How Chinese military hackers almost shut down electricity of 3 million Australian homes

One of the most important power grids in Australia was the target of a massive ransomware attack allegedly deployed by Chinese threat actors. According to the report, CS Energy networks began to be affected on November 27, which could have affected millions of Australians.

Local authorities say CS Energy’s security teams managed to disrupt the attack before the infection could completely collapse the affected coal plants. Had it been successful, the attack would have rendered up to 3,500 megawatts useless, more than enough for more than 3 million homes.

Andrew Bills, CEO of the power company, also mentions that an incident response plan was implemented in order to isolate the networks that were not yet attacked and thus avoid the total collapse of the electrical infrastructure. CS Energy has submitted a notification to the Australian government, whose federal agents will begin their own investigation.

For now, the company is implementing its restoration plan, in collaboration with its employees and external cybersecurity specialists. Bills added that government agencies will be notified of any updates to the investigation.

Cybersecurity specialists report that this is a growing and alarming trend in Australia and other countries, which shows that cybercriminal groups continue to advance at an accelerated pace. In early 2021, Home Affairs Minister Karen Andrews mentioned that cybersecurity would become her number one priority, and the Australian government would begin to do everything possible to protect critical IT infrastructure to prevent threat actors from affecting citizens.

“We are aware that many nations, for example China, have significantly increased their malicious cyber capabilities. Australia is also increasing its legitimate and legal cyber activity,” she concludes.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.