Russia blamed after cyber attacks hit up to 400 Australian businesses


Australia has admonished Russia after confirming Kremlin-backed hackers were responsible for cyber attacks on hundreds of Australian companies.

Australian intelligence agencies have identified Russia as the actor behind a series of cyber attacks on Australia, the US and the UK in 2017, the government has revealed.

SBS News understands thousands of unsecure Australian routers were accessed and Defence Minister Marise Payne confirmed there were “potentially 400” Australian companies affected.

Despite the breach, the government said there was “no indication Australian information has been successfully compromised”.

The government's cybersecurity office has contacted all the businesses on the list to alert them to the risk. 

In Australia, the hack only affected private companies. Treasurer Scott Morrison told SBS News “no Australian departments or agencies” were impacted.

Advice circulated by US and UK authorities warned Cisco routers – a common commercial brand – were affected.

Fergus Hanson, head of cyber security at the Australian Strategic Policy Institute, said the Russian government may have been trying to establish control over networks for use in later attacks.

“Essentially you've got Russia exploiting vulnerabilities in Cisco routers to potentially conduct a whole range of activities, from espionage to pre-positioning for attacks on critical infrastructure,” Mr Hanson said.

Cyber attacks can, for example, cause widespread chaos by shutting down energy grids.

Mr Hanson said the affected routers were old models that had not been patched with the latest software.

“They're legacy pieces of equipment that are being phased out but they've got vulnerabilities as a result of the fact that they, for example, have not been patched."

Cyber Security Minister Angus Taylor, who is in the US for a cyber conference, told SBS News the government was "now seeking to hold bad behaviour to account". 

He said it was now possible to identify the culprits behind many attacks, including state actors like Russia.

Asked whether the government would publically name Russia and other actors more often in the future, Mr Taylor said "I think we will." 

Analysts have speculated Russia may use cyber attacks to retaliate over recent Western airstrikes on Moscow's ally Syria.

Russia said there would be consequences for the strike but did not offer any more detail.

While this hack occurred in 2017, Mr Hanson suggested there could be a connection, suggesting Australia and its allies may have believed the Russians were about to utilise the exploits they set up last year.

“What may be the case is they've had a particular piece of intelligence that might suggest, for example, the Russians are going to use a cyber means to respond to those attacks [on Syria], they've threatened retaliation and they may be pre-empting,” Mr Hanson said.

He also suggested the three countries may have sat quietly on the intelligence because they were “using the knowledge” to understand Russia’s methods.

Russia has not responded to the accusations, but regularly denies any role in state-sponsored hacking.

Stay up to date with SBS NEWS

  • App
  • Subscribe
  • Follow
  • Listen
  • Watch