Your web browser is no longer supported. To improve your experience update it here

Cyber 'axis of evil' poised to strike Australia again, expert warns

A dangerous "axis of evil in cyberspace" is primed to launch more attacks on major Australian companies, a leading cybersecurity expert has warned, claiming the compromised networks of Medibank and Optus are just phase one in a dark master plan.
Highly skilled Russian and Chinese hackers will lead those cyberattacks, according to Tom Kellerman, a former cyber investigations advisor for the US Secret Service and Barack Obama's government.
The motives for recent attacks on Medibank, Optus, Latitude and other institutions went far beyond theft of data and the potential for financial extortion, he said.
Vladimir Putin and Russian Defence Minister Sergei Shoigu during the 2012 Victory Day military parade.
Russia's crack cyber warfare units are among the most feared in the world. (Getty)
Instead, virtually impossible to detect remote access trojans or backdoors, planted by hackers on comprised networks, will be used to "island hop" onto other critical infrastructure linked to those companies, Kellerman said.
He cautioned Australia must dramatically step up its cyber defence game, adding it was now time for the West to launch "true cyber offensive operations" against Russian and Chinese state-sponsored hacking collectives.
"You have this insurgency being waged against the West by this axis of evil and the intelligence services of these rogue states," he said.
"I'm very, very concerned that we're going to see a dramatic increase of disruptive cyberattacks against the West this spring (in the northern hemisphere).
"And what will be notable is it'll be the previously compromised critical infrastructures of the West that will be used to launch those attacks.
"They want to hijack the environment they attack and use it as a platform of attack against its constituency.
"And that changes how you defend because now you're dealing with a home invasion versus a burglar."
Over the last 18 months, Medibank (9.7 million people), Optus (9.8 million customers) and Latitude (14 million individuals) headlined a wave of assaults on Australian companies where customer trust is paramount.
In January, Aleksandr Ermakov, a known member of a Russian state-sponsored hacking group, was outed as responsible for the damaging cyberattack on Medibank.
Cyber security expert Tom Kellermann
Cybersecurity expert Tom Kellermann wants the West to get more aggressive with its cyber warfare operations. (Supplied)
Medibank said it refused to pay a $US10 million ($15 million) ransom; similarly, Optus and Latitude said they rejected ransom demands.
In the aftermath of the West's sanctions on Russia for invading Ukraine, Moscow had used ransomware attacks to offset that financial punishment, Kellerman said.
He worried that "unprecedented collaboration" between Russia and China, militarily and economically, made them a hugely formidable cyber threat to members of the Five Eyes and Quad alliances. Australia is a member of both pacts.
Russian citizen Aleksandr Ermakov
Russian citizen Aleksandr Ermakov has been officially linked to the attack on Medibank in 2022, which saw the private health details of 9.7 million Australians published on the dark web. (DFAT)
Kellerman urged Australia and Five Eyes allies to "truly" go on the offensive against the cyber axis of evil, which he said included North Korea and Iran.
"Why are we still playing defence? I don't understand it anymore," he said.
"How long are you going to allow these Russian cyberspies and cybercriminals to hammer away at our critical infrastructures?"
Western attacks must do more than just dismantle their infrastructure, he said.
"You use destructive attacks against every aspect of that cybercrime cartel's existence online, and you forcibly knock them down and off the Internet through a myriad of different capabilities."
Vladimir Putin throughout the years
Vladimir Putin through the years: Who really is Russia's President?
The West was "terrified of escalation", he said, because governments worried that destructive attacks, so far unseen, "would become widespread if they did that".
But Kellerman called that "foolish" thinking.
"I think that the adversary and the enemy of Australia and the US is more than willing to leverage destructive attacks, and is currently preparing the battlefield to do just that."
CONTACT US

Send your stories to contact@9news.com.au

Auto news: The change coming to a BMW favourite.