Australia’s cyber intelligence agency, the Australian Signals Directorate (ASD), issued a rare and stark warning on July 9 regarding the growing cyber threats from state-sponsored Chinese hackers. The ASD specifically identified the APT40 hacking group as actively seeking infiltration targets.
In an advisory, the ASD detailed how APT40 has consistently targeted Australian networks across the region, including government and private sector systems. “The threat they pose to our networks is ongoing,” the directorate emphasized.
Cyber threats on the rise
APT40, an “advanced persistent threat” group believed to operate for China’s Ministry of State Security, exploits outdated and neglected devices still connected to sensitive networks. This approach allows them to gain an undetected foothold, rapidly exploiting vulnerabilities to steal information.
“APT40 is actively conducting regular reconnaissance against networks of interest in Australia, looking for opportunities to compromise its targets,” the ASD stated.
Attributing sophisticated cyber attacks is technically challenging and politically sensitive, often risking diplomatic tensions. Beijing’s Foreign Ministry swiftly dismissed the allegations at a regular press conference, with spokesman Lin Jian calling them an attempt to “smear and slander China.” He highlighted that Chinese agencies have also reported on APT organizations in the United States.
The Australian advisory note was co-authored with international partners, including the United States, Britain, Germany, Japan, and South Korea.
Cybersecurity experts have identified inadequate safeguards and the accumulation of sensitive customer information, making Australia an attractive target for hackers. Australian Defence Minister Richard Marles emphasized the importance of these attributions in deterring malicious cyber activities, especially in the current strategic climate.
Cyber attacks
Recent high-profile cyber attacks underscore the severity of the threat. In early 2024, major ports handling 40 percent of Australia’s freight trade were paralyzed after hackers infiltrated DP World-operated computers. In 2022, Russia-based hackers breached a major Australian health insurer, accessing data from over nine million customers. That same year, telecom giant Optus suffered a data breach affecting up to 9.8 million people.
New Zealand’s government also attributed a 2021 cyber attack on its parliamentary computer network to APT40, further illustrating the widespread reach and impact of these state-backed hackers.
Source: Australia sounds warning over state-backed Chinese hackers ‘repeatedly’ targeting its networks
Related Stories:
Chimera hackers infiltrate Dutch semi-conductor giant NXP
American senior citizens lose $3.1 billion to internet scams – FBI