G20 is an “irresistible target for hackers,” according to Greg Rudd, spokesman for the Council of Registered Ethical Security Testers, or CREST Australia. Hackers “would love to just get into the traffic light system for example and just disrupt that and what they’re after really is free international media,” Rudd told ABC.Historically, attackers do target the G20 Summit, but none have ever taken over traffic light systems. Even though it’s supposedly “easy” to hack traffic lights with a laptop, it’s a safe bet that if attackers ever take control of traffic light systems anywhere in the world, at any time, it will gain international media attention.
Rudd gave three broad categories of groups that can launch massive “cyberattacks on G20: state-sanctioned hackers, commercial spies and activist organizations such as Anonymous.” But with China and Russia as the most obvious suspects, Rudd said, “A lot of hackers all over the world have gone out of their way and developed it into a bit of an art form to lay the blame at China and Russia’s feet for all sorts of hacks.”
Past cyberattacks on G20 Summits have included a flood of emails with malware attachments while G20 was held in Paris during 2011; a botnet-controlled DDoS attack on South Korea in 2009; and a 2007 cyberattack on Estonia that was dubbed “the second-largest instance of state-sponsored cyberwarfare.”
On Friday, a 57-year-old man was the first to be arrested under the G20 Safety and Security Act; not because of his actions, but because he was taking photos and “refused to identify himself when questions by police on the steps of the Brisbane Convention and Exhibition Center.” Police cited the same G20 Act to question a woman after asking her to provide identification. The Queensland Police Service also allegedly warned protesters that it has sonic cannons for crowd control if G20 demonstrations get too rowdy.