back to article Australian PM says nation under serious state-run 'cyber attack' – Microsoft, Citrix, Telerik UI bugs 'exploited'

Australian Prime Minister Scott Morrison has called a snap press conference to reveal that the nation is under cyber-attack by a state-based actor, but the nation’s infosec advice agency says that while the attacker has gained access to some systems it has not conducted “any disruptive or destructive activities within victim …

  1. Winkypop Silver badge

    Don't mention China

    I did once, but I think I got away with it.


    Morrison just wants to change the news cycle to some vague threat instead of the constant stuff ups of his government.

    Your choice.

    1. BigE

      Re: Don't mention China

      Could also be East Timor. Not likely but perhaps in retaliation for the bungled ASIS spying debacle.

      1. Anonymous Coward
        Anonymous Coward

        Re: Don't mention China

        No, it was the NSA testing the content of CIA's Vault 8

      2. BigE

        Re: Don't mention China

        I don't know why there were so many down votes. Remember when that Scotish Chancellor then later PM, Gordon Brown took away our right to legal privilege for taxation matters, well right now a secret trial is being held in Canberra by the state against Bernard Collaery because he got involved in intelligence matters when a client came to him for advice.

        1. amanfromMars 1 Silver badge

          Re: Don't mention China

          I don't know why there were so many down votes. ..... BigE

          It would be generous to surmise and offer ignorance as their defence, BigE, for it is very likely they know/knew nothing of the Timor-Leste Watergate-like bugging scandal and the Commonwealth's apparent support of such as is politically incorrect criminality prosecuted in the Wild West/Land of the Free and Lonesome Brave.

          However, thanks to the information in the rest of your post, that excuse is rendered obsolete and invalid/no longer freely available to be believed.

          Notwithstanding all of that, it still does not help a great deal in identifying who is buggering about and challenging systems so easily remotely crashed/flashed, beyond the shadows of any doubt.

          Indeed, in some cases which appear to be steadily growing in number, such damning attribution will never ever be possible as one will be jousting with ghosts and hosts of the past which have moved on in a changed guise with new disguises into new realms in the future.

          1. BigE

            Re: Don't mention China

            Yeah I was not being that serious. Actually, your post is way too long. If you cannot express yourself in less that 148 chars then nobody listens.

            1. amanfromMars 1 Silver badge

              Re: Misinformed Disinformation Campaigners

              Yeah I was not being that serious. Actually, your post is way too long. If you cannot express yourself in less that 148 chars then nobody listens. .... BigE

              Crikey, moronic nonsense in all its glory, BigE. Bravo. Clearly you have a lot yet to learn and listen out for. At least you're in the right place. [28 words 147 characters]

  2. jgarbo

    No Prime Minister, it's not a Chinese cyber attack. One of the new staffers tried to update Windows, that's all. Call your administrator...

    1. W.S.Gosset Silver badge

      Actually, AU Parliament House was shut down a coupla years ago due to a major attack which was definitively attributed to Chinese State Actors.

      Stated in public and even reported in the press.

      1. Kabukiwookie

        Have you seen any proof that it was the chinese or was it the always honest politicians and the 'security' company paid by said politicians that produced the report?

  3. Anonymous Coward
    Anonymous Coward

    The most obvious candidate in these cases

    Is the Domestic Government doing it itself, for its own reasons, typically distraction, control or eroding of Liberty.

    Find another state to blame and then get your tame National TV Broadcaster to make a drama-documentary out of it.

  4. amanfromMars 1 Silver badge

    The New Norm.... Get Used to it being that Way and a Novel Way for Doing All Things Differently*?

    It's nothing to worry or panic about. You the plebs want and we the hoi polloi promise transparency in geopolitical and communal business shenanigans and our virtual machines deliver the information for ...... well, ideally considerably smarter intelligence use by virtually untouchable and practically invisible others but the perverse rewarding attractions of wanton abuse and conspiratorial misuse are a persistent and pervasive and virulent menace, specifically designed and introduced some many would say, for fools to deal with.

    * .... as in planned by A.N.Others Intelligent Designed to be Always Unknown and Practically Ethereal.

    And coming soon to theatres near you ‽ . :-)

    But of course. Why ever not? Do you not deserve the rapturous attention?

      Paris Hilton

      Re: The New Norm.... Get Used to it being that Way and a Novel Way for Doing All Things Different

      I would watch an amanfrommars movie. When's it coming to my theatre?

      1. amanfromMars 1 Silver badge

        The New Norm.... Ur Perfect Wishes Our to Sublimely Command with Almighty Remote Controls

        I would watch an amanfrommars movie. When's it coming to my theatre? ....

        Have no fear, El Reg will be the first to know. So that's who to call for details re specialist advanced viewings/private pirate screenings/further future need to know information. That much is without doubt here guaranteed unreservedly and also most deservedly, methinks.

        1. Beeblebrox

          amanfrommars movie?

          ?It is AI¿

          !Mooronity Rapport¡

          'Verily Mancunian'

          Observed from afar.

      2. MrDamage Silver badge

        Re: The New Norm.... Get Used to it being that Way and a Novel Way for Doing All Things Different

        Take one tab of acid, every hour, for the next 3 days.

    2. MCMLXV

      A pedant writes...

      "the hoi polloi"

      Can't believe I'm responding to a post from amfM 1. First (and likely last) time ever. <pedant>"Hoi" in this context means much the same as "the" in English so "the hoi polloi" is tautological</pedant>.

