Australia currently under ongoing cyber hacking attempt

[mr moose]

The Australian government has just had a press conference and advised Australians that we are currently undergoing a repeated attack on all cyber infrastructure.  That is all levels of government and most of the bigger industries and political lobby groups.  There is no source as this is a radio press release.  I will update with sources and more information as it becomes available.

 

Stay tuned for more information.

 

 

UPDATE 1.  The radio announced that the press release is unprecedented in that the prime minister extended a briefing invitation to the federal opposition (something that rarely happens except in extreme circumstances) which was turned down on grounds that they could not guarantee the security of the hotel room or a place where that meeting could take place (another very rare event in Australian politics).    The radio journalists were conjecturing the motive may have been the recent issues Australia has had with China.  The press release did claim it was definitely a state based attack and not from a private group.  Australia did upset China when we requested a global investigation into the outbreak of coronavirus which resulted in them leveling some severe barley tariff's in response.   However there is no evidence or accusations from the Australian government at this stage.

 

UPDATE 2: some quotes:

 

Quote

“This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure,” Mr Morrison told reporters Canberra.

 

Quote

“What I can confirm is there are not a large number of state-based actors that can engage in this type of activity and it is clear, based on the advice that we have received, that this has been done by a state-based actor, with very significant capabilities.”

 

UPDATE 3: the PM claims so far no personal information has been breached in these attacks:

Quote

He said so far there had been no large-scale data breaches of Australians’ personal information as a result of the attacks.

 

 

 

Sources:

 

https://7news.com.au/politics/australia-under-cyber-attack-morrison-c-1111296

https://www.news.com.au/technology/online/hacking/australian-government-and-private-sector-reportedly-hit-by-massive-cyber-attack/news-story/b570a8ab68574f42f553fc901fa7d1e9

Channel 9 live stream link:

https://www.9news.com.au/videos/watch-live/prime-minister-scott-morrison-speaks-on-cyber-attack/cjztaftsh002t0rmmpbvq2ejn

 

EDITED: more sources and further information, though little technical information is being released:

https://www.news.com.au/technology/online/security/cyber-attack-in-australia-china-the-chief-suspect-behind-attack/news-story/44d60fdd551cfd890a0d4c14be5b15a7

It seems the advice is to make sure all internet facing devices are up to date,  which seems like the whole washing your hands business when corona hit, advice that should never have to be given.

[PunchyTurtle]

Is there no way to record the press release?

[mr moose]

Just now, PunchbagTurtle said:

Is there no way to record the press release?

it will be up soon on youtube or news site so I will post it then. 

[StDragon]

Pew pew pew!

 

So you're starting to feel like an American now I take it? Welcome to the club. (we're cyber attacked all the time)

[PunchyTurtle]

1 minute ago, mr moose said:

it will be up soon on youtube or news site so I will post it then. 

Alright cool

[mr moose]

1 minute ago, StDragon said:

Pew pew pew!

 

So you're starting to feel like an American now I take it? Welcome to the club. (we're cyber attacked all the time)

According to the press release so are we, but this time it just got so frequent and intense that it warranted both a public briefing and a bipartisan briefing before hand.  These things are rare in Australia they are reserved for when the people actually need to know and act on something serious.

 

 

[PunchyTurtle]

Here's some more stuff:

 

https://www.afr.com/politics/federal/another-1-5m-americans-apply-for-jobless-benefits-20200619-p55449

https://www.theguardian.com/australia-news/live/2020/jun/19/australia-coronavirus-latest-updates-coalition-welfare-victoria-community-transmission-scott-morrison-borders-tourism-live-news

 

And more

https://www.news.com.au/technology/online/hacking/australian-government-and-private-sector-reportedly-hit-by-massive-cyber-attack/news-story/b570a8ab68574f42f553fc901fa7d1e9

[StDragon]

Fireeye - for the War Games look

 

Kaspersky - For the world domination feel. Spin the globe!

 

Checkpoint - To see who's been checkmated.

 

SonicWALL - See who's bell has been rung.

 

Threatbutt - DOS look with real Pew Pew sound effects.

 

Bitdefender - For when you need that CNN live news look.

[StDragon]

My best guess is a DDOS initiated by by China or N.Korea. I don't know that, but given what's going on between China, Taiwan, and India, the US carrier fleet in the Pacific....this might be a message to Australia to "stay out of it" should SHTF relatively soon.

