Australia’s prime minister, Scott Morrison, said a “sophisticated state-based cyber actor” had spent months trying to hack all levels of government, businesses, essential services and critical infrastructure.
“We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting,” Mr Morrison told reporters in the capital, Canberra, on Friday.
He declined to say who Australia believed was responsible, but three sources briefed on the matter told Reuters Australia believed China was responsible.
“There is a high degree of confidence that China is behind the attacks,” one Australian government source told the news agency.
Mr Morrison said he made the growing threat public to raise awareness and said he particularly wanted organisations involved in health, critical infrastructure and essential services to bolster technical defences.
A range of sectors were being targeted and the frequency of cyber intrusions to steal and cause harm has increased for months, he said.
“This is the actions of a state-based actor with significant capabilities. There aren’t too many state-based actors who have those capabilities,” Mr Morrison added.
Mr Morrison said “Australia doesn’t engage lightly in public attribution” but said he could not control speculation about who was responsible for the cyber campaign.
He offered few details about the activities and said it was difficult to understand whether the intrusions were motivated by desires to steal state secrets, intellectual property or the personal data of ordinary Australians.
Australian investigations had not uncovered any “large-scale personal data breaches” so far, Mr Morrison said, as many of the intrusions had been thwarted.
Mr Morrison said he spoke about the issue with Boris Johnson on Thursday, while other allies have also received briefings.
Last month, the Australian Cyber Security Center warned “malicious cyber adversaries” were taking advantage of key staff at critical infrastructure working from home during the pandemic.
Power and water networks as well and transport and communications grids were threatened.
“We are continuing to see attempts to compromise Australia’s critical infrastructure,” agency head Abigail Bradshaw said. “It is reprehensible that cybercriminals would seek to disrupt or conduct ransomware attacks against our essential services during a major health crisis,” she added.
The agency also reported “malicious cyber actors” were attempting to “damage or impair” hospitals and emergency response organisations outside Australia.
Australia has strained ties with China, its largest trading partner, by pushing for an international inquiry into the source and spread of the coronavirus, which emerged in the central Chinese city of Wuhan late last year.
In response, China imposed dumping tariffs on Australian barley, suspended some imports of beef and warned its students and tourists against travel to the country, citing accusations of racism.