Communist Party of Australia

We acknowledge the Sovereignty of the First Nations’ Peoples.

Issue #1921      June 29, 2020

Cyber fraud

Was Australia really attacked by China?

On the morning of the 19th June, Prime Minister Scott Morrison made a statement to the press on “malicious cyber activity against Australian networks.”

Morrison claimed that “[b]ased on advice provided to the Government by our cyber experts, the Australian Cyber Security Centre (ACSC), Australian organisations are currently being targeted by a sophisticated state-based cyber actor.”

Morrison pointedly avoided naming which “state-based” actors are suspected of the attack, saying “Australia doesn’t engage lightly in public attributions and when and if we choose to do so, it is always done in the context of what we believe to be in our strategic national interests.”

The hypocrisy of this claim is laughable, given how readily and on such flimsy grounds the same Liberal government has made public attributions for all sorts of problems, real and fictional, to China. And its hypocrisy is apparent even taking only this one incident into mind – while Morrison avoided explicitly naming them, the implication of blame on China was immediately obvious, and the topic dominated the questions asked to Morrison by reporters after his statement.

A few hours later, the ABC News headline read “China behind major cyber attack on Australian governments and businesses.” Despite being an article about Morrison’s statement, and even acknowledging that Morrison did not make any such claim about China, the ABC faithfully reported the headline that Morrison’s statement clearly sought to produce.

It is rather disturbing to live in an Australia where the ABC has sunk to lower standards of evidence, self-consciousness of political spin and basic diplomatic dignity than a Prime Minister from the Liberal Party’s right wing.

The only further information the ABC article cited in reference to their claim was unnamed sources from unnamed “Federal Government agencies.”

So what links these supposed “large-scale, sophisticated” cyber attacks to China? We will have to follow the argument in reverse.

The ASCS’ strongest claim is that the attacks are “state-based,” and it is only other observers which have made the leap from that claim, to blaming China in particular. This is despite there being no evidence whatsoever. The only “evidence” being pointed to is the supposed “precedent” of China’s involvement in prior similar attacks. However, no proof has ever been found for any such past claims either. So the only precedent is the precedent of the Australian government, organisations and media repeatedly pointing the finger at China without evidence, and never finding any evidence!

Instead of the ancient philosophical question of what accumulated number of grains of sand constitutes a “heap,” here we have the question of what accumulated number of groundless accusations constitutes “evidence” in politics.

China’s foreign ministry has denied any Chinese involvement, and pointed out the likely role of the Australian Strategic Policy Institute (ASPI) in spreading the baseless rumour. ASPI is a right-wing think tank which was originally founded by the Howard government, and energetically promotes rabidly anti-Chinese policy and views. It receives funding from the Australian Department of Defence as well as the Department of the Prime Minister and Cabinet, as well as other Australian government agencies, but also, and openly, from the US Department of State and from several US arms manufacturers including Lockheed Martin, Northrop Grumman and Raytheon.

So our tax dollars are being given to this organisation that spends much of its time spreading accusations and fear about alleged foreign interference in Australian affairs by China, while itself receiving funding from a foreign government and foreign arms manufacturers, whose main interest in politics is pushing for new wars so they can profiteer further off human misery.

This is real foreign interference and real abuse of democracy, but our government not only ignores it but continues to throw public money at it.

To take a further step back in the argument, what is the evidence that the attacks are state-based at all? In his statement, Morrison said that “[w]e know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the tradecraft used.”

Despite his also claiming his statement was made to “promote awareness,” there were virtually no details given of what was targeted or what sort of attacks these were.

But the ASCS website has some more details. The document “Advisory 2020-008: Copy-paste compromises – tactics, techniques and procedures used to target multiple Australian networks” pertains to the matter, and states:

“The title ‘Copy-paste compromises’ is derived from the actor’s heavy use of proof-of-concept exploit code, web shells and other tools copied almost identically from open source.”

So despite a core of the argument being that this attack’s supposed “sophistication” of its “tradecraft” constitutes part of the evidence for its being state-based, the actual method used by the attacker according to the ASCS itself was mostly to copy and paste from open source. Given that state-based actors are unlikely to release their espionage tools to open source, this means they were instead developed by non-state actors.

So the remaining part of this leap in the argument is that it is the “scale” of use of these tools that points to a state-based actor. But the idea that only states can carry out a particular large scale of cyber attack is becoming more out of date by the day. Not only are cyber-criminal gangs and even individuals known to have the capability to co-opt huge networks of third-party computers in order to carry out attacks, but the unfettered expansion of the financial, political and legal power of trans-national corporations (TNCs) has meant that the largest TNCs have power and capabilities rivalling or exceeding those of states. The persistent lack of scrutiny of TNCs and their influence is a major ideological blind spot, and is bound to increase in severe consequence as they continue their parasitic expansion.

The argument that the scale of the attack necessarily indicates a state-based actor makes an extremely dangerous assumption that because the ACSC is not aware of any non-state actors having carried out such an attack in the past, it could not happen now – as if the area of cyber-technology is not one where unprecedented leaps forward in unexpected places are the daily norm. “Promoting awareness” indeed.

Taking one last step back in the argument, we must finally scrutinise the claim that there was indeed an attack of a scale and potential impact large enough to warrant a public statement by the Prime Minister at all. The ASCS web page mentioned above states, “the ACSC identified no intent by the actor to carry out any disruptive or destructive activities within victim environments.” Furthermore, Morrison responded to a question about the number of targets of the attack by saying “there are many that have been targeted, but in terms of their success, that is not as significant.” In response to a question about whether the public’s personal or financial details have been compromised, Morrison was quick to retort that “the advice I have been given is that the investigations conducted so far have not revealed any large-scale personal data breaches.”

Morrison responded to another question about whether the scale of the attack was “unprecedented,” saying “I don’t know if I’d use that word.”

So what exactly warranted this public spectacle? Morrison simply stated “today is about raising the awareness”, and specifically made a point to “thank particularly the private sector operators that we’ve been working closely with”. He also mentioned the hundreds of millions of dollars of public money his government has spent on cyber-security, including on the private sector.

What role has the private sector played in establishing the facts and the messaging? How closely exactly are these private firms working with Australian government agencies on matters of national security? We will probably never be informed; Morrison will probably not choose to “raise our awareness” on this matter. But it is very interesting indeed that the private sector has been somehow involved in the discovery and communication of this supposedly news-worthy cyber-attack. However, we are unlikely to see the headline “Private cyber-security firms encourage more spending on cyber-security.”

Next article – HK – National Security Law

Back to index page