 

Just a hunch.

[Guest]

Hopefully when Scott Morrison can get off the phone to use the internet he can see what the mellennials he hired to fix the wifi have done.  

[schwellmo92]

This is the ACSC release https://www.cyber.gov.au/news/advisory-2020-008-copy-paste-compromises-tactics-techniques-and-procedures-used-target-multiple-australian-networks

 

 

tl;dr - no major breaches announced, but industry is being targeted much more than usual at the moment. It is being performed by “state based actors” with no attribution given.

[Trik'Stari]

What with their active ongoing genocide I still don't understand why the rest of the world has not engaged in a complete and total trade embargo with China, as well as completely blocking them on the internet. Surely there is some way of doing that.

 

Sooner or later the rest of the world is going to have to start taking them seriously, they certainly are hostile to almost the entire planet, albeit not overtly.

 

One wonders whether or not our "representatives" are merely this ignorant, or are in fact complicit. Please note I am not calling out any single group, party, or individual. I mean as a whole.

 

At the least, we need to have a major coalition going to build and maintain a global wifi network that is free to use, as well as an initiative to drop or smuggle laptops with solar chargers, into nations like China and North Korea.

[Salv8 (sam)]

On 6/19/2020 at 12:03 PM, Trik'Stari said:

What with their active ongoing genocide I still don't understand why the rest of the world has not engaged in a complete and total trade embargo with China, as well as completely blocking them on the internet. Surely there is some way of doing that.

while i agree with your statement, china manufactures 90% of the products the world uses.

from the silicon on your processor to the paint on your home, chances are it was made in china.

doing this would shut down the entire world's economy, something that we probably won't be able to bounce back from.

and that's just products that we consume and use.

On 6/19/2020 at 12:03 PM, Trik'Stari said:

Sooner or later the rest of the world is going to have to start taking them seriously, they certainly are hostile to almost the entire planet, albeit not overtly.

 

One wonders whether or not our "representatives" are merely this ignorant, or are in fact complicit. Please note I am not calling out any single group, party, or individual. I mean as a whole.

i'm quite sure they know whats going on but country relations are always on thin ice, one wrong move and you could easily have a war on your hands.

it's not that hard to see that they are violating basic human rights and many ethical rules that we as a species have held ourselves to since we could use tools.

On 6/19/2020 at 12:03 PM, Trik'Stari said:

At the least, we need to have a major coalition going to build and maintain a global wifi network that is free to use

i see where you are coming from but it's no different then a public wifi such as a local starbucks wifi.

you don't access personal information over a public network for a reason.

not only that, whats to stopping the organization running this to censor anything bad about them? google does this and they are already in trouble for it.

even then they could limit or block websites they don't like, because internationally, there aren't any net neutrality laws.

plus international laws are so rare that they only get passed if a huge incident caused massive catastrophes as a result. (i.e world war 2 when the US nuked japan)

On 6/19/2020 at 12:03 PM, Trik'Stari said:

as well as an initiative to drop or smuggle laptops with solar chargers, into nations like China and North Korea.

such projects and organizations exist for this, but get caught and you will 'mysteriously' disappear. (i.e they'll charge you for spreading 'propaganda' and you will spend the rest of your life in their jail. your home country can't do anything about since you broke china's/north korea's laws and have to face the consequences. basically you are stuck there until your life sentence is up. which will never expire/end since their life imprisonment is that, the rest of your life.)

 

as much as i would like to continue with this debate, it's against the forum rules to delve too deep into politics and it can easily lead into even worse things and i don't wanna cause that.

Edited June 22, 2020 by Salv8 (sam)
removed internet thing, apparently internet sea lines have changed since i last checked

[StDragon]

13 minutes ago, Salv8 (sam) said:

while i agree with your statement, china manufactures 90% of the products the world uses.

from the silicon on your processor to the paint on your home, chances are it was made in china.

doing this would shut down the entire world's economy, something that we probably won't be able to bounce back from.

and that's just products that we consume and use, internet wise china is the hub for the western part of the world's internet.

if it goes down, guess what, most of the western world can't use most of the internet, anything outside their part of the internet will be inaccessible, many services rely on this design and would fail if china was shut out (e.g google, office 365, basically anything that requires internet)

Well then, that settles it. The entire world is at the mercy of China, and we should willingly sign a deceleration of surrender so as to not be hacked. Makes perfect sense. 

