Australia Hits Sabotage Threshold as Chinese Hackers Probe Critical Infrastructure, Spy Chief Warns
This piece is freely available to read. Become a paid subscriber today and help keep Mencari News financially afloat so that we can continue to pay our writers for their insight and expertise.
Today’s Article is brought to you by Empower your podcasting vision with a suite of creative solutions at your fingertips.
Australia has reached the threshold for high-impact sabotage as Chinese government hackers actively probe the nation’s telecommunications networks and critical infrastructure, the country’s top spy chief warned Wednesday in a stark assessment of mounting security threats.
Director-General of Security Mike Burgess told corporate leaders that foreign regimes are now more willing to disrupt or destroy critical systems to damage the economy, undermine decision-making and sow social discord, marking a dangerous shift from traditional espionage to potential attacks on essential services.
“I have previously said we’re getting closer to the threshold for high-impact sabotage,” Burgess said at the ASIC Annual Forum. “Well, I regret to inform you – we’re there now.”
The Australian Security Intelligence Organisation is tracking Chinese hackers conducting multiple attempts to penetrate water, transport, telecommunications and energy networks across Australia and other Five Eyes countries, Burgess said. Once inside networks, the hackers map systems and seek persistent access to enable sabotage at a time of their choosing.
“Once someone has access to your network, what they do next is a matter of intent not capability,” Burgess said.
Truth matters. Quality journalism costs.
Your subscription to Mencari directly funds the investigative reporting our democracy needs. For less than a coffee per week, you enable our journalists to uncover stories that powerful interests would rather keep hidden. There is no corporate influence involved. No compromises. Just honest journalism when we need it most.
Not ready to be paid subscribe, but appreciate the newsletter ? Grab us a beer or snag the exclusive ad spot at the top of next week's newsletter.
Chinese Hacking Groups Target Australia
Two sophisticated Chinese hacking operations pose distinct threats to Australia, Burgess said. Salt Typhoon penetrated telecommunications systems for espionage, stealing sensitive information through strategic spying operations. The group has been probing Australian telecommunications networks, he said.
Volt Typhoon represents a more dangerous threat, compromising American critical infrastructure networks to pre-position for potential sabotage that could turn off telecommunications and other essential services.
“And yes, we have seen Chinese hackers probing our critical infrastructure as well,” Burgess said.
Both groups are hackers working for Chinese government intelligence and military, Burgess said, dismissing their “oddly named” designations as covers for state-sponsored operations.
The reconnaissance uses highly sophisticated tradecraft to find networks, test vulnerabilities and check digital security, Burgess said. When hackers penetrate networks, they actively and aggressively map systems while maintaining undetected access.
“The penetrations gave China the ability to turn off telecommunications and other critical infrastructure,” Burgess said of Volt Typhoon’s operations in the United States.
$12.5 Billion Annual Cost
Espionage cost Australia $12.5 billion in 2023-24, according to research ASIO commissioned from the Australian Institute of Criminology, Burgess said. That figure includes an estimated $2 billion in trade secrets and intellectual property stolen from Australian companies by cyber spies in one year.
Future sabotage attacks would cost far more. Cyber-enabled sabotage of critical infrastructure will cost the economy $1.1 billion per incident, Burgess said, citing the Institute’s analysis. An economy-wide, week-long disruption will cost $6 billion.
“The Institute stressed that these are extremely conservative calculations and the real-world impacts could be significantly higher,” Burgess said.
The impacts extend beyond financial damage. Burgess outlined scenarios where brief telecommunications outages created cascading effects across society, from families unable to communicate to sick people unable to call emergency services, businesses unable to process transactions and vehicle charging systems going offline.
“That’s one phone network not working for less than one day,” Burgess said. “Imagine the implications if a nation state took down all the networks? Or turned off the power during a heatwave? Or polluted our drinking water? Or crippled our financial system?”
Real-World Sabotage Examples
Nation-state hackers have already compromised Australian businesses multiple times, Burgess said. In one case, hackers breached a major Australian exporter’s computer network, stealing commercially sensitive information that gave a foreign country significant advantage in contract negotiations.
Another attack saw thieves steal blueprints of an Australian innovation, then mass-produce cheap knockoffs that nearly bankrupted the original innovator, Burgess said.
Foreign companies connected to intelligence services have sought to buy access to sensitive personal data, purchase land near military sites and collaborate with researchers developing sensitive technologies, he said. A visiting academic with links to a foreign government broke into a restricted technology laboratory and filmed its contents.
Russia’s campaign with incendiary devices in Europe demonstrates that physical sabotage remains a threat, Burgess said, though cyber-enabled sabotage presents a more acute concern for Australia.
“Cyber is the most immediate vector for sabotage,” he said. “It’s an attractive option for foreign regimes because it is a low-cost but potentially high-impact vector, as well as being deniable and scalable.”
Growing Threats and Intent
Authoritarian regimes are behaving more aggressively, recklessly and dangerously, showing increased willingness to engage in high-harm activities, Burgess said. Nation states have built sabotage capabilities for decades, but their intent historically focused on espionage and foreign interference rather than destruction.
“With global tensions rising, some are more likely to pull the trigger on the higher-harm activities,” he said.
Foreign governments see sabotage as a tool of coercion, disruption, distraction and retaliation to test national resolve, readiness and responses, Burgess said. Multiple scenarios exist where a nation state’s intent could shift from stealing and meddling to disruption and damage.
