Australia says it’s under massive nation-state cyberattack (& hints at China). Lazarus Group may be prepping COVID-19 phishing.

0
214

Australia’s Prime Minister Morrison says that Australia is under massive and sustained cyberattack. “We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the tradecraft used,” the Wall Street Journal quotes the Prime Minister as saying. He added that all levels of government and most economic sectors are among the targets.

The actor may be sophisticated, but most observers aren’t moving from that to a conclusion that the attacks themselves are advanced or complicated. (The Guardian’s discussion is representative.) To judge from yesterday’s Australian Signals Directorate advisory, the attacks for the most part hit known vulnerabilities with “copy-and-paste” open-source exploit code. When that approach fails, the attackers resort to familiar spearphishing.

The Prime Minister refused to be drawn on attribution, but he’s generally believed to be describing a Chinese government campaign. ZDNet quotes sources to the effect that this particular “frog has been boiling for years,” which raises the question of why the Prime Minister would choose to issue his warning now. ABC says the campaign may represent payback…

Read More…