China is likely behind the sophisticated cyber attacks on Australia’s private and public organisations, experts say, but political leaders in Canberra are refusing to point the finger.
Prime Minister Scott Morrison confirmed Australia has been the target of increased cyber attacks by a foreign entity.
“We know it is a sophisticated, state-based cyber actor because of the scale and nature of the targeting, and the tradecraft used,” Mr Morrison said on Friday.
But he declined to say which country was behind the attacks.
Asked if it was China, Mr Morrison said: “The Australian government is not making any public attribution about these matters.
“We are very confident that this is the actions of a state-based actor.
“We have not gone any further than that. I can’t control what speculation others might engage in.”
Australian Strategic Policy Institute executive director Peter Jennings said the attack was “95 per cent or more” likely to have been launched from China.
This was because of the scale and intensity of the attack, he told AAP.
“A few others have the capacity but they don’t have the scale to do it as broadly as this,” Mr Jennings said.
He said China was very interested in learning how Australian governments and businesses work, what policy is being developed and who are the key decision makers.
He said there were big gaps in cyber security, especially within state governments, which could then allow further intrusions into other systems.
Opposition Leader Anthony Albanese was briefed by the prime minister on Thursday evening and Australia’s security agencies on Friday.
“The agencies have the view very much that it is in our national interest for these public statements to be made … in order to lift up awareness,” Mr Albanese said.
But he too refused to say whether he knew who the culprit was.
The decision to raise concerns over cyber security comes at a time of growing friction between Australia and China, which have fallen out over the origin of the coronavirus, trade and most recently, the death sentence handed to an Australian drug smuggler.
“The decision of the PM to announce this at this time is a reflection of the heightened tensions between Australia and China, who although not named as the state-based actor involved in these attacks, is heavily implied,” said David Glance, director of the University of Western Australia Centre for Software and Security Practice.
Mr Morrison said the investigations conducted so far have not revealed any large-scale personal data breaches.
Australia’s security agencies are working closely with allies and intelligence partners to manage it.
“I spoke to (British Prime Minister) Boris Johnson last night about a range of matters, including this one, and there were a number of engagements with our allies overnight,” Mr Morrison said.
Last month, a joint statement by the Department of Foreign Affairs and Trade and the Australian Cyber Security Centre said there had been “unacceptable malicious” cyber activity.
“Of particular concern are reports that malicious cyber actors are seeking to damage or impair the operation of hospitals, medical services and facilities, and crisis response organisations outside of Australia,” it said.