In his annual Threat Assessment for 2026, ASIO Director-General Mike Burgess revealed that nation-state hackers had compromised the network of an Australian critical infrastructure provider. The attackers were not immediately sabotaging systems but mapping the network and maintaining persistent access to enable crippling it at a chosen time, representing an evolving cyber sabotage threat.
The scale of activity, led particularly by one nation state, is extensive, with ASIO struggling to find any country in the region uncompromised by this state's cyber apparatus. Top targets include critical infrastructure in energy and communications sectors, as well as military-supporting systems. In this case, the group acquired credentials for active users, including the IT professionals responsible for guarding the networks.
ASIO identified, tracked, and attributed the intrusion, then worked with the victim company and security partners on ongoing remediation. Gibson notes that the description of the compromise exactly matches the episode's main topic of a SOTA state-sponsored campaign, raising the possibility they are the same incident. ASIO has established dedicated teams to counter such threats as understanding and concern grow.