Australia’s top intelligence official has issued a stark warning about the growing threat of Chinese state-backed cyber espionage targeting the nation’s critical infrastructure and telecommunications networks. According to ASIO director-general Mike Burgess, this wave of cyber activity is part of a broader trend of “unprecedented levels of espionage” driven by great-power competition, costing the Australian economy an estimated $12.5 billion in the 2023-24 fiscal year.
Speaking at a business forum in Melbourne on Wednesday, Burgess declared that Australia is now in an era of “strategic surprise and security fragility,” bracing for potential major disruptions. “I have previously said we’re getting closer to the threshold for high-impact sabotage,” Burgess noted at the Australian Securities and Investments Commission (ASIC) forum. “Well, I regret to inform you — we’re there now.”
Chinese Hacking Groups in Focus
Burgess specifically highlighted the activities of Chinese hacking groups Salt Typhoon and Volt Typhoon, which have been implicated in targeting telecommunications networks in both Australia and the United States. He pointed to Volt Typhoon’s campaign against networks supporting the US military presence in Guam, where hackers compromised critical infrastructure to pre-position for potential sabotage.
“The penetrations gave China the ability to turn off telecommunications and other critical infrastructure,” Burgess explained. “And yes, we have seen Chinese hackers probing our critical infrastructure as well.”
While Burgess refrained from naming Beijing directly, he alluded to a “nation state — no prizes for guessing which one” conducting multiple attempts to infiltrate critical infrastructure in Australia and other Five Eyes countries. These attempts have targeted water, transport, telecommunications, and energy networks, utilizing “highly sophisticated” methods designed to maintain persistent, undetected access.
Implications for Business and National Security
The implications of these cyber threats are profound, with Burgess urging business leaders to fortify their systems and protect sensitive data. The prospect of foreign-driven infrastructure disruption “keeps [him] up at night,” he admitted. “The loss of availability in any part of our critical infrastructure can be devastating,” Burgess warned. “That’s one phone network not working for less than one day.”
“Imagine the implications if a nation-state took down all the networks? Or turned off the power during a heatwave? Or polluted our drinking water? Or crippled our financial system?”
These scenarios are not merely hypothetical. State actors are actively exploring sabotage options to steal intellectual property, undermine companies for strategic advantage, cause chaos during elections or major national decisions, or hinder Australia’s ability to support allies in conflict scenarios. “Some of the scenarios the Australian Institute of Criminology modelled for our Cost of Espionage report were eye-opening and eye-watering,” Burgess noted.
“The cyber-enabled sabotage of critical infrastructure will cost the economy $1.1 billion per incident. An economy-wide, week-long disruption will cost $6 billion.”
Broader Threat Landscape
Beyond espionage, Burgess highlighted a rapidly evolving threat landscape characterized by rising anti-authority sentiment, conspiracy movements, and ideological extremism. These factors, he said, are increasing the likelihood of politically motivated violence and terrorism.
“Growing levels of grievance, conspiracy and anti-authority beliefs are driving spikes in politically motivated violence and making acts of terrorism more likely,” he said. “They are behaving more aggressively, more recklessly, more dangerously. More willing to engage in what we call ‘high harm’ activities.”
This development follows similar warnings from US and UK intelligence agencies about Chinese cyber groups attempting to seed access across Western critical infrastructure. The move represents a significant escalation in cyber threats, with potential implications for national security and economic stability.
As Australia navigates this complex security environment, the call for vigilance and proactive measures becomes ever more urgent. Businesses and government entities alike must collaborate to bolster defenses against these sophisticated cyber threats, ensuring the resilience of critical infrastructure in an increasingly interconnected world.