Potential motivations include crippling an Australian company as a trade competitor, causing disruption during critical decisions like elections or negotiations, or deterring Australia from defending national interests in peacekeeping or conflict scenarios, he said.
“I assure you, these are not hypotheticals – foreign governments have elite teams investigating these possibilities right now,” Burgess said.
Beyond Espionage
ASIO faces security concerns extending beyond espionage and foreign interference, Burgess said. Growing grievance, conspiracy and anti-authority beliefs are driving spikes in politically motivated violence and making terrorism more likely.
The agency now tracks a troubling increase in anarchist and revolutionary extremism often targeting industry, he said. Since October 2023, anti-Israel activists have increasingly used disruptive tactics including arson, vandalism and violent protests targeting companies accused of providing weapon components.
“A range of countries – some we consider friendly – have a relentless hunger for strategic advantage and an insatiable appetite for inside information,” Burgess said.
Foreign intelligence services are broadening collection requirements beyond government decision-making and defense capabilities, aggressively targeting private sector projects, negotiations and investments that might give foreign companies commercial advantage, he said.
Known Problems, Known Fixes
Most security incidents stem from failures to address known vulnerabilities, Burgess said, calling on corporate leaders to take responsibility.
“99% of security incidents involve a known vulnerability with a known fix – it just wasn’t addressed,” he said. “Almost always, a supervisor says they’re shocked but not surprised. The signs were there but, again, the vulnerability wasn’t addressed.”
Burgess acknowledged no such thing as 100% security exists, noting nation states can deploy sophisticated attacks and recruit insiders who display no concerning behavior. But those represent edge cases, he said.
“Failures to maintain the confidentiality and integrity of data occur literally daily in this country,” he said. “We cannot assume we’re doing a better job protecting the availability of our critical infrastructure.”
He urged business leaders to start by understanding what data, systems, services and people are particularly important and at risk. Questions to answer include where things are stored, who has access and how well they’re protected.
“Once you understand all that, manage the risk in a coherent and connected way,” Burgess said. “Look across your whole enterprise, recognizing that good security is a connected web, not silos of excellence with chasms in between.”
Board Responsibility
Burgess directed pointed criticism at corporate boards, urging them to ask tough questions about risk management at both operational and governance levels.
“You can’t PowerPoint your way out of this risk,” he said. “Don’t let management do that to you.”
He invoked advice from the late Margaret Stone, former Inspector-General of Intelligence and Security, who distinguished between verdicts and sentences. Stone argued that while bad things inevitably happen, leaders who took reasonable steps to prevent foreseeable harm would face less severe consequences.
“If the risks are foreseeable and the vulnerabilities are knowable, there is no excuse for not taking all reasonable steps,” Burgess said. “Complexity is not an excuse; it must be dealt with.”
He noted ASIC Chair Joe Longo made similar observations in 2023, warning that regulators would look for cases where directors and boards failed to take reasonable steps when things go wrong.
Strategic Environment Deteriorating
Australia has entered a period of strategic surprise and security fragility, Burgess said, facing multifaceted, merging, intersecting and cascading threats. Major geopolitical, economic, social and security challenges of the 1930s, 1970s and 1990s have converged.
“As one of my analysts put it with an uncharacteristic nod to popular culture: everything, everywhere, all at once,” he said.
Over the next five years, ASIO expects the security environment to become more dynamic, diverse and degraded, Burgess said. Dynamic because Australia faces unprecedented numbers of threats simultaneously. Diverse because threats are intersecting and boundaries are blurring, with foreign spies increasingly using criminal intermediaries. Degraded because authoritarian regimes behave more aggressively.
“Great power competition is driving unprecedented levels of espionage,” he said.
Advances in technology, including artificial intelligence, and proliferation of capabilities for sale online are making it easier for regimes to obtain tools for sabotage, Burgess said. Critical infrastructure networks are increasingly interconnected and interdependent, expanding vulnerabilities and access points.
“The internet-of-things is only as strong as its weakest password, insecure configuration, unpatched system or careless operator,” he said.
Call to Action
Burgess framed his message as ultimately optimistic despite the threats.
“While our security environment is degrading, you do not need to be insecure about your security,” he said. “While the threats facing Australia are significant, they are not insurmountable.”
He emphasized that threats are foreseeable, vulnerabilities are knowable and risks are manageable through proper preparation and response.
“If your business is worthwhile, it’s also worthwhile for a foreign competitor to steal from it, mess with it or turn it off,” Burgess said. “Your business may not be national security, but national security is your business.”
Sustaining Mencari Requires Your Support
Independent journalism costs money. Help us continue delivering in-depth investigations and unfiltered commentary on the world's real stories. Your financial contribution enables thorough investigative work and thoughtful analysis, all supported by a dedicated community committed to accuracy and transparency.
Subscribe today to unlock our full archive of investigative reporting and fearless analysis. Subscribing to independent media outlets represents more than just information consumption—it embodies a commitment to factual reporting.
As well as knowing you’re keeping Mencari (Australia) alive, you’ll also get:
Get breaking news AS IT HAPPENS - Gain instant access to our real-time coverage and analysis when major stories break, keeping you ahead of the curve
Unlock our COMPLETE content library - Enjoy unlimited access to every newsletter, podcast episode, and exclusive archive—all seamlessly available in your favorite podcast apps.
Join the conversation that matters - Be part of our vibrant community with full commenting privileges on all content, directly supporting The Evening Post (Australia)
Catch up on some of Mencari’s recent stories:
It only takes a minute to help us investigate fearlessly and expose lies and wrongdoing to hold power accountable. Thanks!