Our Platform

    Protect and safeguard your OT network and operations with the industry's most advanced, most capable cybersecurity platform.

    Learn More

      icon for visibility

      Asset and Network Visibility

      Discover and visualize every asset and every network connection in your OT environment.

      icon for policy enforcement

      Policy Enforcement

      Segment your network and enforce granular policies for true Zero Trust cybersecurity.


        Anomaly and Threat Detection

        Identify unexpected or unauthorized activity, from Level 0 signals to cloud connections.

        icon for signal integrity

        Signal Integrity Validation

        Monitor physical process signals to detect threats and prevent system damage.

          Mission Secure Platform Overview

          Learn More


            Keep your organization secure against cyber threats and take control of your OT network.

            View All Industries

              A Comprehensive Guide to Maritime Cybersecurity

              Learn More


                Find helpful OT and ICS cybersecurity resources, guides, and downloads.

                View All Resources

                  eBook: A Comprehensive Guide to OT Cybersecurity

                  Read More

                    About Us

                    Our team of world-class OT, IT, and cybersecurity experts are setting the standard in OT cyber-protection.

                    Learn More

                      Cyber Risk: From a Hacker's Point of View

                      Listen Now
                        3 Min Read

                        Australia Targeted: Confronting a Nation-state Cyber Attack

                        Written by Mission Secure

                        Australia Targeted: Confronting a Nation-state Cyber Attack featured image

                        On June 18, 2020, the Australian government's Cyber Security Centre issued Advisory 2020-008 regarding the "sustained targeting of Australian governments and companies by a sophisticated state-based actor." According to multiple reports, institutions such as hospitals and state-owned utilities have been under attack for months.

                        In a notably rare occurrence, Australian Prime Minister Scott Morrison publicly acknowledge being under an ongoing state-sponsored cyber-attack. Morrison called for the public to be aware and warned during a live briefing, stating: 

                        "This activity is targeting Australian organizations across a range of sectors, including all levels of government, industry, political organizations, education, health, essential service providers, and operators of other critical infrastructure."

                        "It's stunning to see a Head of State admit to a sophisticated months-long cyber-attack across the breadth of industries, government institutions, and public service organizations," comments Ed "Otto" Pernotto, Mission Secure's co-founder and Senior Military Advisor. 

                        While the suspected nation-state wasn't named by the Australian government, cybersecurity experts largely believe China is behind the spread of cyber-attacks. According to the Financial Times, Tom Uren, cybersecurity analyst at the Australian Strategic Policy Institute, stated, "Of course it is China. There are a few countries that have the capability: Russia, China, US, UK, and perhaps Iran and North Korea, although they may not have the scale. Only China in this list will have the appetite for such a broad approach." Various reports and comments from cybersecurity experts reinforce the likelihood that China is behind the cyber-attacks. A claim that has been denied by the Chinese Ministry of State Security.

                        Retaliations in Cyber Space

                        As BBC reports, the timing of the cyber-attacks also seems to reinforce China as the culprit behind the attacks. Australia recently called for investigations into the origins of COVID-19. In response, China imposed tariffs and discouraged its citizens from traveling to Australia.

                        Australia also banned the Chinese technology giant, Huawei, from participating in its national 5G infrastructure work due to national security concerns, another point of contention between the two nations. The basis of the ban is Chinese law, which requires "organizations and citizens to support, assist, and cooperate with intelligence work"—a law some analysts say make Huawei a "conduit for espionage." Former Australian officials cite the increasing cyber-attacks over the last months as retaliation for the ban. 

                        A String of Cyber-attacks

                        Neither Morrison nor the advisory went into detail on the cyber-attacks. However, there have been a string of high-profile attacks in the headlines spanning industries and at varying levels of severity. As previously shared by Mission Secure, 2020 attacks impacting physical operations or operational technology (OT) include:

                        BlueScope Steel (Mining & Metals): The "third largest manufacturer of painted and coated steel products globally" suffered a cyber incident in mid-May, causing some production and manufacturing operations to halt, including production at its Port Kembla site. 

                        Lion (Food & Beverage): Sydney-headquartered beverage giant suffered two cyber-attacks over the last weeks, causing production to stop and creating a supply shortage. The Lion cyber-attack is currently believed to be Russian-based. However, coincidentally, Lion is also "the subject of a $600 million takeover bid by foreign business China Mengniu Dairy." Also noteworthy, Mengniu is partially owned by a Chinese state-owned food processor, COFCO.

                        In addition to cyber-attacks physically impacting commercial production activities, the Australian logistics giant, Toll Group, suffered two ransomware attacks over three months, causing customer delays and business disruptions. Defense manufacturers, government contractors, and accounting firms also reported data breaches previously.

                        A Call for Cyber Resiliency

                        The requirement for a robust cybersecurity program in today's digital age is not new news. But the increasing frequency, sophistication, and scale of cyber-attacks, as seen in Australia, is a call that cybersecurity must be the first thought in adopting and deploying technology—instead of an afterthought. "This may represent the ratcheting up of conflict without any apparent loss of life or damage to actual systems," states Pernotto. "However, it further demonstrates the need for continually improved defensive capabilities that are flexible, robust, and extended across both information technology and operational technologies."

                        Operational technology and industrial control systems need to be protected to make today's critical infrastructure cyber-resilient. Yet, OT cybersecurity lags IT cybersecurity by years. Ed Suhler, Vice President of Implementation Services and U.S. Department of Defense Projects at Mission Secure, has previously written and spoken about the OT cybersecurity blind spot, publishing earlier this year:

                        "The escalating attack frequency, combined with an increasingly sophisticated threat landscape, highlights the need to make critical systems more resilient to cyber threats. Organizations and governments must deal with scenarios where they are actively under a cyber attack, requiring a proactive response, not just a reactive one. A cyber attacker has found their way into their networks and systems, now what?

                        There is a clear need to build methods to monitor and detect cyber threats at more granular levels, thus pushing the cyber protections out to where the impact happens—the cyber-physical processes within the mission-critical OT environment."

                        Across industries—power generation and distribution, metals and mining, pharmaceutical, or food and beverage—they all share control systems built for reliability and productivity, but not cybersecurity. As Suhler states, "It's time to address the blind spots now and make critical control systems and OT networks cyber resilient." It's required to combat cyber adversary, from wherever they may come.


                        Interested in learning more? Send us a message.