Morrison revealed the existence of the attacks during a press conference on Friday, adding that a “state-based cyber actor” is “targeting Australian organizations across a range of sectors, including all levels of government, industry, political organizations, education, health, essential service providers and operators of other critical infrastructure.”
He did not specify which agencies or businesses are believed to be under attack, nor did he detail the exact nature of the attacks — though he did say that the government’s investigation has not uncovered any “large-scale personal data breaches.”
Morrison also did not say which state Australia believes to be behind the attack. But he told reporters that “there are not a large number of state-based actors that can engage in this type of activity.”
“It is clear … that this has been done by a state-based actor with very, very significant capabilities,” Morrison added.
The attacks are also not new, and Morrison made clear that such threats are a “constant issue for Australia to deal with.” But he added that he was prompted to speak Friday because the “frequency has been increasing” over “many months.”
A possible culprit
While Morrison declined to say who may be behind the attacks, the scale and timing led many political observers to immediately point the finger at China. Asked by journalists Friday about whether Beijing was responsible, Morrison said he “couldn’t control speculation.”
China’s Ministry of Foreign Affairs did not immediately respond to a faxed request for comment.
Relations between Beijing and Canberra have cratered in recent months. Australia led the call for an international investigation into the origins of the coronavirus pandemic, and was damning in its criticism of China’s initial handling of the outbreak. Beijing then imposed tariffs against Australian beef and barley, and Chinese officials have threatened a consumer boycott if relations continue to worsen.
China has long been accused by foreign powers of orchestrating large-scale cyber attacks against other governments. Most recently, Washington in May warned that China was likely behind efforts to steal coronavirus vaccine research from US research institutions and pharmaceutical companies.
China has maintained that it is a major victim, rather than a perpetrator, of cyber attacks. The country consistently denies claims about its cyber espionage activities.
Capability and motive
Peter Jennings, executive director of the Australian Strategic Policy Institute (ASPI), told CNN Business that there was a “95% chance that it is China who is responsible for this attack.”
“It really comes down to understanding the capacity and interest that any country might have in wanting to engage in this sort of attack against Australia,” said Jennings, a former senior Australian Defense Department official. “There are some other countries that are capable, namely Russia and North Korea, but in both cases they don’t have the scale to go as comprehensively as China has.”
He added that neither Russia nor North Korea has a major “strategic interest in Australian politics” at present.
Chinese officials have attacked ASPI’s independence and credibility, calling its reports “fact-distorting and ridiculous.”
“There is only one country which has the combination of capability and motive and that’s China,” Jennings said. “And frankly there is also a pattern of this behavior by China over the years in this.”
Canberra has avoided pinning blame in the past on other countries for major cyber attacks, including an operation launched against the country’s parliament and major political parties in 2019.
Months after the attack, Reuters reported — citing Australian government sources — that Canberra had concluded in private that China was the culprit. “China’s Foreign Ministry denied involvement in any sort of hacking attacks and said the internet was full of theories that were hard to trace,” Reuters reported at the time.
Source : Cnn