Australian-Chinese relations have faced numerous diplomatic conflicts over the past four years, particularly during and after the COVID-19 pandemic, resulting in sanctions and mutual accusations. However, relations have recently improved with the resumption of trade.
Despite this, the Australian Cyber Security Agency warned on Tuesday of the increasing "danger" posed by Chinese hackers, stating that they are "actively" seeking targets to breach.
The Australian Signals Directorate highlighted the hacking group "APT 40" in a detailed technical memo that revealed the group's advanced skills. The memo noted that APT 40 has repeatedly targeted Australian networks and both government and private sector networks in the region, with the threat it poses to those networks ongoing.
The Directorate stated that the group has carried out "malicious cyber operations" on behalf of the Ministry of State Security of China, based in Hainan Province. It also added that the group has sought to infiltrate outdated and forgotten devices still connected to sensitive computer networks. By using these computers to gain an "unnoticed foothold," the group was subsequently able to exploit vulnerabilities and rapidly access information.
The intelligence agency said that APT 40 is actively conducting regular reconnaissance against interesting networks in Australia and is looking for opportunities to penetrate its targets. The memo was prepared in cooperation with the United States, the United Kingdom, Germany, Japan, South Korea, and other international partners.
Cybersecurity experts have noted that Australia has become a target for hackers due to vulnerabilities in its security system. It is noteworthy that major ports, accounting for 40 percent of Australia's shipping trade, were disrupted earlier this year after hackers breached the computers of a port company.
In 2022, hackers based in Russia accessed one of Australia's largest private health insurance companies, gaining access to data from over nine million current and former customers. In September 2022, telecommunications company Optus fell victim to a data breach affecting personal data of up to 9.8 million individuals. Additionally, the New Zealand government previously accused the APT 40 group of carrying out a cyber attack targeting the country's parliament in 2021.
