Chinese government hackers could turn out the lights across Australia at any moment if they decide to launch a massive cyber war, experts have warned.
Power stations, hospitals, banks and logistics firms – among many others – could be vulnerable to an all-out attack which would bring the nation to a grinding halt.
The country is said to be living on a knife edge after years of under-investment in hacking defences, leaving the government and private corporations almost defenceless.
The warning comes after Queensland power firm CS Energy was targeted by a ransomware attack which almost shut down power to three million homes.
Chinese hackers launched a sustained hack on CS Energy’s two thermal coal plants in Queensland on November 27, denying workers access to critical data and email.
Chinese government hackers could turn out the lights across Australia at any moment if they decide to launch a massive cyber war on the orders of President Xi Jinping (pictured)
Australia is said to be living on a knife edge after years of under-investment in hacking defences, leaving the government and private corporations almost defenceless
The attack came within minutes of bypassing CS Energy’s internal corporate systems to access the generators that circulate 3,500MW of electricity into the grid.
If successful, it would have knocked out power to between 1.4 and 3 million homes indefinitely.
A last ditch plan to separate the control operations from the main network saved the plant – but experts warn Australia may not be so lucky next time.
‘Chinese hackers are very well organised, they’re technically adept and they’re sponsored by the state,’ Nigel Phair, director of UNSW Institute for cyber security, said.
‘They see cyber attacks as just another part of their ongoing push for greatness. Their capability is extremely good,’ he said.
‘There is a huge danger that they could switch off Australia. You’d be naive to think otherwise.’
The Australian government has now begun to introduce new laws which will give them unprecedented powers in the face of a cyber attack.
Nigel Phair, director of UNSW Institute for cyber security, (pictured) says Chinese hackers are very well organised, technically adept and sponsored by the state
The warning comes after Queensland power firm CS Energy (pictured) was targeted by a ransomware attack which almost shut down power to three million homes
The Security Legislation Amendment (Critical Infrastructure Bill) 2020 would allow the government to take control of private companies if their critical infrastructure came under cyber attack.
Company directors of affected companies will also be held personally responsible for cyber security breaches under the new laws.
On Wednesday, Prime Minister Scott Morrison insisted: ‘We are pacesetters when it comes to cybersecurity – that doesn’t mean the threats aren’t great.
‘They are, they’re significant. And that’s why we’re so focused. It’s just another area where we’re working to keep Australians safe.’
Mr Phair insists the sweeping new powers are a vital wake up call to private companies which have failed to invest in hacking protection.
‘Most critical infrastructure owner operators are private sector and they don’t see the return on investment in beefing up cyber security controls on their networks, because they just see it as a cost,’ he said.
State actors working on behalf of Xi Jinping (pictured) the Communist regime, launched a ‘sustained’ ransomware attack on CS Energy’s two thermal coal plants in Queensland on November 27 – signifying what Beijing could be capable of in a wartime scenario
‘That’s why you’ve got the government now saying, “We’re going to step in”. It’s quite interesting and quite controversial.
‘It’s a three step process where it starts off with, “We’ll hold your hand and give you some assistance on what’s going on” through to what they call stepping power.
‘If you’re an owner operator of a gas, telco, electricity, or whatever piece of critical infrastructure and you get whacked, they’ll come in and take over the incident response.
‘That’s the controversy. That’s quite a step – having government workers going into a private organisation and taking over the computer network is quite a bold thing to contemplate.’
Senator James Paterson has warned urgent reforms are needed to beef up Australia cyber defence capabilities as nations like China and Russia become increasingly hostile
WHAT AUSTRALIAN COMPANIES MUST DO FOR PROTECTION FROM CYBER ATTACKS
As more and more critical infrastructure moves into private hands, Nigel Phair fears investment in protection against cyber attack is ignored as an unnecessary expense.
Three keys things Australian firms must do now are:
- Encrypt all data and transfer data encrypted
- Strict controls over who can access data and logging all access
- Securely delete all data as soon as possible
Training staff to be aware of phishing attacks and social engineering is also vital.
Partitioning networks and completely disconnecting, where possible, critical info and infrastructure access from the internet is also vital.
The hackers will use all forms of hacking to gain access to networks, from studying published operation technology looking for weaknesses to security intelligence gained by spying.
Social engineering – where hackers pose as colleagues or contractors to win the confidence of workers and access info, passwords and logins – is a widely used tactic.
Workers can also fall victim to phishing attacks where they click on fake links that can reveal passwords, logins and crucial network information.
Critical infrastructure companies – including utilities, financial and medical organisations – are considered most at risk, but Mr Phair says all firms need to strengthen their security.
Channel Nine was locked out of its broadcasting equipment in a sophisticated attack on its network in March which knocked shows off the air while experts fought to regain control.
‘They are advanced attacks,’ said Mr Phair. ‘The technical and general sophistication around a lot of this is hard for organisations. This takes brain power and action.
‘The problem is corporate Australia is not acting deeply enough or quickly enough. There’s a degree of, “I’m not a bank, no-one will hack me.”
‘It’s always someone else, it’s aways a different private hospital, a different power company. We’ve got to get out of that complacency.’
In the wake of the Nine attack, Treasurer Josh Frydenburg said the government was investing in corporate defences against cyber attacks.
‘This threat is not going away,’ he said. ‘We’re working with the business community and the private sector more generally to ensure that their systems are best in class.
‘Whether it’s other governments or whether it’s criminal organisations, cyber security is the new battle front.’
While companies can beef up defences, Mr Phair says a more effective approach would be for Australia to fight back and launch cyber attacks of its own on China.
Critical infrastructure companies – including utilities, financial and medical organisations – are considered most at risk, but Nigel Phair says all firms need to strengthen their security
He believes Australia’s Signals Directorate – which leads the nation’s cyber security and intelligence – could start a virtual war of our own.
‘We need to put sand in the gears of these people that are doing it,’ said Mr Phair.
‘We need to hurt them economically so that they go, “Actually we’re not going to attack infrastructure in Australia. We’re going to go somewhere else because they’re a low hanging fruit.”
‘We need to disrupt them with a lot of force.’
But he warned action needed to be taken swiftly.
‘I’m hoping we never have an outage of a severity that degrades people’s lives,’ Mr Phair said. ‘That’s the hope.
‘It might never happen – but it could happen this afternoon.’