
Australian Government and businesses hit by state-based cyber attack, PM says - deviation
https://www.news.com.au/technology/online/hacking/australian-government-and-private-sector-reportedly-hit-by-massive-cyber-attack/news-story/b570a8ab68574f42f553fc901fa7d1e9
======
technion
There's more details in the NCSC write up:

[https://www.cyber.gov.au/threats/advisory-2020-008-copy-
past...](https://www.cyber.gov.au/threats/advisory-2020-008-copy-paste-
compromises-tactics-techniques-and-procedures-used-target-multiple-australian-
networks)

~~~
fernly
Thank you! But I don't see anything in there that isn't normal attempted
cybercrime. What Steve Gibson dubbed "Internet Background Radiation", the
continual poking for vulnerabilities.

~~~
ShorsHammer
The mitigations are hilarious too:

\- Update

\- Use 2fa

~~~
bouncycastle
sounds like most of the "hacks" are actually employees getting phished.

~~~
ShorsHammer
Something which happens everyday.

In $currentyear, I don't see how even the most tech illiterate employees can't
get lessons in phishing prevention along with having sysadmins who are ahead
of the curve.

Getting reasonable levels of protection isn't hard to achieve, but they are
hard to justify the cost of to execs.

------
ferros
What is the motivation behind this announcement?

Considering that it is a generic ‘we are under attack’.

The Prime Minister doesn’t usually hold press conferences like this unless
there is a good reason.

~~~
gonzo41
Australian unemployment is essentially at 11% and youth unemployment is >25%.
Both are going to trend higher this next quarter. I think it's a distraction
from the poor handling of the recession. It's been pretty standard tack to
ring the national security bell when ever there is a speed wobble from the
government. This will grab the news for the day so they can end the
parliamentary week without the weekend news being about everyone lack of a
job.

I can't really see any 4d chess moves from the Australian Government here.

~~~
bigiain
> I can't really see any 4d chess moves from the Australian Government here.

Or ever, at least from any of the parties we have contending for power right
now... But "how good is coal?" :sigh:

(I assume you're the Gonzo who's sharpening up a nice knife for this weekend?
;-) )

------
timothy-quinn
The Aus Government has a good guide called the "Essential Eight" for reducing
risk. It's a good starting point for businesses, and is pretty much universal
advice, not just applicable to government departments:
[https://www.cyber.gov.au/publications/essential-eight-
explai...](https://www.cyber.gov.au/publications/essential-eight-explained)

My take on the E8: [https://blog.congruentlabs.co/essential-eight-
essentially/](https://blog.congruentlabs.co/essential-eight-essentially/)

------
harikb
Is it possible it is being made as “breaking news” as support for any other
narrative? Just saw on BBC breaking news

> Regrettably, this activity is not new. Frequency has been increasing.”

~~~
loktarogar
I'd wait til 5:30pm. It's possible they might be using this to cover another
last-minute-friday announcement.

------
saltedonion
Let me take a total shot in the dark. The country responsible starts with a C
and ends with a A.

~~~
sk0g
But Canada is just cold Australia, why would they want to hurt us?!

They scream cyber attack every time any of their services see a small uptick
in usage, like the social services website Centrelink did, when the lockdown/
job losses started. I'm going to assume it's incompetence on their side, for
now.

EDIT: 95,000 users is all it took, apparently:
[https://www.itnews.com.au/news/minister-backflips-on-
mygov-d...](https://www.itnews.com.au/news/minister-backflips-on-mygov-ddos-
attack-claim-539704)

Some further information here:
[https://www.cyber.gov.au/threats/advisory-2020-008-copy-
past...](https://www.cyber.gov.au/threats/advisory-2020-008-copy-paste-
compromises-tactics-techniques-and-procedures-used-target-multiple-australian-
networks)

~~~
google234123
Or... China is actually up-happy about people pointing out it's use of
disinformation and economic coercion amidst COVID-19.

~~~
sk0g
Looking into it more, ACSC has posted a serious advisory [0], so it might be
real this time. It's not a good look when the government screams cyber attack
willy nilly though, because people get jaded, and think it's rather their own
incompetence, again.

[0] [https://www.cyber.gov.au/threats/advisory-2020-008-copy-
past...](https://www.cyber.gov.au/threats/advisory-2020-008-copy-paste-
compromises-tactics-techniques-and-procedures-used-target-multiple-australian-
networks)

~~~
google234123
That maybe true but joking that Canada may be behind this when China is well
known for this type of behavior is disingenuous.

~~~
bigiain
If you didn't laugh out loud at that, you clearly do not know many Australians
(or probably Canadians either...)

~~~
sk0g
Oath! I didn't want to assume where they were from, but it's definitely not
Australia haha. Canadians go alright, but they're dangerously close to USA

------
holografix
I guess sentencing an Australian citizen to death wasn’t enough retaliation.

~~~
aaron695
I think this is Australia's response to that.

There is nothing new in the announcement, it's a many months old incident in a
decade long Chinese cyber breaches.

It's announced today in what seems like a weak volley back in the reshuffle of
trade with China post C19.

------
hnick
I wonder if we'll ever see letters of marque for cyber offense. It feels a bit
like it's already the de facto situation in some countries because they just
don't investigate.

------
metta2uall
Anyone taking responsibility for inadequate defences?

~~~
thelittleone
Adequate by what measure? Best practices? Regulatory compliance? Are there
ever adequate defenses in cybersecurity?

~~~
ShorsHammer
From the Australian Signals Directorate advisory:

> The title ‘Copy-paste compromises’ is derived from the actor’s heavy use of
> proof-of-concept exploit code, web shells and other tools copied almost
> identically from open source.

Surely adequate can fit into defending against common open source toolkits?

~~~
torified
Hmm, a "sophisticated state actor" or a copy-paste script kiddy? Which one was
it?

Copy-paste and open source was enough to get into the Australian Parliament,
apparently our pollies simply can't resist the allure of larger penises and
wealthy Nigerians in trouble.

Or maybe, just maybe, there is just the slightest possibility that this is all
just a manufactured distraction from other issues...

These are the nincompoops who passed a law to backdoor everyone's encryption
and nuke their own country's IT industry from orbit with a law that nobody
wanted. What a surprise that they can't keep their own data secure.

~~~
fowl2
> Hmm, a "sophisticated state actor" or a copy-paste script kiddy? Which one
> was it?

There's no contradiction between those two things.

------
r721
>Government sources say China is behind the attack and Mr Morrison refused to
shut down speculation that the nation was the “sophisticated state-based
actor” behind the attack. Refusing to name the foreign entity, the Prime
Minister stressed investigations were continuing by the Defence Signals
Directorate and law enforcement agencies.

[https://www.news.com.au/technology/online/security/cyber-
att...](https://www.news.com.au/technology/online/security/cyber-attack-in-
australia-china-the-chief-suspect-behind-attack/news-
story/44d60fdd551cfd890a0d4c14be5b15a7)

>9News political editor Chris Uhlmann said China was behind the attack.

[https://www.9news.com.au/national/cyber-attack-australia-
sco...](https://www.9news.com.au/national/cyber-attack-australia-scott-
morrison-government-private-sector-breach-of-
security/e621ae47-f810-4fa7-9c11-3caa3b09f4dc)

------
suizi
Aren't they the ones who passed an anti-encryption law? Gee, imagine thinking
they care about security, they never seemed to care about it before with all
the breaches and attacks which hit on a regular basis.

------
koheripbal
North Korea raising its head from the sand now that Kim recovered from his
mystery illness.

------
atlgator
Seriously, which one of you is doing this?

