Connect with us

Politics

Chinese security agency accused of directing cyberattacks on Australia

Published

on


pla screamsREUTERS/Kevin Zhao

  • Australian companies have been the target of a fresh wave of
    China-originated cyberattacks this year as part of a “constant,
    significant effort” to plunder corporate assets and intellectual
    property, according to a report released Tuesday.
  • Beijing has rejected the claims that China’s top security
    agency planned and directed a surge in cyber attacks on
    Australian companies.
  • The report alleges the coordinated attacks also broke a
    personal agreement struck between China’s Premier Li Keqiang and
    the former Australian Prime Minister Malcolm Turnbull that both
    countries would put a stop to the theft of each other’s
    commercial secrets.
  • A foreign ministry spokesperson provided China’s stock
    responses to accusations of hacking: “groundless, speculative,
    unprofessional and irresponsible.”

SYDNEY, Australia — China’s foreign ministry has recorded its
usual annoyance following an investigation into Chinese corporate
hacking in Australia that comes only days after US Vice President
Mike Pence pointed the finger at Beijing for its overwhelming
“intellectual property theft”.

China’s peak security agency has been overseeing a surge in
cyberattacks on Australian companies over the past year, in an
operation dubbed “Operation Cloud Hopper,” and at the behest of
China’s Ministry of State Security according to a report by
Fairfax Media and broadcaster Channel Nine.

The Cloud Hopper cyber-espionage campaign was first uncovered by
security researchers at PwC, BAE Systems, and the UK’s National
Cyber Security Centre.

Those researchers concluded in 2017 that the campaign was the
work of the China-based, People’s Liberation Army connected APT10
hacking group.

In 2016, US security firm Mandiant released the report
“APT1 Exposing One of China’s Espionage Units,” describing the
term as Advanced Persistent Threat 1, “a single organization of
operators that has conducted a cyber-espionage campaign against a
broad range of victims since at least 2006.”

On Tuesday, unnamed senior Australian officials are cited in the
Fairfax report as saying this recent surge of attacks targeting
sectors across the Australian economy from “industry to corporate
and military” were confirmed by the “Five Eyes” intelligence
alliance.

Five Eyes is the name given to an intelligence-sharing network
made up of the US, Britain, Canada, Australia, and New Zealand,
as part of the same campaign.

The senior Australian government source told Fairfax the activity
was “a constant, significant effort to steal our intellectual
property,” and that China’s Ministry of State Security was
responsible for Operation Cloud Hopper.

Australian universities and network providers have attracted
criticism for lax security measures.

The massive uptick in activity was also backed up by the vice
president of the US cybersecurity company CrowdStrike, Mike
Sentonas.

Following a deal struck between the Chinese premier and
Australian prime minister earlier in 2017, Sentonas said that
from the beginning of this year, he had “noticed a significant
increase in attacks.”

“The activity is mainly from China and it’s targeting all
sectors,” he told Fairfax.

“There’s no doubt the gloves are off.”


Read more:

Australia’s top cyber spy says China’s tech is too good to be
allowed near key infrastructure

One senior Australian government source said China’s mission was
“a constant, significant effort to steal our intellectual
property.”

The cyber theft places intense pressure on Australian Prime
Minister Scott Morrison to respond as the cyber security pact
signed between the two countries only last year appears to be in
question.

In response the Chinese foreign ministry rolled out its standard
response to what is now a well-practiced routine.

Ministry spokesman Geng Shuang told the regular press briefing in
Beijing that the accusations were groundless or “without factual
basis.”

“The speculative report without factual basis is irresponsible
and unprofessional,” (没有事实根据的臆测报道是不负责任、不专业的), Geng said.

**In 2013 a foreign ministry spokesman Hong Lei made the same
observation at his regular press briefing when asked to comment
on a report then released by the US security company Mandiant,
that singled out the People’s Liberation Army (PLA) for
conducting cyber espionage against Western countries for years.
“The speculative report without factual basis and groundless
criticism is irresponsible and unprofessional.” he said.

Two years earlier Lei called a very blunt report on China’s role
foreign cyber spying submitted to the US Congress in November,
2011, as speculative and both unprofessional and irresponsible.”

And remember when North Korea successfully Sony Pictures in 2014?

“This kind of speculative report without factual basis is
irresponsible and unprofessional,” then foreign ministry
spokesmen Hua Chunying said.**

China has a rich legacy of infuriating Western governments that
have routinely accused it of plundering industrial, corporate and
military secrets.

Last year, sensitive data about Australia’s F-35 stealth fighter
and P-8 surveillance aircraft programmes were stolen when a
defence subcontractor was hacked with a tool widely used by
Chinese cyber criminals.

The Australian Federal Police and Australian Security
Intelligence Organisation (ASIO) have reportedly intensified
their cooperation to respond to the threat.

However, a senior police source said in the report that they are
many months behind the US.

Without enforcement, there was no effective deterrence, the
report said, citing one national security source.

The Australian Signals Directorate (ASD) the country’s top cyber
enforcement agency has detected attacks against several Western
businesses, although the names of the affected firms have not
been made public.

Meanwhile, the systems of Australian defense contractor Austal
were also breached last month as part of a subsequent extortion
attempt.

The source of the attack has not yet been confirmed, but
officials say that this time the attack may have came out of the
Middle East with Iran the most likely culprit, according to the
Australian Cyber Security Centre.

Continue Reading
Advertisement Find your dream job

Trending