Paterson welcomed the government’s decision to publicly attribute the behaviour to China but called on it to go further by using the Magnitsky sanctions regime to penalise people who engage in offensive cyber activity against Australia.
Microsoft said the “stealthy and targeted malicious activity” had been carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering.
“Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises,” the company said.
Microsoft said the hacking campaign had “affected organisations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors”.
“Observed behaviour suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible,” Microsoft said.
Cybersecurity agencies from the Five Eyes intelligence-sharing nations – Australia, the US, New Zealand, Canada and the United Kingdom – issued a joint advisory note on Thursday morning saying they wanted to “highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China state-sponsored cyber actor, also known as Volt Typhoon”.
“Private sector partners have identified that this activity affects networks across US critical infrastructure sectors, and the authoring agencies believe the actor could apply the same techniques against these and other sectors worldwide,” the agencies, including the Australian Signals Directorate, said.
The agencies published the code of the malicious program to help make private companies and government agencies aware of how to identify it.
Cut through the noise of federal politics with news, views and expert analysis from Jacqueline Maley. Subscribers can sign up to our weekly Inside Politics newsletter here.
