ASIO Says Nation-State Hackers Breached Australian Critical Infrastructure in Sabotage Plot
Australia’s domestic intelligence agency has warned that foreign-backed hackers compromised a critical infrastructure provider and appeared to be preparing a sabotage operation that could have been tr...
Australia’s domestic intelligence agency has warned that foreign-backed hackers compromised a critical infrastructure provider and appeared to be preparing a sabotage operation that could have been triggered later. The disclosure came from ASIO Director-General Mike Burgess as part of the agency’s annual threat assessment.
Burgess said the attackers did more than gain entry: they also obtained credentials for active users, including staff responsible for protecting the network. According to ASIO, the goal was not immediate destruction but long-term access and network mapping, giving the intruders the option to disrupt operations when it suited them.
The agency said it identified the intrusion, followed the attackers’ activity and worked with the affected organization and security partners to contain the incident. Burgess added that the scale of state-sponsored activity aimed at Australia’s infrastructure is significant and that one particular nation-state is driving much of it across the region.
Espionage tied to AUKUS
Burgess also described a separate intelligence-gathering effort aimed at an Australian security clearance holder. In that case, a foreign operative posed as a consultant online, paid the target for written reports, and then attempted to extract information about AUKUS, the defense partnership between Australia, the United States and the United Kingdom.
ASIO says the targeted official became suspicious, reported the contact and cooperated with investigators. The agency later used the incident to confront the operative directly, which Burgess said helped disrupt the operation and expose weaknesses in the foreign intelligence service’s approach.
ASIO says the episode is one example of how overseas services are using social engineering, online personas and payments to recruit or pressure Australian insiders.
Broader security concerns
Beyond cyber espionage, Burgess pointed to terrorism and radicalization risks, saying extremist recruitment is increasingly taking place online and on encrypted platforms. He said ASIO has resolved multiple significant terrorism-related matters since late 2025 and dozens of major plots over the past decade.
- ASIO has created dedicated teams to respond to sabotage threats against critical infrastructure.
- The agency says state-backed actors are using persistent access and credential theft to prepare future attacks.
- Online environments remain a key channel for espionage, recruitment and radicalization.
Burgess said ASIO is expanding its use of new technologies, including artificial intelligence, to keep pace with the threat landscape and encouraged Australians to consider careers at the agency.
