Australia's cyber intelligence agency sounded a rare warning Tuesday about the rising threat of state-backed Chinese hackers, saying they were "actively" looking for targets to compromise.
The Australian Signals Directorate singled out the APT40 hacking group in a detailed, technical advisory note that unpicked its evolving tradecraft.
"APT40 has repeatedly targeted Australian networks as well as government and private sector networks in the region, and the threat they pose to our networks is ongoing," the note read.
The Australian Signals Directorate said APT40 -- meaning Advanced Persistent Threat -- conducted "malicious cyber operations" for an arm of China's Ministry of State Security based in Hainan Province.
The directorate said APT40 looked to infiltrate old and forgotten devices that were still connected to sensitive computer networks.
Using these computers to gain an undetected "foothold", they were then able to "rapidly" exploit vulnerabilities and plunder information.
"APT40 is actively conducting regular reconnaissance against networks of interest in Australia, looking for opportunities to compromise its targets," the Australian Signals Directorate said.
Attribution of sophisticated cyberattacks is both technically difficult and politically fraught -- and comes at the risk of angering China.
"In our current strategic circumstances, these attributions are increasingly important tools in deterring malicious cyber activity," said Australian Defence Minister Richard Marles.
The advisory note was co-authored with input from the United States, the UK, Germany, Japan, South Korea and other international partners.
Cybersecurity experts have said inadequate safeguards and the stockpiling of sensitive customer information have made Australia a target for hackers.
Major ports handling 40 percent of Australia's freight trade ground to a halt earlier this year after hackers infiltrated computers belonging to operator DP World.
Russia-based hackers in 2022 breached one of Australia's largest private health insurers, accessing the data of more than nine million current and former customers.
In September 2022, telecom company Optus fell prey to a data breach of similar magnitude in which the personal details of up to 9.8 million people were accessed.
New Zealand's government earlier this year blamed APT40 for a 2021 cyber attack that infiltrated its parliamentary computer network.
© 2024 AFP
7 Comments
Login to comment
Ricky Kaminski13
Yet we are to turn our heads the other way, smile and shake the hands of those actively trying to infiltrate and harm our systems. We are not to worry about it, nor mention it to them directly, because we may ' risk angering' these Chinese 'friends'. We are being played like violins, broken ones.
PTownsend
Russia and China, aided whichever other nations they have control over, continue to do nearly whatever they want, including bombing children's hospitals. They must think they have control over enough anti-democracy western politicians, media, and corporations, which are willing to appease them, that they can get away with pretty much anything, and so far it looks like they are right. The notion of individual nations having sovereignty was nice while it lasted, China and Russia, the newest global power bloc will do what they can to continue weakening nations, see Tibet and Ukraine, among other examples. I despise the word 'globalist' because it was used by the Nazis, and is used by far rightists today, but China and Russia have huge global control over resources, manufacturing and trade. And huge control over the lives of individuals within their domains.
TokyoOldMan
Check the “Made in” label on your Network equipment. Replace if “Made in China”.
theFu
All the IoT devices made in China that we use are phoning home to China constantly. If any aggression starts, you can be certain that every network with 1 of those devices will become unusable, if only to cause havoc. Likely they will do worse.
So, consider how much that $20 IoT camera will really cost or that $80 home router. At the low end, China electronics is plagued by "good enough" completion. It works, if you use it exactly as intended for the most common uses, but try to do something most people don't, even if it is listed as a feature and it won't. Plus, consider the buggy software caused by incompetence. Those bugs make Chinese software easier to hack, which is good for China and other "black hat" types to get into our networks.
Be certain not to confuse China and Taiwan. Some of the Taiwanese companies have the best device security. After all, they are constantly attacked by China. Look for companies making equipment that are required to have a security program run with 3rd party oversight. There are a few of those after their terrible firmware got the attention of certain govts. If they wanted to keep access to US markets, they had no choice but to do what was demanded.
Pukey2
The Australians must be the most propagandized and scared people on earth, more than their bosses in America.
This article is about the fearmongering against mainland China (in order to start a war), and the photo shows a Taiwanese keyboard!!!!!
Ricky Kaminski13
Pukey2, your name suits the sophistication of your message. Laughable.
Sh1mon M4sada
You become low ganging fruit, easy targets when you go out of your way to tell your adversaries they can do what ever they want to you with impunity. Australia under Wong, Albanese cares more about China lobby than its borders.