Rogue nations have given state sanctioned hacking groups the green light – and in some cases, even the tools – to engage in cyber warfare with the West. Worryingly, these cyber criminals don’t care for rules of engagement, laws of armed conflict or humanitarian law. Is Australia prepared for this growing challenge?
If security experts have learnt anything over recent years, it’s that state sanctioned proxies are able to inflict existential damage to a nation with nothing more than a computer network, an internet connection and a government that looks the other way. Indeed, the interconnectedness of the modern world is both a blessing and a security curse. Even as many of us in Australia’s largest city sit in lockdown, we can order food on our mobiles or shop remotely and have whatever our hearts desire delivered to us in a matter of days.
However, every facet of modern life relies on the cyber world and even the smallest perversion of the cyber world will radically change our lives.
Cyber attacks are now a day-to-day phenomenon. Simply, they’re the preferred method of governments the world over to harass and deny an enemy a strategic advantage because they’re plausibly deniable, cheap and scalable.
The use of cyber to harass and deny an enemy a strategic advantage was successfully observed in Iran ahead of the renewed nuclear talks with the US. Cyber attacks against the regime are not a new phenomenon, with the Stuxnet computer worm having infected some 200,000 computers including approximately 20 per cent of Iran’s nuclear centrifuges since the mid-2000s, of which the Kaspersky Lab suggested can only be explained via “nation-state support”. This year, a cyber attack in April targeted Iran’s nuclear centrifuges causing an explosion at the Natanz nuclear facility and resulting in a widespread blackouts. The lessons behind this attack have serious implications to Australia. If these attacks are able to disable some of Iran’s most secure networks, would Australia be able to protect its critical infrastructure when needed, and how many worms like Stuxnet have already infiltrated our critical infrastructure?
Attacks of this magnitude are becoming more common, and can often be purely informational rather than subversive. Indeed, in February it was alleged that the North Korean hacking group – the Lazarus Group – was behind a series of attacks that targeted Pfizer and BioNTech to acquire vaccine data. It was later thought that this might have been done to allow the pariah state to raise capital by selling vaccines on the black market. The Lazarus Group first hit international headlines after hacking Sony in 2014 in response the movie The Interview and in 2016 attempted to steal $1 billion from the Bangladesh Bank.
Many would agree that ransomware attacks have seemingly become the flavour of the month in the security industry. The recent Colonial Pipeline attack in May highlighted how exposed the US’ critical infrastructure is to cyber breaches. Indeed, the attack impeded some 45 per cent of the United States’ east coast gas pipelines, grinding commuters to a halt and ravaging businesses up and down the coast. Some areas felt the pain more than others. In Charlotte, Virginia, approximately 71 per cent of petrol stations ran out of fuel whereas in the nearby Washington DC, the number was suspected of rising to 87 per cent. It is a sobering thought that Australia’s strongest ally was unable to ensure the basic distribution of fuel in the nation’s capital. While there is little evidence to suggest that the group was sanctioned by the Russian government, most analysts expect that the DarkSide hackers are based in Russia.
These hackers don’t follow rules of engagement or military law. While soldiers are taught strict laws of armed conflict, these state sanctioned cyber warriors don’t particularly care whether they hurt or target a nation’s most vulnerable civilians. This was evidenced last year when Russia-based hackers released a list of 400 hospitals that they intended to target. In the midst of the pandemic, they truly are targeting society’s most exposed.
Australia is not immune to this trend of ruthless cyber barbarism. Earlier this year, UnitingCare in Queensland, which operates aged care facilities and hospitals, fell victim to a cyber attack perpetrated by REvil, thought by many to be a hacking group based out of Russia. Furthermore, just in July this year the NSW Department of Education fell offline due to a cyber attack knocking many of the Department’s key processes offline.
When developing new geostrategic and military tactics, governments will follow the paths of least resistance. Cyber warfare indeed offers the least resistance of them all, being deniable, cheap and effective. Considering the growing geostrategic difficulties in the Indo-Pacific, Australia must ensure that it is prepared for a barrage of cyber attacks that will target all facets of our lives as state sanctioned hacking groups have shown that they care little for critical civilian infrastructure that would otherwise be protected under the rules of engagement.
The government has made amazing strides on investing in our defence forces, but it’s time that Australia take the next step in building a new generation of cyber warriors.
Liam began his career as a speech writer at New South Wales Parliament before working for world leading campaigns and research agencies in Sydney and Auckland. Throughout his career, Liam has managed and executed a range of international media and communications campaigns spanning politics, business, industrial relations and infrastructure. He’s since shifted his attention to researching and writing extensively on geopolitics and defence, specifically in North Africa, the Middle East and Asia. He holds a Bachelor of Commerce from the University of Sydney and is undertaking a Masters in Strategy and Security from UNSW Canberra.