Australian Security Intelligence Organisation (ASIO) Warning
Mike Burgess, the head of the Australian Security Intelligence Organisation (ASIO), stated on Wednesday in Melbourne that Australia faces a growing risk of "cyber-enabled sabotage" within the next five years. He indicated that increased levels of espionage contribute to this threat.
Targeted Infrastructure and Attributed Groups
Burgess identified a specific nation-state as conducting multiple attempts to scan and penetrate critical infrastructure within Australia and its allies. These targets include water, transport, telecommunications, and energy networks. He referenced two hacking groups, Salt Typhoon and Volt Typhoon, which he stated operate for Chinese government intelligence and military.
Salt Typhoon has reportedly targeted telecommunications companies in the US and has probed Australian telecommunication networks for espionage purposes. Volt Typhoon is described as having compromised critical infrastructure networks in the US for potential future sabotage, with similar probing observed in Australian critical infrastructure.
Potential Impacts of Sabotage
Burgess warned that authoritarian regimes are increasingly willing to sabotage critical infrastructure. The stated objectives of such actions include impeding decision-making, damaging economies, undermining war-fighting capabilities, and generating social discord.
He illustrated potential impacts by referencing brief telecommunication outages that caused widespread societal disruption. Burgess presented hypothetical scenarios such as the incapacitation of all telecommunication networks, power outages during heatwaves, contamination of drinking water, or the crippling of the financial system.
Economic Costs and Hacker Capabilities
Espionage activities are estimated to have cost Australia A$12.5 billion in 2023-24. This figure includes approximately A$2 billion worth of trade secrets and intellectual property stolen from Australian companies in one year. Burgess noted that intelligence collection is broadening to target private sector projects, negotiations, and investments for commercial advantage, alongside customer data.
The methods employed by these hackers are described as sophisticated. They involve identifying network vulnerabilities, penetrating systems, mapping infrastructure, and maintaining persistent, undetected access. This sustained access would enable them to conduct sabotage at a chosen time.
The Chinese embassy has been contacted for comment regarding these allegations.