 

Better yet, how about calling out the BS for what it is and let the chips fall where they may. If China was truly behind this (suspect, but I'm not sure anyone knows for sure), then conflict is already fait accompli. At that point, showing weakness is the worst thing you can do.

[Maticks]

shortly after this story went up so did the US saying not to a sea cable from China directly to their shores.

 

https://www.itnews.com.au/news/us-says-no-to-direct-chinese-cable-connection-to-hong-kong-549464

 

144TB cable to DDoS America, i mean.. deliver facebook and other CDN content of course...

[Guest]

3 hours ago, Trik'Stari said:

What with their active ongoing genocide I still don't understand why the rest of the world has not engaged in a complete and total trade embargo with China, as well as completely blocking them on the internet. Surely there is some way of doing that.

 

Sooner or later the rest of the world is going to have to start taking them seriously, they certainly are hostile to almost the entire planet, albeit not overtly.

 

One wonders whether or not our "representatives" are merely this ignorant, or are in fact complicit. Please note I am not calling out any single group, party, or individual. I mean as a whole.

 

At the least, we need to have a major coalition going to build and maintain a global wifi network that is free to use, as well as an initiative to drop or smuggle laptops with solar chargers, into nations like China and North Korea.

China has money, trade and scientific outcomes to outweigh it sadly enough. The truth is no country can afford to. 

[Drama Lama]

The Kangaroos strike back

[mr moose]

4 hours ago, Trik'Stari said:

What with their active ongoing genocide I still don't understand why the rest of the world has not engaged in a complete and total trade embargo with China, as well as completely blocking them on the internet. Surely there is some way of doing that.

 

 

As much as china relies on our coal, gas and iron (also aluminium) the reality is we rely on selling it to them ass well.  We are all part of the global economy now, you sneeze I get a cold, china hiccups and Ireland gets indigestion.

 

 

3 hours ago, StDragon said:

Well then, that settles it. The entire world is at the mercy of China, and we should willingly sign a deceleration of surrender so as to not be hacked. Makes perfect sense. 

 

Better yet, how about calling out the BS for what it is and let the chips fall where they may. If China was truly behind this (suspect, but I'm not sure anyone knows for sure), then conflict is already fait accompli. At that point, showing weakness is the worst thing you can do.

 

Australia did call for a global investigation into corona the immediate response was they stopped buying our barley which left the farmers with a $100M short fall in revenue and too much stock to sell upsetting the local value.  And that was just the small shit they can do to punish us for having the audacity to request they be a little bit more accountable to the global community. 

 

 

[schwellmo92]

6 hours ago, Trik'Stari said:

What with their active ongoing genocide I still don't understand why the rest of the world has not engaged in a complete and total trade embargo with China, as well as completely blocking them on the internet. Surely there is some way of doing that.

 

Sooner or later the rest of the world is going to have to start taking them seriously, they certainly are hostile to almost the entire planet, albeit not overtly.

 

One wonders whether or not our "representatives" are merely this ignorant, or are in fact complicit. Please note I am not calling out any single group, party, or individual. I mean as a whole.

 

At the least, we need to have a major coalition going to build and maintain a global wifi network that is free to use, as well as an initiative to drop or smuggle laptops with solar chargers, into nations like China and North Korea.

Not going to happen for Australia unfortunately, we are extremely dependent on China purchasing our agriculture and mining goods. Take a look here for example https://en.wikipedia.org/wiki/List_of_the_largest_trading_partners_of_Australia . China are both our biggest export (by a large margin) and import. China make up almost a third of all of Australia's export and are almost a fifth of our import.

 

As controversial as it is, we need China more than we need the USA. The problem is we are trying to keep both happy which can put us in precarious situations.

[akio123008]

4 hours ago, Salv8 (sam) said:

if it goes down, guess what, most of the western world can't use most of the internet, anything outside their part of the internet will be inaccessible, many services rely on this design and would fail if china was shut out (e.g google, office 365, basically anything that requires internet)

 

I wouldn't agree with that. To give you an example, google has 0 datacenters in the whole of China.

 

And it's not like China is some sort of ethernet switch that the entire world plugs into; for instance there are plenty of undersea cables between Europe and North America and so cutting out China wouldn't do much to that whole block, the same goes for most other parts of the world.

 

5 hours ago, Salv8 (sam) said:

you don't access personal information over a public network for a reason.

