The Australian Signals Directorate (ASD) defends Australia from global threats and advances its national interests through the provision of foreign signals intelligence, cyber security and offensive cyber operations as directed by the Australian Government.
In its 2019-20 annual report, the ASD outlines its response to the COVID-19 pandemic and its approach to offensive cyber operations.
ASD’s COVID-19 response
The pandemic created an increased need for cyber security advice and support across business, government, and the public.
Throughout the reporting period the ASD focused on:
- Providing tailored cyber security advice, including to the healthcare sector and to small and medium-sized businesses.
- Providing cyber security technical advice to assist in the development and ongoing implementation of the COVIDSafe app.
- Mitigating and disrupting COVID-19 related crimes such as cybercrime, as demonstrated below.
Countering COVID-19 themed cybercrime
Throughout the pandemic, cybercriminals have sought to take advantage of vulnerable Australians searching for information about COVID-19 testing, social distancing restrictions and government assistance.
COVID-19 themed websites were developed by malicious actors to spread malware and steal visitors’ personal information for financial exploitation, luring people in with email and SMS phishing campaigns, often impersonating government agencies and health officials.
The ASD’s Australian Cyber Security Centre (ACSC) led the response to this activity by:
- Working with Australian telecommunications providers to block access to malicious websites.
- Working with industry partners to flag these websites as malicious to warn users.
In parallel, ASD mobilised its offensive cyber capabilities to disrupt foreign cyber criminals exploiting the pandemic to target Australians.
Offensive cyber operations
Offensive cyber operations involve a broad range of offshore activities designed to “deter, disrupt, degrade and deny adversaries in support of Government national security priorities”.
The report highlights how the ASD has used its offensive cyber capabilities in recent years.
Targeting malicious actors during the pandemic
International cybercriminals perpetrated a series of cyber attacks throughout the COVID-19 pandemic including stealing money and data from Australians. ASD used its offensive cyber capability to disable the cybercriminals’ infrastructure and block their access to stolen data.
To increase transparency around its offensive cyber capabilities, the ASD provided information on a 2016 operation against Islamic State in support of the Australian Defence Force.
ASD and its partners disrupted Islamic State propaganda computer networks by accessing accounts, locking out users, gathering intelligence and deleting content. This hindered Islamic State recruitment capabilities.
Disrupting offshore cybercriminals
ASD collaborated with the UK Government Communications Headquarters (GCHQ) to disrupt cybercrime offshore.
ASD and GCHQ conducted offensive cyber operations targeting cybercriminals selling credit card details on the dark web. This enabled the identification of over 200,000 stolen credit cards globally, including 11,000 Australian cards, preventing a potential loss of approximately $90 million globally and over $7.5 million domestically.
The Australian Signals Directorate (ASD) has displayed a strong focus throughout 2019-20 on combating malicious actors looking to exploit and profit from the pandemic, often through COVID-19 themed cybercrimes. ASD has also mobilised its offensive cyber capabilities to respond to this threat and others, including threats posed by international terrorist organisations and organised crime networks.