Those Australian’s watching the news since Friday would be very aware of the Australian Government “announcing” that Australian government and business is being targeted by a nation-state actor. Initial reports from the mainstream media made it sound like the government was announcing a new ferocious cyber-attack had just commenced, or perhaps suddenly escalated. Then over the course of the day, after further questions and clarifications, it became clear that this was nothing new, but that the government was just saying that it had observed an increase over the recent months.

For cybersecurity professionals, it is an established fact that many nation-state actors are involved in more-or-less ongoing cyber campaigns. And it’s clear which countries are most active. There is even a general understating of the primary motivations of each of these major state-actors. Some focus on stealing intellectual property, some focus on spreading disinformation in order to create division to weaken their rivals, some use cyber as an alternative to missiles and guns to damage military targets such as nuclear facilities, and some use cyber to steal and extort money to fund their regime. Whilst it's all officially denied by these governments, there is overwhelming evidence coming from various independent cyber research companies ... sometimes right down to the individual phishing campaigns and thousands of fake robot social media accounts involved in an individual campaign. Do a little digging on the internet, and you'll find some interesting industry news, articles and podcasts.

Furthermore, this is not something that has just started in recent months. In June last year, the Australian National University disclosed that an attacker got into its systems during late 2018 and was not discovered until May. In August last year, the Australian Government announced it was establishing a University Foreign Interference Taskforce. Since the global pandemic hit earlier this year, there have been numerous reports of increases in overall malicious cyber activity across the world, and measures that can be taken to address the risks.

So there’s really no new news here, except perhaps why the Australian government has chosen this point in time to publicly call it out, and the more targeted finger pointing associated with this “announcement”.

#cybersecurity #cyber #smallbusiness #smallbusinesssucess