• Hannah Phillips

Attribution of Malicious Cyber Activity to Russia


The Prime Minister Scott Morrison along with Minister for Foreign Affairs Senator Marise Payne announced last Thursday that the “Australian Government has joined international partners to condemn a pattern of malicious cyber activity by Russia targeting political, business, media and sporting institutions worldwide”.

The said “Based on advice from Australian intelligence agencies, and in consultation with our partners and allies, the Australian Government has determined that the Russian military, and their intelligence arm ‘the GRU’, is responsible for this pattern of malicious cyber activity”.


“While Australia was not significantly impacted, this activity affected the ability of the public in other parts of the world to go about their daily lives. It caused significant, indiscriminate harm to civilian infrastructure and resulted in millions of dollars in economic damage, including in Russia”.

“This is unacceptable and the Australian Government calls on all countries, including Russia, to refrain from these types of malicious activities”.

“Cyberspace is not the Wild West. The International Community – including Russia – has agreed that international law and norms of responsible state behaviour apply in cyberspace”.

“By embarking on a pattern of malicious cyber behaviour, Russia has shown a total disregard for the agreements it helped to negotiate”.

“Australia’s International Cyber Engagement Strategy recognises that there must be consequences for those who act contrary to the consensus on international law and norms”.

“A first step is to attribute malicious behaviour publicly – as we are doing today. Our message is clear: the rule of law applies online, just as it does offline. We will protect the rules-based international order online, just as we do offline”.

The ACSC has issued updated advice on how to strengthen systems and harden defences. All Australian organisations are strongly encouraged to review the ACSC’s website at www.cyber.gov.au

Malicious cyber activity being attributed by Australia to the Russian Military by the PM and Foreign Minister is;

• In October 2017, BadRabbit ransomware infected victims in Ukraine and Russia interrupting businesses and critical national infrastructure, including energy and transport sectors.

• In August 2016, the Russian military released confidential medical files relating to a number of international athletes. The World Anti-Doping Agency has stated publically that this data came from a hack of its Anti-Doping Administration and management system.

• In 2016, the US Democratic National Committee (DNC) was hacked by the Russian Military and documents were subsequently published online.

• Between July and August 2015, multiple email accounts belonging to a small UK-based TV station were accessed by the Russian Military and content stolen.