This is a drill: Australia's cyber 'war' against a country a bit like Russia

Tallinn: Australia will join the world’s biggest “live fire” cyber-war exercise, a week after Australia, the US and UK issued an extraordinary warning that Russian state-sponsored hackers were targeting key public and private infrastructure in Western countries.

The annual exercise, known as Locked Shields, takes place this week in Tallinn, Estonia, and tests the ability of government teams from countries across the world to withstand a full-scale cyber attack.

Last year the hostile state in the Locked Shields exercise was dubbed ‘Crimsonia’ – literally a red menace.

This year’s Locked Shields will simulate a hostile co-ordinated cyber-attack against a major civilian internet service provider and military airbase. The US and UK believe Russia has been working to develop the capability to launch such a strike since at least 2015.

Last year the hostile state in the Locked Shields exercise was dubbed ‘Crimsonia’ – literally a red menace – though organisers said it would not be “politically correct” to say it was modelled on Russia, and other countries could have the same capability and intent.

The UK’s cyber security chief Ciaran Martin has called Russia “our most capable hostile adversary in cyberspace”.

“Locked Shields is an important exercise to ensure the international community can detect and respond to cyber attacks, given recent incidents involving business and infrastructure,” Australian foreign minister Julie Bishop said.

Ms Bishop attended Locked Shields last year and was so impressed she decided Australia should look to join in future years.

Foreign Minister Julie Bishop observes the Locked Shields exercise in April 2017

This year Australia has sent an official observer, a senior officer from our Computer Emergency Response Team.

The Australian government will soon sign up to join NATO’s Cooperative Cyber Defence Centre in Tallinn, which runs the exercise. It brings together world-leading experts from military, government and industry backgrounds to develop cyber defence strategies and tools.

All CCDCOE members have approved Australia’s membership. Once it is formalised, Australia will send a permanent Defence representative to the centre.

Last week the Australian government revealed a “significant number of Australian organisations” had been hit by “malicious cyber activity” in a co-ordinated attack in 2017 that was traced back to “Russian state-sponsored actors”.

The news came as the UK and US put out an unprecedented joint “technical alert” which they said was the result of analysis by the US Department of Homeland Security and FBI, and the UK’s National Cyber Security Centre.

According to the alert the FBI and NCSC had “high confidence that Russian state-sponsored cyber attacks” had compromised routers – the basic infrastructure of the internet – in order to “support espionage, extract intellectual property… and potentially lay a foundation for future offensive operations”.

Since 2015 the US and UK governments had received information that hackers supported by the Russian government had carried out a worldwide campaign to exploit security holes in the hardware that shuttles data around the internet.

The hackers had identified vulnerable devices, harvested log-in credentials and passwords, and modified the devices to leave them open to future attack.

“Network devices are ideal targets,” the alert said. “Whoever controls the routing infrastructure of a network essentially controls the data flowing through the network.”

They urged internet service providers, public sector organisation and private sector corporations and small businesses to “reduce exposure” to the threat by updating firmware and passwords.

Security experts said Russia had been “deep inside” networks for years, and the alert was partly intended to send a message to Russia that the West was aware and ready to retaliate.

It came at a time of heightened tensions after diplomatic expulsions over the poisoning of ex-spy Sergei Skripal in England, and Russia’s support for the Syrian regime despite its use of banned chemical weapons.

UK foreign secretary Boris Johnson told the BBC that Russian retaliation for UK sanctions could include cyber attacks.

"When you look at what Russia has done, not just in this country, in Salisbury – attacks on TV stations, on the democratic processes, on critical national infrastructure – of course we have to be very cautious indeed," he said.

On Monday Australia opened a "pop up" embassy in Tallinn, in operation until June 1, to capitalise on Locked Shields as well as CyCon, a conference on cyber conflict, and the Tallinn e-governance conference.

Source: Read Full Article