You must have got that from a VPN ad; if you're on a site that uses SSL however, you'll be fine.

[williamcll]

Oh boy it's that time of the year again. Better get a degree in NetSec.

8 hours ago, RorzNZ said:

Hopefully when Scott Morrison can get off the phone to use the internet he can see what the mellennials he hired to fix the wifi have done.  

I don't think a change in leadership could ever solve the internet infrastructure.

32 minutes ago, akio123008 said:

I wouldn't agree with that. To give you an example, google has 0 datacenters in the whole of China.

 

And it's not like China is some sort of ethernet switch that the entire world plugs into; for instance there are plenty of undersea cables between Europe and North America and so cutting out China wouldn't do much to that whole block, the same goes for most other parts of the world.

 

You must have got that from a VPN ad; if you're on a site that uses SSL however, you'll be fine.

However, AWS has two centers in the mainland. Cutting the pacific cables would just mean everything is routed elsewhere. Google maintains a strong presence through android and chromium development in China despite the ban on their web services.

7 hours ago, Trik'Stari said:

What with their active ongoing genocide I still don't understand why the rest of the world has not engaged in a complete and total trade embargo with China, as well as completely blocking them on the internet. Surely there is some way of doing that.

 

Sooner or later the rest of the world is going to have to start taking them seriously, they certainly are hostile to almost the entire planet, albeit not overtly.

 

One wonders whether or not our "representatives" are merely this ignorant, or are in fact complicit. Please note I am not calling out any single group, party, or individual. I mean as a whole.

 

At the least, we need to have a major coalition going to build and maintain a global wifi network that is free to use, as well as an initiative to drop or smuggle laptops with solar chargers, into nations like China and North Korea.

Won't work because A: No one will ever pay for a project like that except from Huawei. B: Wireless signals can be easily intercepted, such as low band radio from RFA

[Sir Asvald]

2 hours ago, Drama Lama said:

The EMU hackers strike back

Fixed it for you

[Salv8 (sam)]

32 minutes ago, akio123008 said:

You must have got that from a VPN ad; if you're on a site that uses SSL however, you'll be fine.

maybe you should brush up on your security knowledge, even though this ep is from 2015 it still applies today.

while VPN marketing is a bit misleading, the bits about using public wifi without a layer of encryption is real.

 

[akio123008]

1 hour ago, Salv8 (sam) said:

maybe you should brush up on your security knowledge, even though this ep is from 2015 it still applies today.

while VPN marketing is a bit misleading, the bits about using public wifi without a layer of encryption is real.

 

That TQ episode you mentioned, confirms what I said right at 2:40. When you use SSL, the traffic between you and the site is encrypted, so even though the wireless network may be compromised, that doesn't mean your information is exposed, meaning you can safely acces personal information on a public wifi network. VPN services claim they're "the way of creating a secure tunnel out of that miserable public wifi network", but really when using SSL you're already safe. 

 

Now don't go and mention that not all sites use SSL because:

1. No, actually all sites that do anything with personal data use SSL

2. If they don't use SSL, using them wouldn't be safe anyway, even when accessed from a completely secure network.

 

[StDragon]

47 minutes ago, akio123008 said:

When you use SSL, the traffic between you and the site is encrypted, so even though the wireless network may be compromised, that doesn't mean your information is exposed, meaning you can safely acces personal information on a public wifi network. VPN services claim they're "the way of creating a secure tunnel out of that miserable public wifi network", but really when using SSL you're already safe. 

 

Now don't go and mention that not all sites use SSL because:

1. No, actually all sites that do anything with personal data use SSL

2. If they don't use SSL, using them wouldn't be safe anyway, even when accessed from a completely secure network.

 

All true.

 

That said however, I'll add that tunneling through a VPN does add a level of security through anonymity behind the WiFi network. Without the VPN, all sites visited can be logged at the firewall depending on how the logging and history retention is implemented.

 

When connected through a VPN over WiFi, from the FW, there's only one SSL (for the VPN) session and all of your traffic is routed through that.

 

So it really comes down to judgement as to whether or not you trust the establishment providing WiFi connectivity to make the case for using a VPN.

 

Note: Some universities require installing a MITMproxy certificate which, by design, must decrypt all session traffic to analyze packets in un-encrypted form. It renders using a VPN moot. But then again, I'd question the judgement to attend such a university in the first place, but I digress.