SMH - Australia

Australia takes rare step of blaming China for backing cyberattacks
Posted: 2024-07-09 04:09:07
Original link: https://www.smh.com.au/politics/federal/australia-takes-rare-step-of-blaming-china-for-backing-cyberattacks-20240709-p5js5o.html?ref=rss&utm_medium=rss&utm_source=rss_feed

Wong said the government engaged with China “without compromising” on what was important for Australia, while Home Affairs Minister Clare O’Neil said in the same statement that cyber intrusions from foreign governments were one of the most significant threats the country faced.

None of the ministers named APT40 or the Chinese ministry in their public remarks, but the formal notice from the Australian Signals Directorate – an agency that reports to Marles as defence minister – issued details about specific attacks naming the hacking group and the ministry.

“APT40 is actively conducting regular reconnaissance against networks of interest in Australia, looking for opportunities to compromise its targets,” the agency said.

“The group uses compromised devices, including small-office [and] home-office devices, to launch attacks that blend in with legitimate traffic, challenging network defenders.”

In a detailed technical explanation of the attacks, the agency outlined separate incidents during 2022 in which APT40 accessed Australian systems, changed passwords and operated within the networks for some time.

Loading

The alert did not mention any incident since 2022, but it said APT40 “continues to find success” in exploiting vulnerable systems, such as old devices that were no longer maintained or were “unpatched” with the latest security upgrades.

Prime Minister Anthony Albanese sought to improve relations with Beijing three weeks ago during a visit to Canberra by Chinese Premier Li Qiang, highlighting the easing of Chinese trade restrictions while emphasising the need for a “secure and stable” region.

The Australian security alert on Tuesday morning was co-ordinated with agencies in the US, UK, Canada and NZ – the other members of the Five Eyes intelligence alliance alongside Australia.

In a sign of increasing co-operation on cyberattacks, the Australian Signals Directorate also worked with agencies from Japan, South Korea and Germany in tracking APT40.

“Notably, APT40 possesses the ability to quickly transform and adapt vulnerability proofs of concept for targeting, reconnaissance, and exploitation operations,” the US Cybersecurity and Infrastructure Security Agency said in a statement.

“APT40 identifies new exploits within widely used public software such as Log4J, Atlassian Confluence and Microsoft Exchange to target the infrastructure of the associated vulnerability.”

Cut through the noise of federal politics with news, views and expert analysis. Subscribers can sign up to our weekly Inside Politics newsletter.

View More
  • Share
  • 0 Comment(s)
  • Favorite

Read On:

Chinese-owned vineyards in France for sale at knockdown prices - 2024-11-12 03:59:19
Australia news LIVE: Airport slot hoarding probed by Senate; Albanese heckled by protesters - 2024-11-12 03:49:22
A mother took a phone call. Nine minutes later, her son was found face down in the pool - 2024-11-12 03:44:56
Yarra council not as Green as before, as party’s power shifts across city - 2024-11-12 03:38:20
WA news LIVE: Wirrpanda breaches restraining order; Perth three-year-old dies after routine surgery - 2024-11-12 03:37:40
Classy and composed de Minaur reaches maiden Wimbledon quarter-final - 2024-07-08 15:58:01
De Minaur into first Wimbledon quarter-final after beating Fils - 2024-07-08 15:50:40
Electric vehicles can charge to the rescue in blackouts - 2024-07-08 14:01:00
This tiny six-seater is the size of a bento box, but it packs a wasabi-like punch - 2024-07-08 14:00:00
Hatted Greek restaurant unveils plans for spin-off eatery in massive Cleveland St development - 2024-07-08 14:00:00
Report this news
Captcha Challenge
Reload Image
Type in the verification code above