ASIO Reveals Nation-State Hack of Australian Critical Infrastructure
Published
Key Takeaways
- Credentials Stolen: Hackers mapped the network of an Australian infrastructure provider and acquired active user credentials, including those of its IT professionals.
- Dedicated Teams: ASIO Director General Mike Burgess revealed new teams to counter nation-state sabotage of Australian critical infrastructure.
- AUKUS Targeted: ASIO officers also phoned a foreign spy directly to shut down an espionage operation aimed at AUKUS secrets.
Australia's Security and Intelligence Organisation (ASIO) has disclosed that nation-state hackers compromised the network of an Australian critical infrastructure provider. Director General Mike Burgess revealed the breach alongside the release of ASIO's annual threat assessment in June 2026.
Burgess outlined four overlapping threats: coerced repatriation, state-based terrorism, preparation for sabotage, and seeking insights into AUKUS. He added that there were many other operations, including attempts to manipulate democracy and undermine the economy, as well as 40 priority counter-terrorism investigations.
Nation-State Sabotage of Critical Infrastructure
Nation-state hackers compromised the network of an Australian critical infrastructure provider, successfully acquired credentials of active users and IT admins, according to Burgess. ASIO assessed the attackers were preparing for sabotage, mapping the network and maintaining access "so they could cripple it at a time of their choosing."
ASIO identified, tracked, and attributed the hack, working with the victim company and security partners on remediation that remains ongoing.
He noted the scale of activity, led by one nation-state in particular, was difficult to overstate, adding that no countries in the region had escaped compromise “by this state’s cyber apparatus.” In response, Burgess established dedicated teams to counter the threat.
ASIO Confronted a Foreign Spy Over AUKUS
Burgess also detailed espionage targeting the AUKUS pact. A foreign intelligence officer, posing as a consultant, paid an Australian security clearance holder to write reports on Pacific relations before seeking AUKUS information. The official reported the approach and handed the money to ASIO.
ASIO officers then borrowed the official's phone and called the spy directly. "Thinking it was her target, the spy picked up and got a very unwelcome surprise," Burgess said.
Burgess also mentioned the country successfully foiled 31 major terrorism plots since 2014 and 14 since the 2024 Bondi firebombing incident orchestrated by an Iran-based Australian citizen.
An October 2025 Australian cyber threat report outlined an 11% increase in incident rate, with state-sponsored actors remaining a threat.
One month earlier, Burgess warned of cyber sabotage risks as Chinese hackers Salt Typhoon probed Australian infrastructure, around the same time that the F5 cybersecurity breach was linked to China-backed nation-state threat actors.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular