April 12, 2020

Australia Striking Back Against COVID Exploiting Cyber Adversaries

Here's a very relevant article from Israel Defense, April 9, 2020, https://www.israeldefense.co.il/en/node/42537

"Australia Says it is Striking Back Against Foreign Cyber Adversaries

The country is reported to have just begun an offensive cyber campaign targeting hackers who are attempting to take advantage of the CORONAVIRUS outbreak.

Defense Minister Reynolds says that the criminals are not beyond reach of the authorities.

Australia's Department of Defense announced April 7 that the country is engaged in an cyber operation against criminals attempting to exploit the COVID-19 pandemic.

In a press release, Defense Minister Linda Reynolds was quoted as saying the country's cyber intelligence agency is using its offensive capabilities to disrupt foreign criminals who have carried out a range of malicious activities against citizens and businesses during the coronavirus crisis.

"Cyber criminals that are using the cover of cyberspace and international borders to target Australians are not beyond our reach," the minister said. "We are hitting back through the Australian Signals Directorate, who have already successfully disrupted activities from foreign criminals by disabling their infrastructure and blocking their access to stolen information."

"Some of these cybercriminals have even posed as health officials in an attempt to exploit vulnerable Australians, by infecting their computers with malware and stealing their private information," she added.

The directorate's Australian Cyber Security Centre is working with the country's telecommunications providers to block access to malicious websites, and is working with Microsoft and Google to have those sites flagged as malicious, according to the defense department.

Rachel Noble, director-general of the directorate, said "Close cooperation with telecommunications and IT companies is vital in providing increased protective barriers for Australians from these heartless cyber criminals."

"Our offensive cyber campaign has only just begun and we will continue to strike back at these cyber criminals operating offshore as they attempt to steal money and data from Australians," Noble said."

6 comments:

  1. It could well be the Chinese for crying out loud. Have a look at the publication by CENJOWS of India to get an idea of the explosive ability in China's MSS and PLA's MASINT, SIGINT and ELINT abilities. It is a mirror cyberimage of their physical military buildup.

    Frankly, without mincing words, I really think Australia is already in their grip judging by the uncommonly deep presence China shows in Australia in the cyberspace. I expect it to get worse as their satellite constellations and undersea tapping abilities give them more and more tools (not to mention stuff like Huawei 5G inevitably finding its way into the global 5G backbone). More and more CMC and PLA brass are calling for more brazen acts openly, of late.

    ReplyDelete
  2. Hi GhalibKabir

    1. As https://cenjows.gov.in/ is a pretty broad website and I get no Australian Government assistance to buy publications or other support (US being more helpful) I'd be grateful for article links/summaries.

    However I looked at India's NSA https://en.wikipedia.org/wiki/National_Technical_Research_Organisation the NTRO's website https://ntro.gov.in/ntroWeb/loadPublicationsHome.do

    and came upon its information security April 2020 newsletter
    https://nciipc.gov.in/documents/NCIIPC_Newsletter_Apr20.pdf which, on page 3 usefully advised:

    "Dear Readers,

    The world is witnessing an unprecedented situation caused by COVID-19 pandemic. While its Economic, Social and Health impacts are being extensively reported, its impact on Critical
    Information Infrastructure is equally challenging.

    A notable increase in the number of domains created using the words ‘Corona’ or ‘Covid-19’ have been detected. A vast majority of these are malicious aimed at stealing credentials.
    Readers who have visited such domains are advised to ‘Reset’ their passwords immediately.

    Another modus operandi being used by the Threat Actors is to send out legitimate looking Corona related advisories impersonating as officials from government/health organizations, through malicious e-mail attachments.

    In view of the lockdown, several critical sector entities have relaxed their geo-fencing restrictions to allow their personnel to log-in and work from home. This has increased the attack surface available to Threat Actors."

    2. Note that Australia (in line with "Five Eyes" policies, but ultimately US NSA wishes) has rejected Huawei's 5G network operating in Australia.

    China's international sigint reach now can include most satellite and any undersea cable links. eg. Chinese subs and surface vessels splice fibre-optic cables making landfall in India https://www.submarinenetworks.com/en/insights/is-india-a-subsea-cable-infrastructure-sufficient-to-support-next-gen-business .

    So like Australia, India is not immune from China's (world's 2nd highest intel expenditure) sigint activities - as they relate to COVID-19.

    Regards

    Pete

    ReplyDelete
  3. Sure, in fact, India is even more vulnerable in a sense. China has decided that the differential with India has reached a point where the 1993 agreement governing border area negotiations need not be respected.

    I am sure UUVs and SSNs and even disguised cargo ships are trying to splice or sniff fibre cable communications.

    I expect it to get more and more blatant as time passes. e.g. there is no need for pakistan to have 250-300 JF-17s, advanced AEWC planes, half a dozen 30-40 VLS bearing frigates nor have 10 SSKs (unless mental illness about imagined indian hegemony can count as a cause)

    But India's worst enemies remain the political water carriers for subterfuge based foreign NGOs engaged in proselytizing and bribing people to embrace semitic religions...They could possibly cause a second partition by 2050. The old Gandhian saying about proselytizing faiths poorly coexisting with eastern religions has had multiple genocides from 712 AD as proof...I for one hope neither the china threat nor the internal termite threat comes to pass.

    ReplyDelete
  4. Hi GhalibKabir [at April 13, 2020 at 3:08 PM]

    Thanks for your comments. See my article in response at https://gentleseas.blogspot.com/2020/04/chinas-strategic-power-net-beneficiary.html of April 15, 2020.

    Regards

    Pete

    ReplyDelete
  5. A few days ago, Reuters and Defense News reported possible merger of TKMS which suffers from business unstability. Unless TKMS wins tenders of Netherlands Walrus replacement and Polish ORKA programs, it can survive.

    ReplyDelete
  6. Thanks Anonymous [at April 19, 2020 at 7:52 AM]

    I assume you mean "Unless TKMS wins tenders of Netherlands Walrus replacement and Polish ORKA programs, it canNOT survive."

    Reuters April 17, 2020 indicates https://www.reuters.com/article/us-thyssenkrupp-marinesystems-talks/thyssenkrupp-in-talks-with-local-rivals-about-possible-warship-unit-merger-idUSKBN21Z18I

    "FRANKFURT (Reuters) - German conglomerate Thyssenkrupp (TKAG.DE) is in talks about possibly merging its subsidiary ThyssenKrupp Marine Systems (TKMS) with a domestic rival to create a national champion.

    ...The tweet followed a report by public sector broadcaster NDR which said Thyssenkrupp was sounding out domestic rivals German Naval Yards (GNYK) and Luerssen.

    ...TKMS has reported improving order intake and the parent company said in November it will invest 250 million euros by 2023.

    Possible would-be buyers of the business in the past were Rheinmetall (RHMG.DE) and the French Naval Group."

    PETE COMMENT

    In view of this doubt about TKMS' future it looks like the selectors of Australia's Future Submarine made the right decision in not choosing the TKMS Type 216.

    Pete

    ReplyDelete

You can comment :)