SYDNEY • Confronting a surge of cyber attacks attributed to the Chinese government, Australia moved to bolster its defences yesterday, promising to recruit at least 500 cyber spies and build on its ability to take the battle overseas.
The investment of A$1.35 billion (S$1.29 billion) over the next decade is the largest the country has made in cyber weapons and defences.
It follows what Prime Minister Scott Morrison has described as a sharp increase in the frequency, scale and sophistication of online attacks – and, more broadly, a steady deterioration in relations between Australia and China.
“The federal government’s top priority is protecting our nation’s economy, national security and sovereignty,” he said. “Malicious cyber activity undermines that.”
The new initiative points to growing frustration in Australia with what current and former intelligence officials have described as a relentless, increasingly aggressive campaign by China to spy on, disrupt and threaten the country’s government, vital infrastructure and most important industries.
The full details of attacks that appear to have come from China are still mostly hidden – Australian officials remain wary of provoking Beijing by naming and shaming culprits – but the public record now includes several examples of elaborate hacking that has less to do with theft for profit than growing aggression against a rival government.
In January last year, for example, hackers found their way into the Australian Parliament’s computer systems. A year before that, security experts said that tools commonly used by Chinese hackers had been deployed in attacks on Australia’s Defence Department and the Australian National University.
Two weeks ago, Australian officials said a wide range of political and private-sector organisations had come under attack by a “sophisticated state-based cyber actor” – a reference that most cyber-security experts took to mean China.
And there are hints that the tools being deployed are increasingly ambitious and dangerous.
In one attack earlier this year, hackers used a compromised e-mail account from the Indonesian Embassy in Australia to send a Word document to a staff member in the office of the top leader in the state of Western Australia.
The attachment contained an invisible cyber attack tool called Aria-body, which had never been detected before and had alarming new capabilities. It allowed hackers to remotely take over a computer, to copy, delete or create files, and to carry out extensive searches of the device.
Minimum number of cyber spies that Australia promises to recruit to confront the surge of cyber attacks attributed to the Chinese government
A cyber-security company in Israel later linked Aria-body to a group of hackers, called Naikon, that has been traced to the Chinese military.
Mr Peter Jennings, a former defence and intelligence official who heads the Australian Strategic Policy Institute, said China had leapfrogged other countries in its cyber abilities and the frequency of its attacks.
“It’s just reaching unprecedented heights of activity,” he said. “Yes, it’s true countries do spy on one another; the problem here is the all-pervasive nature of what China is doing. In many ways, big and small, there are hints of bullying and coercion.”
The attacks, while constant, have become more troublesome since Australia angered China by calling for an international inquiry into the roots of the coronavirus outbreak. In Beijing, any questioning of the official narrative that China defeated the virus as quickly as possible is seen as an insult.
The rising tensions between the two countries have already affected trade – with China cutting imports of Australian barley and beef – and neither country has made a public effort to reconcile.
China has also tried to turn the cyber-spying accusations back on Australia, with its state media claiming that Beijing disrupted an Australian operation two years ago.
The response on the cyber front that Australia outlined yesterday starts with personnel. Roughly a third of the funding will go towards hiring hundreds of experts to study and share information about the evolution of emerging threats, and to create countermeasures of their own.
The Australian Signals Directorate and the Australian Cyber Security Centre will build up their capacity to defend against attacks and their connections with the companies that run the country’s digital networks.
Defence Minister Linda Reynolds said in a statement that the investment aimed to create a rapid response process that would “prevent malicious cyber activity from reaching millions of Australians by blocking known malicious websites and computer viruses at speed”.
She said the investment would most likely be a down payment. “The need for more investment in cyber security, both defence and offence, will keep growing,” she said. “This won’t be the last investment, I’m sure.”