Attribution to Russia of malicious cyber activity against Ukraine

  • Joint media release with:
  • The Hon Peter Dutton MP, Minister For Defence
  • The Hon Karen Andrews MP, Minister For Home Affairs

The Australian Government joins the United States and the United Kingdom in publicly attributing the cyber attacks against the Ukrainian banking sector on 15 and 16 February 2022 to the Russian Main Intelligence Directorate (GRU).

In consultation with our partners, the Australian Government assesses that the GRU was responsible for these distributed denial of service (DDoS) attacks.

The Australian Government stands in solidarity with Ukraine and our allies and partners to hold Russia to account for its ongoing unacceptable and disruptive pattern of malicious cyber activity.

The international community must not tolerate Russia's misuse of cyberspace to undermine Ukraine's national security, sovereignty and territorial integrity by seeking to disrupt essential services, businesses and community confidence.

Russia's actions pose a significant risk to global economic growth and international stability.

The global community must be prepared to shine a light on malicious cyber activity and hold the actors responsible to account. All members of the international community – including Russia – should abide by existing international law and norms of responsible state behaviour which apply in cyberspace. Australia calls on all countries to honour and uphold their commitments.

Australia is committed to upholding the rules-based order online, just as we do offline, and supporting our partners in the face of cyber threats.

Australia will continue providing cyber security assistance to the Ukrainian Government, including through a new bilateral Cyber Policy Dialogue and further cyber security training for Ukrainian officials.

Australia commends the swift action taken by Ukrainian authorities and the private sector to substantially mitigate the impacts of this incident.

Governments, the private sector and households must remain vigilant about the ongoing threats we face in cyberspace.

The Government is taking concrete action to protect Australians against cyber criminals, investing $1.67 billion over 10 years to build new cybersecurity and law enforcement capabilities to protect Australian businesses and communities, and passing new laws to protect our critical infrastructure assets from malicious cyber attacks.

Media enquiries