It’s a well-worn plot for a movie thriller.
Two decades ago, John McClane (Bruce Willis) had to take down a cyber terrorist attacking critical national infrastructure.
Far-fetched? Perhaps it was then, but not anymore.
Know the news with the 7NEWS app: Download today 
Just last week, the Australian Signals Directorate (ASD) — Australia’s leading cyber security and intelligence agency — issued an advisory acknowledging for the first time a threat known as ‘Salt Typhoon’ had been found in Australia.
ASD’s former Director-General, Rachel Noble told 7NEWS’ The Issue the agency’s advisory was “extraordinary”.
The China-based hackers behind Salt Typhoon target major telecommunications companies, and other services that carry military communications.
According to Noble, there is a substantial threat to individuals using telcos if they’ve been hacked.
“They might be able to then track you globally through your communications, through your service provider and know wherever you are in the world and possibly even access your communications,” she said on this week’s episode.
But worse, Salt Typhoon could open the door to large-scale sabotage, making it “entirely possible” hackers could cripple one of our telecommunications giants.
“They put malware on that network, which is there … to be activated at a time of their choosing in order to disrupt the proper functioning of that critical infrastructure or destroy it,” Noble said.
When other related cyber threats are taken into account, the danger goes wider still.
Early last year, some leading US voices on cyber security gave testimony to a Congressional committee.
They clearly wanted to jolt Americans into grasping just how profound the cyber threat could be.
According to the FBI’s Director at the time, Christopher Wray, Chinese hackers were preparing to “wreak havoc” on US infrastructure “and cause real world harm to American citizens and communities”.
Communications, energy, transport and water were all targets China might “destroy or degrade”.
As former US Director of Cyber Security, Jen Easterly told the committee: “This is truly an everything, everywhere, all at once scenario.”
According to Rachel Noble, the Salt Typhoon discovery is a “call to action for our private sector because (it owns) … most of our critical infrastructure”.
ASD, she said, “gives fantastic, very clear technical advice about what you can do to find (Salt Typhoon) and get it off your network”.
During almost five years at the helm of the Signals Directorate, Noble oversaw a surge in federal government spending on the agency’s capabilities.
It is now openly boasts an attack capability and was used to go after the hacking operation that stole almost 10 million records from health insurer Medibank Private in 2022.
“I think the work they did to find the Russian cyber criminals who attacked Medibank and its customers is an incredible example of what ASD is capable of,” Noble said.
She also speculated Russia had moderated its cyber attack capabilities in its war with Ukraine, to avoid any Western cyber counter-attack.
“I think Russia’s calculation is that any one of Ukraine’s allies … the US, Canada, the UK, Australia, could pose that threat to them. So perhaps it’s not worth firing the first shot,” Noble said.
But press her on the cyber threats posed by Russia and other state actors, and she quickly brings the discussion back to its starting point.
“No other country gets anywhere close to the People’s Republic of China in terms of the cyber threat to Australia,” she said.
Sadly, there is no Bruce Willis character to fix it.
You can watch the full episode of this week’s The Issue in the video above or listen to the episode below.
Stream free on
