Hospitals, medical centres and research facilities have been victims of cyber attacks at the height of the COVID-19, incidents which Australia has warned are "unacceptable" with a pointed reference to state actors.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
Australia's cyber affairs ambassador will address an informal meeting of the United Nations Security Council this week to leave countries in no doubt about their responsibilities and raise awareness that countries need to protect medical infrastructure.
Under United Nations agreements, states have committed to acknowledge existing international law in cyberspace, and using cyber tools to damage critical infrastructure providing services to the public goes against international norms.
Tobias Feakin, Australia's first ambassador for cyber affairs, has labelled the attacks seen so far as "unacceptable behaviour".
"The last thing that anyone in the medical profession, whether they be on the research side looking for the longer term solution to the pandemic, or those on the front lines responding, the last thing they should be having to worry about is malicious cyber activity on their networks which would potentially impair them delivering essential services."
Australia has so far not been a victim of an attack on medical infrastructure, but the Australian Cyber Security Centre has warned of a number of phishing attempts, scams and vulnerabilities related to the pandemic.
The Czech Republic, is among countries that have experienced attacks on medical infrastructure, where a hospital that is home to a large testing laboratory for COVID-19 was the target of an advanced cyber attack and forced surgeries to be postponed.
Dr Feakin said Australia was taking this stand in solidarity with other countries who have already spoken out and to ensure governments, businesses and other institutions are aware of possible threats.
"What we are trying to do is shape a more stable international cyber space environment," he told The Canberra Times.
"What we're saying is that it's unacceptable that states are willing to destabilise and lessen the benefits of cyberspace by making it less predictable, by targeting areas of economies that should be out of bounds."
In a statement released on Wednesday, Dr Feakin reminded other countries of their commitments.
"Countries have also agreed to co-operate to address cybercrime and not to knowingly allow their territory to be used for internationally wrongful acts," he said.
"The Australian government calls on all countries to cease immediately any cyber activity - or support for such activity - inconsistent with these commitments. We also urge all countries to exercise increased vigilance and take all reasonable measures to ensure malicious cyber activity is not emanating from their territory."
Australia has been the victim of major cyber attacks by state actors, including on the Department of Parliamentary Services' computer network, and the Australian National University's student and staff databases.
Naming and shaming the countries responsible has been done rarely, and Dr Feakin said it was unlikely countries would be named as responsible for such attacks during the pandemic.
"Australia always reserves the right to attribute publicly or privately any malicious activity that it feels, if you like, oversteps the mark in terms of what we've agreed to in the international community," he said.
"In this case that's not the intent, in this case its about a broader set of activities, making sure our voice is added to the international community."