[BreachExchange] Chinese cyberattack almost shut off power to THREE MILLION Australians

Terrell Byrd terrell.byrd at riskbasedsecurity.com
Tue Dec 7 10:27:43 EST 2021


https://www.msn.com/en-gb/news/world/chinese-cyberattack-almost-shut-off-power-to-three-million-australians/ar-AARz9G6

Chinese hackers came within minutes of shutting off power to three million
Australian homes but were thwarted at the final hurdle.

The Communist regime launched a 'sustained' ransomware attack on CS
Energy's two thermal coal plants in Queensland on November 27 - showing
what Beijing could be capable of in a wartime scenario.

There were panic stations within the energy firm as employees began to lose
access to their emails and other critical internal data.

CS Energy quickly realised the cyber attackers were trying to bypass their
internal corporate systems to access the generators that circulate 3,500MW
of electricity into the grid.

A successful attack would knock out power to between 1.4 and 3 million
homes with no way of knowing how long it might take to regain control of
the generators.

IT specialists came up with a brilliant last-minute move to stop Beijing
from gaining access, by separating the company's corporate and operational
computer systems.

Once the network was essentially cut in half, hackers had no way of seizing
control of the generators.

Sources with knowledge of the hack attempt said the cyber-attackers were
less than 30 minutes away from shutting down power.

Intelligence and Security Committee chairman Senator James Paterson warned
urgent reforms were needed to beef up Australia cyber defence capabilities
as nations like China and Russia become increasingly hostile.

'Our cyber vulnerabilities are increasing in complexity for two reasons:
firstly, the increasingly interconnected digital nature of our lives,' he
told the Daily Telegraph.

'And secondly, because of the evolving security environment in the
Indo-Pacific region, particularly China's willingness to use every domain
available to achieve its geostrategic objectives, including the cyber
realm.'

Scott Morrison last year revealed a malicious 'state-actor' launched a
sophisticated and sustained cyber campaign to infiltrate Australian banks,
transport networks, hospitals, universities, critical infrastructure and
the military.

Security experts pointed the finger squarely at Beijing, with former
officials claiming the cyber invasion was payback for Australia's decision
to ban Huawei from the national 5G network.

The Chinese telecommunications giant is the world's largest 5G
infrastructure builder but Canberra banned its involvement in Australia's
critical infrastructure rollout in August 2018, citing national security
concerns.

Since then, Canberra's relationship with Beijing has deteriorated even
further with the totalitarian state still furious over the government's
calls for an independent inquiry into the origins of the Covid-19 pandemic.

Xi Jinping responded with billions of dollars worth of arbitrary bans and
tariffs on a range of Australia's exports.

But Australia is not alone when it comes to cyber attacks from Beijing.

Microsoft on Monday announced it 'disrupted the activities of a China-based
hacking group that we call Nickel' which carried out attacks in the US and
28 other countries.

'We believe these attacks were largely being used for intelligence
gathering from government agencies, think tanks and human rights
organizations,' the software giant said.

Last month the China targeted Indian utilities and infrastructure sites
with cyber-attacks also trying to shut down a coal-fired power plant.

Taiwanese officials said their small democratic nation just 180km off the
coast of China receives up to 'five million attacks a day' with the vast
majority likely to be directed by Beijing.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20211207/246720e5/attachment.html>


More information about the BreachExchange mailing list