Australia issues cyber warning over Russian hackers targeting critical industries

14 Luglio 2026 - 12:45
0

The Australian Signals Directorate says defence, energy, communications, healthcare and financial services are being targeted through outdated software, exposed routers and predictable passwords

The Australian Signals Directorate has issued a new warning about cyber groups linked to Russian intelligence agencies targeting critical infrastructure and strategic industries in Australia.

The alert was released with almost two dozen international partner agencies and focuses on organisations operating in defence, communications, energy, healthcare and financial services.

State and local government bodies are also considered particularly vulnerable because of the size and complexity of their digital networks.

Routers and vulnerable devices targeted

According to the ASD, the attacks do not necessarily rely on highly sophisticated technology.

Hackers are searching for routers, switches, laptops and other network devices using outdated software, factory settings or weak passwords.

Once a vulnerable device is identified, attackers may gain access to the organisation’s network, steal login credentials and move through connected systems in search of sensitive information.

Links to Russian intelligence services

The ASD says the activity is associated with cyber groups operating on behalf of Russia’s Federal Security Service, known as the FSB.

Groups named in the warning include Berserk Bear, Energetic Bear, Crouching Yeti, Dragonfly, Ghost Blizzard and Static Tundra.

Different security agencies may use different names for the same operators, but the groups have been monitored for years over attacks targeting governments, companies and essential infrastructure.

A simple but effective method

Former Australian Cyber Security Centre head Alastair MacGibbon compared the method to someone walking through a neighbourhood and checking which doors have been left unlocked.

The attackers scan large numbers of internet addresses looking for equipment that has not been updated or is still protected by the manufacturer’s default username and password.

The approach may appear basic, but it can be extremely effective when carried out on a large scale.

The danger of remaining undetected

One of the greatest risks is the amount of time attackers may remain inside a network before the intrusion is discovered.

The longer a breach goes undetected, the more opportunity hackers have to steal documents, passwords, personal information and details about an organisation’s operations.

Access may also be used to prepare future attacks, disrupt essential services or create entry points that could be activated during an international crisis.

Defence, energy and communications at risk

The targeting of critical infrastructure makes the warning particularly serious.

A successful attack against an energy provider, telecommunications network or defence organisation could have consequences far beyond the theft of data.

Even a temporary disruption could affect businesses, transport systems, hospitals and members of the public in a society increasingly dependent on connected digital services.

Warning coordinated with international allies

The alert was issued in cooperation with the United States National Security Agency and security bodies in the United Kingdom, New Zealand, Canada, Finland, France and Denmark.

The involvement of multiple countries indicates that the threat is not limited to Australia but forms part of a broader international campaign against public and private networks.

Five Eyes countries had already issued a warning about cyber risks associated with artificial intelligence and advised organisations to disconnect systems that do not need to remain online.

Many devices should not be exposed online

Experts say many routers used by organisations should be protected behind firewalls and should never be directly accessible from the public internet.

Some businesses may not know exactly how many devices are connected to their networks or may not realise that certain equipment is visible to external users.

A single forgotten or outdated device can provide attackers with a pathway into an entire organisation.

Measures recommended by the ASD

The Australian Signals Directorate is urging organisations to update the software and firmware on network devices and remove all factory-default credentials.

Passwords should be long, unique and stored securely. Multi-factor authentication should also be enabled wherever possible.

Businesses and government bodies are being encouraged to identify which devices are exposed online, review access logs regularly and isolate systems that do not require an external connection.

A cybercrime report every six minutes

ASD data shows that a cybercrime report is made in Australia approximately every six minutes.

Not every incident is linked to a foreign government, but the figure highlights how digital threats have become part of everyday life for citizens, businesses and public institutions.

State-linked cyber campaigns represent a different level of danger because their objectives may be political, strategic or military as well as financial.

Cybersecurity begins with the basics

The warning demonstrates that major cyberattacks do not always begin with advanced or unfamiliar technology.

Many breaches succeed because software has not been updated, a password has not been changed or a network service has been left unnecessarily exposed.

For governments and businesses, protecting critical infrastructure begins with basic measures: understanding their systems, installing security updates and preventing vulnerable equipment from remaining visible to attackers.

fety #AlloraOnline

The post Australia issues cyber warning over Russian hackers targeting critical industries first appeared on Allora! Italian Australian News.

Qual è la tua reazione?

Mi piace Mi piace 0
Antipatico Antipatico 0
Lo amo Lo amo 0
Comico Comico 0
Wow Wow 0
Triste Triste 0
Furioso Furioso 0
Redazione

Redazione Eventi e News

Commenti (0)

User