Prime Minister Scott Morrison told the nation Friday that Australian organisations are currently suffering a \u2018sophisticated\u2019 cyber attack from another country, which he declined to name. The attack has been ongoing for several months, he said, targeting \u201cAustralian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers, and operators of other critical infrastructure.\u201dMorrison also urged a significant defence against cyber attacks, two months after a 2016 Department of Homeland Security strategy lapsed in April 2020, with a replacement strategy effort that began in September 2019 remaining incomplete. He criticised the current home affairs minister, Peter Dutton, strongly for the lack of action, and praised the previous effort as forward-thinking but said that effort must be expanded and renewed.The Australian Cyber Security Centre (ASCS) has published detailed about the attack methods, noting they rely on open source techniques. \u201cThe most prevalent being the exploitation of public-facing infrastructure\u2014primarily through the use of remote code execution vulnerability in unpatched versions of Telerik UI,\u201d it said.\u00a0\u201cOther vulnerabilities in public-facing infrastructure leveraged by the actor include exploitation of a deserialisation vulnerability in Microsoft Internet Information Services (IIS), a 2019 SharePoint vulnerability, and the 2019 Citrix vulnerability.\u201dThe ACSC also said the attacker has used spearfish methods, such as linking to credential-harvesting websites, linking to malicious files, attaching malicious files to emails, and using spoofed links that prompt users to grant Microsoft Office 365 OAuth tokens to the attacker.\u00a0Some security experts said the cyber attacks are not as sophisticated as Morrison claimed, but still serve as a warning to Australian organisations\u2014and perhaps gave Morrison an opportunity to warn the attacking country that its efforts are known and to stand down.Speculation as to which country is behind the attacks centres on China, which has been alleged to be behind many such attacks across many countries over many years, largely for espionage. Reports recently claimed that China reactivated one cyber attack group last year targeting multiple countries and that China had stolen attack methods from the US National Security Agency. China denied involvement in the current attacks.As for Australia, \u201cthere has been a lot of sword rattling against Australia recently given pressure around a COVID-19 investigation [on China\u2019s alleged withholding of crucial inforrmation early in the pandemic]. China recently described Australia as \u2018gum on its shoe\u2019 so it\u2019s not a far stretch\u201d to suspect China in the recent attacks, notes CSO Australia contributor David Braue.