Australia Accuses Chinese Cyber-Hacker Group and Strengthens Cybersecurity Measures

Australia has accused a Chinese state-sponsored hacker group of conducting targeted attacks on the country’s government and corporate networks. The accusations, supported by security and intelligence agencies from the Five Eyes partner countries USA, UK, Canada, and New Zealand as well as Germany, Japan, and South Korea, point to a 'joint assessment' of a Chinese 'state-sponsored cyber group and its current threat to Australian networks.' The intelligence agencies stated that the group, which works for the Chinese Ministry of State Security, conducts 'malicious cyber operations.' Their activities are consistent with a group previously identified as Advanced Persistent Threat 40 (APT40). This group, allegedly operating out of the southern Chinese province of Hainan, is said to have already infiltrated government agencies, companies, and universities in the USA, Canada, Europe, and the Middle East. 'APT40 has repeatedly targeted Australian networks as well as government and private sector networks in the region, and the threat to our networks remains,' according to the advisory report. The Australian Signals Directorate (ASD) officially named APT40 for the first time, which is an unprecedented step for an Australian agency. This statement came less than a month after Chinese Premier Li Qiang's visit to Australia in an attempt to rebuild trade relations. The report marked the latest action by Western governments to curb Chinese cyber security threats and raise public awareness of the risks posed by Chinese hacker activities and espionage. Back in March, the USA and the United Kingdom took action against another hacker group operated by Chinese intelligence, APT31, which targeted, among other things, UK parliamentary accounts and critics of the Chinese government. Last year, FBI Director Christopher Wray met with his Five Eyes counterparts for their first joint public meeting in Silicon Valley, where they warned of the 'unprecedented threat' from Chinese espionage to innovative technology sectors such as quantum computing and artificial intelligence. Last month, the Five Eyes warned that the People's Liberation Army was 'aggressively recruiting' Western fighter pilots to train Chinese pilots, while the United Kingdom and other European countries recently raised a series of allegations about the infiltration of Chinese agents into Western political systems. Penny Wong, the Australian Foreign Minister, stated that the publication of the allegations against APT40 was in the national interest, despite recent efforts to improve relations with Beijing. 'We have always said that we would engage with China without compromising on what is important to Australia and Australians,' she emphasized in a statement. The ASD highlighted two historical breaches by APT40 to illustrate the hacker group’s activities. Instead of attacking users through 'phishing,' the agency said, APT40 exploited vulnerabilities in software developed by companies such as Microsoft and Atlassian to compromise networks and steal data as well as hundreds of passwords. Since 2022, Australia has increased investments in cyber security as part of a broader review of defense spending and strategy. This month, Canberra signed a $1.3 billion contract with Amazon to build a defense cloud network to improve its capabilities in sharing intelligence with global allies.