News National China blamed for ‘cyber attack’

China blamed for ‘cyber attack’

Twitter Facebook Reddit Pinterest Email

China is being blamed for a major cyber attack on the computers at the Bureau of Meteorology, which has compromised sensitive systems across the Federal Government.

Multiple official sources have confirmed the recent attack, and the ABC has been told it will cost millions of dollars to plug the security breach, as other agencies have also been affected.

The bureau owns one of Australia’s largest supercomputers and provides critical information to a host of agencies.

Unlikely climate heroes
PM won’t be “daunted” on climate
Japan, Aus send message to China

Its systems straddle the nation, including one link into the Department of Defence at Russell Offices in Canberra.

The BoM is vital for warning Australians of impending weather conditions. Photo: AAP
The BoM is vital for warning Australians of impending weather conditions. Photo: AAP

Cyber attacks on government agencies are routine and the “adversaries” range from thrill-seeking hackers, through to criminals and foreign states.

But the ABC has been told this is a “massive” breach and one official said there was little doubt where it came from.

“It’s China,” he said.

The motivation for the attack on the bureau could be commercial, strategic or both.

The bureau is a critical national resource and another state would place a high value on its intellectual property and scientific research.

In the event of a conflict, compromising Australia’s ability to accurately forecast weather would affect the operation of military and commercial aircraft.

Beyond that, the bureau provides a gateway to other agencies.

‘Range of adversaries motivated to target networks

A spokesman for Prime Minister Malcolm Turnbull said a range of adversaries, including “state-sponsored actors and serious organised criminals”, were motivated to attack government networks.

The building housing “Unit 61398”, a secretive Chinese military unit, on the outskirts of Shanghai. Photo: AAP

“The Government’s aware of a press report that the Bureau has been the subject of a cyber attack,” the spokesperson said in a statement, adding the Government would not comment on specific cases.

“The Government takes any cyber attacks seriously and is currently reviewing its cyber security policy.”

The bureau did not deny the attack, and said its systems were working.

“Like all government agencies, we work closely with the Australian Government security agencies,” it said in a statement.

“The bureau’s systems are fully operational and the bureau continues to provide reliable, ongoing access to high quality weather, climate, water and oceans information to its stakeholders.”

In March the Bureau’s chief executive Dr Robert Vertessy told Radio National that his agency had evolved “from what was once just a straight weather service to what I would call now a more broad-based environmental intelligence agency”.

It provides weather and climate forecasting, tsunami warnings, tide predictions, water resources and even space weather.

There is no clear picture yet how much the breach will cost to fix or how long it will take but the critical nature of the bureau’s services means its systems cannot be switched off for repair.

In the words of one source: “It could take years and cost hundreds of millions of dollars to fix.”

Cyber attacks traced to Chinese army building in Shanghai

The United States has repeatedly blamed China for cyber attacks on its agencies and American businesses. At a meeting in September, US president Barack Obama raised it with his Chinese counterpart Xi Jinping.

The Chinese president warned against politicising the issue and said China had a lot to lose from cyber crime.

China has noted that America also devotes a lot of resources to cyber warfare, as do many other countries.

Australia has been recruiting cyber warriors, with the Australian Signals Directorate hiring IT professionals who can put themselves “in the shoes of the hacker”.

The most detailed publicly available study of China’s capabilities was published by American computer security firm Mandiant in 2013.

Mandiant tracked dozens of groups around the world but focused on one of the most prolific, which it traced to a People’s Liberation Army building in Shanghai, Unit 61398.

The report said the reason the unit was “able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support”.

In its first unclassified threat report this year the Australian Cyber Security Centre said the cyber threat to Australia is “undeniable, unrelenting and continues to grow”.

The Centre said it “sees daily cyber espionage activity targeting Australian Government networks”.

“Cyber adversaries will target the weakest link; if the network security of their primary target is robust, they will move to secondary targeting of other networks that may hold the same information but are easier to compromise.

“A cyber adversary is an individual or organisation (including an agency of a nation state) that conducts cyber espionage, crime or attack.

“Foreign state-sponsored adversaries, including nation-states, seek economic, foreign policy, defence and security information for strategic advantage. Such adversaries have traditionally possessed the most advanced and sophisticated tools to conduct their activities, sometimes maintaining access to an organisation’s network for years at a time to steal the information they require. These adversaries are most frequently identified as Advanced Persistent Threats (APT).”


View Comments