Australia accuses Hainan-based hackers of prowling sensitive computer networks
The Australian Signals Directorate said APT40 – meaning Advanced Persistent Threat – conducted “malicious cyber operations” for an arm of China’s Ministry of State Security based in Hainan province.
01:58
China denies accusations of state-sponsored hacking from US, UK and New Zealand
The directorate said APT40 looked to infiltrate old and forgotten devices that were still connected to sensitive computer networks.
Using these computers to gain an undetected “foothold”, they were then able to “rapidly” exploit vulnerabilities and plunder information.
“APT40 is actively conducting regular reconnaissance against networks of interest in Australia, looking for opportunities to compromise its targets,” the Australian Signals Directorate said.
Attribution of sophisticated cyberattacks is both technically difficult and politically fraught – and comes at the risk of angering China.
“In our current strategic circumstances, these attributions are increasingly important tools in deterring malicious cyber activity,” said Australian Defence Minister Richard Marles.
Cybersecurity experts have said inadequate safeguards and the stockpiling of sensitive customer information have made Australia a target for hackers.