SYDNEY, Australia – Faced with a surge in cyber attacks attributed to the Chinese government, Australia moved Tuesday to strengthen its defenses, promising to recruit at least 500 cyberspies and build on its ability to face the battle overseas.
The investment of 1.35 billion Australian dollars ($ 930 million) in the next decade is the largest that the country has ever made in cyber weapons and defenses.
Following is what Prime Minister Scott Morrison described as a sharp increase in the frequency, scope and sophistication of online attacks and, more generally, in a steady deterioration in relations between Australia and China.
The new initiative points to growing frustration in Australia for what current and former intelligence officials have described as relentless, growing in number aggressive campaign by China to spy on, upset and threaten the country’s government, vital infrastructure and major industries.
The full details of the attacks that appear to be from China are still largely hidden – Australian officials continue to be wary of provoking Beijing by naming and shaming the culprits – but the public register now includes several examples of elaborate hacking that has less to do with the for-profit theft of growing aggression against a rival government.
In January last year, for example, hackers entered the computer systems of the Australian Parliament. A year earlier, security experts had claimed that the tools commonly used by Chinese hackers had been used in attacks on the Australian Department of Defense and the Australian National University.
Two weeks ago, Australian officials said that a wide range of political and private sector organizations were attacked by a “sophisticated state cibactor”, a reference that most cybersecurity experts understood as China.
And there are indications that the tools used are increasingly ambitious and dangerous.
In an attack earlier this year, hackers used a compromised email account from the Indonesian Embassy in Australia to send a Word document to a staff member in the office of the main leader in the state of Western Australia.
The attachment contained an invisible cyber attack tool called Aria-body, which had never been detected before and had alarming new capabilities. It allowed hackers to remotely hire a computer, copy, delete or create files and perform extensive searches on the device.
An information security company in Israel he later connected Aria-body to a group of hackers called Naikon who was tracked down in the Chinese army.
Peter Jennings, a former defense and intelligence officer who heads the Australian Strategic Policy Institute, said Beijing outperformed other countries in its cyber abilities and the frequency of its attacks.
“It is reaching unprecedented heights of activity,” he said. “Yes, it is true that countries are spying on each other; the problem here is the ubiquitous nature of what China is doing. In many ways, big and small, there are hints of bullying and coercion.”
Attacks, although constant, have become more problematic since Australia angered China by asking for an international investigation into the roots of the coronavirus epidemic. In Beijing, any interrogation of the official narrative that China defeated the virus as quickly as possible is seen as an insult.
Growing tensions between the two countries have already affected trade – with China cutting barley and beef imports – and neither country has made a public effort to reconcile. China has also tried to dismiss cyberspying accusations against Australia, with its state-run media claiming that Beijing stopped an Australian operation two years ago.
The cyberfront response that Australia outlined on Tuesday begins with the staff. About a third of the funding will go to hiring hundreds of cyber security experts to study and share information on the evolution of emerging threats and to create countermeasures.
The Australian Signals Directorate and the Australian Cyber Security Center will develop their ability to defend themselves from attacks and their connections with the companies that manage the country’s digital networks.
Defense Minister Senator Linda Reynolds said in a statement that the investment aimed to create a rapid response process that would “prevent malicious cyberactivity from reaching millions of Australians by quickly blocking malicious websites and computer viruses.”
Jennings said the investment was substantial and necessary. He added that it would most likely be a down payment.
“The need for more cyber security investments, both in defense and in attack, will continue to grow,” he said. “This won’t be the last investment, I’m sure of it.”