Attribution of a pattern of malicious cyber activity to Russia

The Australian Government has joined international partners to condemn a pattern of malicious cyber activity by Russia targeting political, business, media and sporting institutions worldwide.

The Prime Minister, the Hon Scott Morrison MP and the Foreign Affairs Minister, Senator the Hon Marise Payne have made a joint statement condemning these actions.

The ACSC is committed to protecting Australian interests in cyberspace, and has contributed to identifying the perpetrators of these malicious actions.

State-sponsored malicious cyber activity is one of many cyber threats. This is a good reminder for organisations to consider the ACSC’s existing advice on hardening networks against malicious activity and mitigating against cyber security incidents. The ACSC has also published advice on securing Cisco devices against Russian state-sponsored activity.

Unacceptable malicious cyber activity being attributed by Australia to the Russian Military

  • In October 2017, BadRabbit ransomware infected victims in Ukraine and Russia interrupting businesses and critical national infrastructure, including energy and transport sectors.

  • In August 2016, the Russian military released confidential medical files relating to a number of international athletes. The World Anti-Doping Agency has stated publically that this data came from a hack of its Anti-Doping Administration and management system.

  • In 2016, the US Democratic National Committee (DNC) was hacked by the Russian Military and documents were subsequently published online.

  • Between July-August 2015, multiple email accounts belonging to a small UK-based TV station were accessed by the Russian Military and content stolen.

Read our Essential Eight Explained for an overview on how to mitigate cyber security incidents.

Find out more about common threats types.

If you have been a victim of a cybercrime, report it to the Australian Cybercrime Online Reporting Network (ACORN).