Australia’s government and institutions are being targeted by an ongoing sophisticated state-based cyber hack, Prime Minister Scott Morrison says.
Mr Morrison said the cyber attacks were widespread, covering “all levels of government” as well as essential service providers and businesses.
He declined to identify a specific state actor, adding no major personal data breaches had been made.
The activity has been increasing in frequency over many months, he said.
He said cyber experts had identified it as a state hack “because of the scale and nature of the targeting and the trade craft used”.
When asked whether that country had been identified, Mr Morrison said he would not make “any public attribution”.
“There are not a large number of state-based actors that can engage in this type of activity,” he told reporters on Friday.
He stressed that similar “malicious” activity had been seen in jurisdictions globally, making it not unique to Australia.
Cyber intelligence experts have long linked various hacks in Australia to China.
They say China is one of the few states, along with Russia, Iran, and North Korea, which have the capacity for such attacks – and are not allied with Australia.
“There’s always simmering tensions between Russia and China so really it comes down to those being the key actors they [Australia] would be referring to,” expert Joshua Kennedy-White told the BBC.
Last year, Australia’s main political parties and parliament were hit by a “malicious intrusion” on their computer networks carried out by a “sophisticated state actor”.
The Reuters news agency reported that Australian intelligence agencies suspected China of carrying out the 2019 hack. Canberra declined to comment.
Relations between Australia and China have sunk to their lowest level this year, following Canberra’s call for an independent probe into the origins of the Covid-19 pandemic.
Following that call, Beijing imposed a series of bruising trade sanctions and urged its citizens and students to avoid travel to the country.
Speaking on Friday, Mr Morrison urged businesses – particularly health infrastructure and service providers – to improve their technical defences.
Cyber defence agencies had thwarted “many” hacking attempts but protection required “constant persistence and application”.
“We raised this issue today not to raise concerns in the public’s mind, but to raise awareness in the public’s mind,” Mr Morrison said.
“We know what is going on. We are on it, but it is a day-to-day task.”
Major cyber attacks in Australia
2020: Incidents reported across major Australian firms, including steel maker BlueScope, logistics firm Toll Group, and state government agency Services New South Wales
June 2019: The Australian National University revealed a “highly professional” group of up to 15 hackers gained access to student and staff details, as well as academic research, for about six months
February 2019: Australia’s parliamentary computer network and political parties were subject of an attempted attack by a “state actor”
2017: Information about fighter planes and navy vessels was stolen from an Australian government contactor.
2015: Foreign spies attacked the Australian Bureau of Meteorology.