Australian companies have been caught up in suspected Russian cyber attacks that have affected “millions of machines” worldwide, authorities say.
The United States, Britain and Australia have alleged Russian Government-backed hackers have infected computer routers around the world in a cyber espionage campaign targeting government agencies, businesses and critical infrastructure operators.
In Australia, hundreds of businesses were affected but no information was compromised, the ABC understands.
US and British officials told reporters in a conference call that they planned to issue a joint alert on the attacks, which targeted routers that form a key part of the internet infrastructure in a cyber espionage campaign that could be leveraged in the future to launch offensive attacks.
“When we see malicious cyber activity, whether it be from the Kremlin or other malicious nation-state actors, we are going to push back,” White House cybersecurity coordinator Rob Joyce said.
The US and British governments said they planned to provide technical details on the attacks so that organisations can determine whether they have been hacked and thwart similar future hacking attempts.
The governments asked victims to report any infections so they could better understand the impact of the campaign.
“We don’t have full insight into the scope of the compromise,” said Jeanette Manfra, a cybersecurity official for the US Department of Homeland Security.
US and British officials said the infected routers could be used to launch future offensive cyber operations.
“They could be pre-positioning for use in times of tension,” said Ciaran Martin, chief executive of the British Government’s National Cyber Security Centre, who added that “millions of machines” were targeted.
The White House in February blamed Russia for the devastating “NotPetya” cyber attack in 2017, joining the British Government in condemning Russia for unleashing a virus that crippled parts of Ukraine’s infrastructure and damaged computers across the globe.
US intelligence agencies also concluded that Moscow interfered in the 2016 presidential campaign and a federal prosecutor is investigating whether President Donald Trump’s campaign colluded with Russians to sway the vote.
Both Moscow and Mr Trump have denied the allegations.
Who was targeted?
Ms Manfra said the campaign was widespread and could cover “everything from large enterprises to small home offices”.
The officials said the latest attacks affected a wide range of organisations — including internet service providers, private-sector firms and critical infrastructure providers.
Mr Martin said authorities had been tracking the campaign for about a year and the tactics behind them for longer.
“We in the UK can independently corroborate all of the detection work in this report to validate the assessment of US colleagues,” he said.
“And we can also confirm that all of the attacks mentioned in this report have directly affected the UK.”