by the Andrew GreenABC Defense Correspondent
Australia and key regional partners are accusing a Chinese spy agency of cyber espionage, targeting government and business networks, a large-scale operation involving the theft of hundreds of usernames and passwords.
Cyber intelligence agency Australian Signals Directorate (ASD) recently published a New advisory Details of the activities of the notorious APT40 (Advanced Persistent Threat) group, which is linked to Beijing’s Ministry of State Security (MSS).
“APT40 has repeatedly targeted Australian networks, as well as public and private sector networks in the region, and continues to pose a threat to our networks,” the advisory published on Tuesday morning said.
“Specifically, APT40 has the ability to rapidly adapt and adopt proof-of-concept (POC) of new vulnerabilities and quickly deploy them against target networks with relevant vulnerability infrastructure.
“APT40 regularly conducts espionage against networks of interest, including networks in the countries of authorizing agencies, looking for opportunities to compromise its targets,” the statement added.
Five Eyes intelligence partners including the United States and Britain have joined the Australian-led initiative, along with Germany, South Korea, New Zealand and Japan, representing a significant increase in international pushback against Beijing’s activities. .
While Australia has previously joined international partners in cyber attributions against MSS, this is the first Australian-led, direct attribution of technologically harmful cyber activity to a Chinese state-sponsored actor.
APT40 is suspected of regularly targeting Australian government and private sector networks and attempting to exploit compromised office and home-based devices to gain access to sensitive IT networks.
Exploiting devices with aging technology, which typically lack software upgrades and regular patching, MSS-sponsored hackers often gain unauthorized access and mix with legitimate traffic on networks.
On Tuesday, the ABC also revealed that the Home Secretary had ordered a comprehensive review of all internet-facing technology used by Commonwealth agencies over growing concerns about the risks of foreign interference and influence. An audit has been ordered.
“We have always said we engage with China without compromise on what is important to Australia and Australia,” Foreign Minister Penny Wong said in a statement.
“The Albanian government is expanding Australia’s diplomatic, economic and defense engagements with Japan and Korea, as well as with Southeast Asia, with India, with the Quad and with AUKUS.
“It’s part of our job to make Australia stronger and more influential in the world, and to keep Australians safe.”
A spokesman for the Chinese embassy in Canberra said China has a consistent and clear position on the matter.
“We oppose any baseless accusations and accusations against China,” the spokesperson said.
“Securing cyberspace is a global challenge. In fact, China is a major victim of cyber attacks.
“We take a strong stand against all forms of cyber-attacks and resort to legal means to deal with them.
“China does not encourage, support or condone attacks by hackers.”
– ABC