Australia’s spy agency has warned delegates and organizers of the G20 summit to expect state-sponsored cyber-attacks on their systems.
The Australian Signals Directorate claimed the following in an online notice:
“Targeting of high profile events such as the G20 by state-sponsored or other foreign adversaries, cyber criminals and issue motivated groups is a real and persistent threat. The information contained on government systems, whether classified or unclassified, is of strategic interest to cyber adversaries. Information gathered through cyber espionage can be used to gain an economic, diplomatic or political advantage.”
It added that Australian networks in particular would be a target for attack given that the country has taken over chairmanship of the G20 this year.
It warned of the threat from socially engineered spearphishing emails, removable media, public Wi-Fi, mobile devices and social media.
The spy agency warned delegates specifically against using webmail for business purposes.
“To help ensure the legitimacy of your email communications, if available, take the option to digitally sign your emails when communicating externally as part of your G20 duties,” it added.
Other best practice tips included avoiding connecting to public wireless networks for business purposes and limiting the amount of information posted to social media.
Delegates were also advised never to accept removable media as gifts, only to connect USBs or mobile devices to trusted devices, and to maintain “physical control” over mobiles at all times.
The G20 talks are always presaged by a flurry of cyber-espionage activity as participating nations try to gain a political advantage.
In December 2013, FireEye spotted nine compromises at government ministries in five different European countries as part of “Operation Ke3chang”.
In June the same year, documents leaked by whistleblower Edward Snowden implicated the NSA and GCHQ in a plot to spy on foreign politicians attending the G20 summit in London in 2009.