A statement from the Cyber Security Minister Angus Taylor (below, right) said that this claim was based on intelligence from Australian agencies and made "in consultation with our allies".
The US Computer Emergency Response Team issued a statement overnight, which it said came jointly from the Department of Homeland Security, the FBI and the UK's National Cyber Security Centre, wherein similar claims were made about attacks on sites in those countries. The US advisory said the attacks in question dated back to 2015.
Taylor said: “Commercially available routers were used as a point of entry, demonstrating that every connected device is vulnerable to malicious activity."
|
The US advisory said, in addition, devices which had generic routing encapsulation and the simple network management protocol enabled were also among those which had been attacked.
Over the last week of March and the first week of April, there have been attacks on sites belonging to Russian and Iranian interests; a theory that these were carried out by US interests has been played down by an ex-NSA man.
Added Taylor: “This attempt by Russia is a sharp reminder that Australian businesses and individuals are constantly targeted by malicious state and non-state actors, and we must maintain rigorous cyber security practices.”
The statement said there was no indication that information breaches had taken place in Australia.
Taylor, who is now in the US for discussions on cyber security and law enforcement, said: “A strong alliance between Australia and the United States is crucial if we are to prevent and develop strong defences to state-sponsored cyber incidents.
“The Turnbull Government, through its 2016 Cyber Security Strategy and the establishment of the Home Affairs portfolio, is committed to ensuring the Australian public sector, businesses and the community are safe from malicious cyber activity."
The US advisory said: "(The) FBI has high confidence that Russian state-sponsored cyber actors are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations."