A Chinese Communist Party (CCP) spy group has been hacking public and private networks, according to federal intelligence agencies from the Five Eyes’ nations.
The Federal Bureau of Investigation, along with sister agencies like the Australian Signals Directorate (ASD), revealed that a group known as APT40 had been behind the historical and ongoing hacks.
The CCP Ministry of State Security backs the group and uses a sophisticated system to make detection difficult.
“APT40 is actively conducting regular reconnaissance against networks of interest in Australia, looking for opportunities to compromise its targets,” the ASD said in a statement.
“The group uses compromised devices, including small-office/home-office (SOHO) devices, to launch attacks that blend in with legitimate traffic, challenging network defenders,” it continued.
“APT40 continues to find success exploiting vulnerabilities in end-of-life or no longer maintained devices on networks of interest and systems that are poorly maintained and unpatched.”
Australia has partnered with its Five Eyes partners: New Zealand, Canada, the United States, and the UK, as well as Germany, Japan, and Korea in determining the group behind the attacks.
It is the first time Australia has taken the lead on a cyber advisory, and the first time Japan and Korea have joined the nation in publicly attributing an actor.
Foreign Minister Penny Wong said Australia would continue to engage with Beijing, while maintaining national security.
Australia Invests Billions in Secure Cloud Technology
Australia’s Defence Minister Richard Marles praised the work of the ASD in attributing the threat, and said this was an important part of deterrence.His comments come days after the government announced a $2 billion (US$1.35 billion) top secret cloud computing program for intelligence agencies, to be developed in partnership with Amazon Web Services Australia.
“Modern defence forces and indeed modern conflict is more reliant upon information technology, upon computing infrastructure, than ever before,” he said.
“And in turn what that means, is that increasingly, modern conflict is occurring at a top-secret level and so this capability, in terms of computing infrastructure, will ensure that Australia maintains at-pace with the leading defence forces in the world,” he added.
“It will ensure that we have a far more resilient capable, lethal, modern and potent defence force for the future.”
The Top Secret (TS) Cloud will be purpose-built for Australia’s defence and national intelligence community agencies to securely host the country’s most sensitive information, and development new technologies.