrison held an extraordinary press conference to announce that Australian organisations across government, industry, and critical infrastructure were being targeted by a state-based cyber actor. The Australian Cyber Security Centre issued an advisory detailing the threat.

The attacks involved sophisticated techniques including exploitation of known vulnerabilities, use of legitimate remote access tools, and targeting of cloud services and web applications. Sectors targeted included health, essential services, government, and critical infrastructure. While the government did not officially name the actor, cybersecurity experts and former intelligence officials pointed to China's Ministry of State Security.

Impact on Individuals

The campaign primarily targeted organisations rather than individuals directly. However, any successful breaches of government agencies or healthcare providers could have resulted in exposure of citizens' personal information held by those entities.

Organisational Response

The government's decision to publicly acknowledge the attacks was unprecedented and signalled the seriousness of the threat. The ACSC released detailed technical guidance to help organisations defend against the specific tactics being used. The incident prompted significant investment in Australia's cybersecurity capabilities and led to the creation of a dedicated cybersecurity agency separate from the Australian Signals Directorate.