Australia could face waves of massive, targeted attacks within weeks, with an expert revealing a disturbing clue that enemies are poised to strike.
Australia is at risk of a potentially crippling wave of cyber attack within weeks, as tensions between Russia and Ukraine threaten to boil over.
For months now, experts have been warning that a war between the nations was brewing in Europe.
Australia has already extended an offer to help Ukraine, and as a prominent ally of the US and a relatively influential global player, we now have a major target on our backs.
And according to leading cybersecurity expert and former Silicon Valley entrepreneur Lawrence Patrick, the threat facing Australia is now very real, despite being thousands of kilometres away from the physical action.
“The visual of seeing battalions at the border facing off with rifles pointed over their shoulder is very dramatic and easy to understand, but what’s being missed is that Russia is incredibly sophisticated when it comes to cyber warfare capabilities,” he told news.com.au.
“The reality is that cyber warfare is likely to be the actual arena of this conflict, and Russia already has a long track record of launching attacks against Australian organisations.”
Mr Patrick said it was likely that Russia planned to attack “soft targets” that could include hospitals, schools, businesses and not-for-profits.
“Australia is the strongest, oldest and most important military ally of the United States, so when there’s conflict between the US and Russia, Australia will undoubtedly be impacted by that,” he said.
“We could very well see scenarios where Australian businesses are targeted by Russian hacker groups.
“These groups are military – they may not wear uniforms, but they are definitely backed by the government, with military-grade technology and access to military server farms and resources to carry out attacks, so for all intents and purposes, these are nation-state attacks.
“Australia definitely should think of itself as being not far away at all from this conflict. It’s going to happen in the digital domain, and in that situation, you may as well be right next door, because they will come for you not matter where you are.”
So how exactly would a cyber attack play out? According to Mr Patrick, it could come in the form of a ransomware attack via a phishing campaign, which would trick someone into clicking on a link which could allow attackers to take control of that person’s account or infiltrate a system.
“Let’s say an admissions co-ordinator at a school clicks on a bad link – it could give an attacker access not only to your school, but all other networks connected to it, like the entire Department of Education,” he explained.
“This type of attack that allows them to steal data is critical – it could be student records, financial data, payroll data – any data that’s really important to the school system they can steal, lock it up, and basically say, ‘If you don’t pay us a zillion dollars, we’ll delete it or make the data public.’”
Some nations, such as North Korea, use the proceeds from these attacks to fund the development of weapons, but there’s also another, more disturbing goal – to create a state of anarchy.
“Russia has been pretty bold and blatant about the fact they want to create chaos – it’s a win-win, they get some cash from ransomware attacks, but they also create a lot of chaos,” Mr Patrick said.
“If they shut down a school system or throw critical infrastructure into disarray, it’s super helpful to their purpose of creating chaos and grinding day-to-day operations of a target country to a halt – it’s a big part of their playbook.”
And finally, Mr Patrick said these attacks were also used to gather information on as many people – including regular citizens – as possible.
Mr Patrick, who is originally from the US and spent 20 years working in Silicon Valley, including with Tesla CEO Elon Musk, now works for cybersecurity firm Zirilio after moving to Australia around a year ago.
He said the Zirilio Security Operations Centre has recorded a suspicious fall in the number of Russian-origin cyber attacks on Australian companies in the past fortnight, a chilling sign that a major ransomware campaign could be in the works.
Mr Patrick said it could be the “calm before the storm”, and that a major attack could be imminent, especially given how strategic an attack against Australia would be in the lead up to the federal election, which will be held in May at the latest.
“They are ready to go if the conflict heats up – they didn’t go away, they are not on vacation,” he said.
“We shouldn’t be watching videos of Russia and Ukraine and thinking it’s far away and we don’t need to worry.
“Every leader of every organisation in Australia … should be paying attention.
“If this conflict heats up, there will definitely be cyber warfare … because Russia is sophisticated in that area and has already made strikes against Ukraine in the cyber domain, and has already attacked Australia and the US openly and brazenly, so I fully expect that pattern to continue.
“The next volley, the next action, will be in the digital domain and it will be cyber attacks, and Australia will definitely be targeted because Australia is the strongest ally of the US and Australia has already spoken up on the Russia-Ukraine conflict.”
Australia also stands out as a target given our disproportionate share of media companies and influence, banking and wealth and the fact we export a lot of raw materials that are necessary to the global economy to function.
For those reasons, Mr Patrick is convinced “Australia will absolutely be targeted disproportionately to our population size, and the way we are likely to be attacked will be very fierce”.
“It’s inevitable we will be attacked, but it’s not inevitable they will be successful. We have to work together to create a safer Australia,” he said, adding that most cyber attacks take less than 60 seconds with the hackers in and out, often without business owners realising that a hack has even occurred until months later.
However, Mr Patrick is not alone in raising the alarm over Russian cyber attacks, with the European Central Bank and the New York Department of Financial Services also recently warning of similar digital strikes as a result of the bitter conflict.
Meanwhile, ASIO revealed on Wednesday that it had uncovered a “foreign interference plot” to influence an Australian election in its annual address, highlighting a number of national security issues the intelligence agency is currently investigating.
In fact, ASIO Director-General of Security Mike Burgess confirmed espionage and foreign interference on democracy within Australia has now “supplanted” terrorism as the nation’s “principal security concern”.