      Somebody buy me a beer whilst I drown my sorrows with a well-overdue dose of Aristophanes. (If you buggers won't, I'll have to schlepp it to ScotMid and get some myself :-) )

  5. Andrew Commons


    I did a WHOIS lookup on the first IPV4 address in the published IOCs....

    It's assigned to a certain Vultr Holdings...

    Has The Reg got something they are not telling us?

  6. Anonymous Coward
    Anonymous Coward

    Belgium...or Australia...I think we should be told


    It was all a mistake....the GCHQ hack on Belgium was just a test. The bods in Cheltenham were getting ready for the real target.....Australia in 2020!!!!

  7. sanmigueelbeer

    Australia wouldn't get hacked if it installed Huawei gear -- just sayin'.

    1. BigE

      Naah, that'd be shipped rooted, maaate.

      1. W.S.Gosset Silver badge
        Thumb Up

        Upvote for the Aussie pun.

  8. This post has been deleted by its author

  9. Anonymous Coward
    Anonymous Coward


    You can rely on the Australian PM to warn of events that are about to happen or have just happened when he is talking about stomach upsets while visiting Maccas. Such as Engadine in 97.

    For everything else, he seems to provide the warnings about a month late.

    1. W.S.Gosset Silver badge

      Re: ScoMo

      Requirement of the job.

      And he's startlingly public-minded compared to his predecessors.

      E.g., Whitlam was warned on starting that Chinese espionage vs Australia was at startling levels that made the Russians vs USA mid cold war look like pussies.

      That was early 70s (for the non Australians among us)(Whitlam was the incoming PM (Prime Minister, for the Yanks).

      Whitlam always insisted China was our great friend. Bit of a theme with him. It was only once the secrecy quarantines rolled off decades later that the formal ASIO & ASIS briefings came to light.

      Cf in particular Kevin Rudd and Bob Carr. Who are surprisingly wealthy chaps, nowadays.

      1. Anonymous Coward
        Anonymous Coward

        Re: ScoMo

        While it should be a requirement of the job, look at ScoMo's record so far - he reacts slowly and is generally out of line with his peers.

        Outside of being first to know that he crapped himself at a McDonalds after the footie, ScoMo's awareness of anything is questionable.

  10. IGotOut Silver badge

    Not a problem.

    I'm sure all these highly important areas all apply patches in a prompt and timely manner.

  11. Tubz Silver badge

    Don't mention China, they get upset and say we all anti-Chinese racists !!

  12. Warm Braw

    To inform and educate Australians

    Risky strategy if he wants them to keep voting for him.

  13. disgruntled yank


    Well, maybe he doesn't want to get expelled from the university.

  14. Anonymous Coward
    Anonymous Coward

    It's not just Australia

    I am seeing a lot more malware and access attacks at work - the numbers have been way up since the start of the year.

    1. Nick Ryan Silver badge

      Re: It's not just Australia

      I believe those are called "staff". Particularly remote workers...

  15. MrDamage Silver badge

    "Serious cyber attack"

    Also known as "Everyone in Australia trying to do their taxes online, and overloading shitty govt systems".

    This announcement is brought to you by the same govt that insisted a MtM NBN could be done cheaper, betterer, fasterer than FTTH.

  16. Nick Ryan Silver badge

    Telerik UI? Says it all really. :( Can looks nice-ish, but thoroughly over complicated in places, breaks legally required accessibility in so many ways and is one of the many recent fad toolkits used by developers who seem to have no idea about security and the difference between data validation on the client and data validation on the server (and generally consider every single web page to be a modal application).

  17. amanfromMars 1 Silver badge

    Shining Another Light on a Matter which is only Just and Just Getting Started

    Whenever considering ......

    But some observers well-versed in security matters think there is something else going on here, and that the truly intended audience was overseas. Note how Morrison indicated the “malicious” intrusions were carried out “by a state-based actor with very, very significant capabilities” and “there are not a large number of state-based actors that can engage in this type of activity”. .....

    ...... is anyone prepared to say either there are not or there are a large number of non-state based actors with very significant capabilities who can engage in this type of activity with their activities being extremely surprising and tremendously concerning and virtually impossible to practically contain and/or curtail?

    And admit it's also a New AI Norm?

    1. amanfromMars 1 Silver badge

      Re: Shining Another Light on a Matter which is only Just and Just Getting Started

      The deafening silence resulting from those few questions tells one everything one needs to know about the dire pickle you're all in ......... with no effective defence or attack vector ever readily easily available, which one has to admit is a very bold statement and quite an outrageous state of international and internetional affairs.

      YMMV of course, fully dependent upon what you do not yet know to be true, which is perfectly normal. IT and AI has always been that way.

  18. I ain't Spartacus Gold badge

    China will regret this!

    Australia will respond with a DDoS arrack on China. For the unversed in the terminology that’s a Distributed Delivery of Spiders attack. An area where Australia is well ahead in the global arms (legs?) race...

    And that’s before they resort to chemical warfare. It’s no surprise the attack has included their breweries, as what nation could survive the twin assault of Fosters and XXXX attacks?

    Worse still, the S in DDoS can be switched to snakes or even salties.

  19. physeptone

    Spiders, snakes and crocodiles?

    It is supposed to be an attack, not provision of a food feast.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like