China ‘found faulty locks and propped open the doors’ in Microsoft attack: ASD

The head of the nation’s cyber spy agency says China crossed a line in its wave of cyber attacks against Microsoft Exchange servers by allowing criminal groups and other malicious hackers to get into the networks.

Australia last week took the rare step of joining with other countries to accuse China’s Ministry of State Security of being behind the attack on Microsoft Exchange software and allowing criminal groups to conduct ransomware attacks to extort millions of dollars from companies.

Rachel Noble, director-general of the Australian Signals Directorate, says China crossed a line with its cyber attack.Credit:Alex Ellinghausen

Australian Signals Directorate boss Rachel Noble told a parliamentary inquiry on Thursday that the attacks, which began in January, “crossed a line”.

“To explain it in plain language, it would be like houses or buildings having faulty locks on the doors,” she said.

“When the Chinese government became aware of the faulty locks on the doors, they went in and they propped all those doors open.

“There was opportunity for all sorts of criminals, other state actors, you name it, to pour in behind those propped-open doors and get into your house or your building. It’s that action from a technical point of view which crossed a line in the judgment of policy agencies and governments around the world.”

She said around 70,000 Australian businesses and other entities are using Microsoft Exchange servers and could have been impacted, adding the attack was “extremely large and significant”.

The exploitation of the Microsoft Exchange vulnerabilities led to a number of ransomware attacks, whereby a cyber hacker uploads a form of malware that encrypts the victim’s files and the attacker then demands a ransom to restore access to their system.

The ASD director-general warned just because a cyber attack involved ransomware, it did not mean a state actor wasn’t involved.

“It is certainly our operational experience that state actors, along with criminals, can look awfully similar in terms of their behaviour in cyberspace,” she said.

Ms Noble was giving evidence to the Federal Parliament’s security and intelligence committee, which is reviewing the new laws to overhaul the management of the nation’s critical infrastructure.

A loose coalition of unions, big business and tech giants have expressed significant concerns with the proposed laws, which would allow the government to declare an emergency to give agencies such as the ASD the power to plug into the networks of critical infrastructure to fend off major attacks.

Businesses have raised issues with the additional regulatory burdens that would be imposed, while unions are opposing the laws on the basis that hundreds of thousands of workers could have to endure invasions of privacy through additional security checks.

Appearing before the inquiry, Home Affairs secretary Michael Pezzullo said the legislation would “fill regulatory gaps rather than duplicate existing regulation”.

Mr Pezzullo warned a cyber attack directed by another country had the potential to shut down an electricity grid or water supply.

He said the recent attack by China involved “such reckless action” and it “should not be tolerated as a matter of international global rules and norms”.

The Morning Edition newsletter is our guide to the day’s most important and interesting stories, analysis and insights. Sign up here.

Most Viewed in Politics

From our partners

Source: Read Full Article