Australian companies face Russian revenge attacks and Chinese expansionism

Western agencies warn of potential Russian cyberattacks on critical infrastructure in retaliation for supporting Ukraine, while Chinese entities appear to be moving away from amateur cyberattacks and espionage to a more coordinated, professional operation to support Chinese expansionism.

API security alert / software development / application flow chart diagram

Russian nation-state actors and sympathetic cybercriminal groups are “exploring options” for a barrage of cyberattacks on critical infrastructure in Australia and other countries opposed to Russia’s invasion of Ukraine, authorities have warned as the ongoing conflict reshapes real-world and online power dynamics worldwide. At the same time, Chinese entities have been professionalising and apparently coordinating their cyberattacks on Australia and other countries.

“Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks,” the US Cybersecurity and Infrastructure Security Agency (CISA) said in a new warning—endorsed by the Australian Cyber Security Centre (ACSC) and the comparable Five Eyes agencies in the UK, Canada, and New Zealand—that damaging sanctions and “materiel support provided by the United States and US allies and partners” had made them targets.

The extensive advisory is a primer on Russian and Russia-aligned cybercriminal groups known to have conducted ransomware, destructive malware, cyber espionage, DDoS and other attacks on Western government, private-sector, nuclear and conventional energy generation, and other critical infrastructure targets.

This includes Russian state-sponsored attacks like BlackEnergy and NotPetya, with at least five Russian government and military organisations targeting foreign IT and operational technology (OT) networks.

Russian group Sandworm was this month blamed for two waves of cyberattacks against Ukrainian critical infrastructure, as new Incontroller malware targeted industrial control systems (ICSs) in the invaded country.

To continue reading this article register now

22 cybersecurity myths organizations need to stop believing in 2022