‘Sophisticated’ cyber criminals attack Australia networks

Getting your Trinity Audio player ready...

Australian state and private institutions have been the target of attacks from cybercriminals in the past month, the country’s Prime Minister Scott Morrison has revealed. Describing them as “sophisticated state-based cyber hacks,” the PM revealed that they had targeted government, health, education and industrial systems.

The cyber attacks have been increasing over the past few months, Morrison stated. He further claimed that his government believes the attacks are orchestrated by state actors “because of the scale and nature of the targeting and the trade craft used. There are not a large number of state-based actors that can engage in this type of activity.”

The Australian Cyber Security Center (ACSC) released a comprehensive report that revealed more about the attacks, describing them as “the most significant, coordinated cybertargeting against Australian institutions the Australian Government has ever observed.”

According to the ACSC, the criminals have used several initial access factors. The most prevalent has been through the use of remote code execution vulnerability in unpatched versions of Telerik UI. While it accelerates the web development process, Telerik UI is prone to CVE-2019-18935 vulnerability, and hackers have been exploiting this to breach their targets’ systems.

This vulnerability has been used severally in the past by criminals to install cryptojacking malware. As CoinGeek reported in May, a hackers group known as Blue Mockingbird exploited this vulnerability to infect thousands of systems and install XMRig, a popular Monero-mining tool.

The NSA has also revealed that its research had confirmed that Telerik UI vulnerabilities are the most exploited by cybercriminals in the world.

Morrison assured Australians that his government was investing heavily in cybersecurity. Since 2016, the government has invested A$386 million (US$265 million) to build cyber resilience, he stated.

The attacks in Australia have been blamed on Chinese actors. Australian cybersecurity experts have claimed that the Chinese government may have sponsored the attacks as part of its intelligence gathering strategy.

However, the Chinese government has vehemently denied these claims. Zhao Lijian, a spokesperson of the Chinese Foreign Ministry stated, “China is a staunch guardian of cyber security. There is no factual basis to the attack and accusation made by this institute.”