China hits back at cyber attack ‘smear’

PREMIER MALINAUSKAS
The Australian Signals Directorate says Chinese government-backed hackers are actively conducting regular reconnaissance against networks of interest in Australia. Picture: NewsWire / Morgan Sette

China has criticised the US global surveillance network as it faces questions about a multinational report saying a Chinese government-backed hacking group is repeatedly targeting governments across the Pacific.

The Australian government took the forthright step of naming the Sino-backed group APT40 in a report released on Tuesday.

Five Eyes allies Canada, New Zealand, the US and the UK co-authored the report, as did Germany, South Korea and Japan.

“We are firmly opposed to such repeated hypes about so-called ‘Chinese cyber attacks’ aimed to smear and frame China on cybersecurity,” People’s Republic Foreign Ministry spokesman Lin Jian told reporters in China on Tuesday.

Chinese Foreign Ministry spokesman Lin Jian at a press conference on July 9, 2024. Picture: Ministry of Foreign Affairs of the People’s Republic of China
Chinese Foreign Ministry spokesman Lin Jian diverted a question about Chinese cyber activity to criticism of the US. Picture: Ministry of Foreign Affairs of the People’s Republic of China

Chinese institutions had analysis showing US APT (advanced persistent threat) groups spread “disinformation”, hyping up the Chinese cyber attack threat, Mr Lin said.

“(The US is) using its tech predominance to carry out massive cyberspace surveillance all over the world,” he said.

The Australian government report says APT40 is actively conducting regular reconnaissance against networks of interest in Australia, looking for opportunities to compromise its targets.

“The tradecraft described in this advisory is regularly observed against Australian networks,” it says in the Australian Signals Directorate report.

The APT40 group conducts malicious cyber operations for the People’s Republic of China Ministry of State Security, it says in the report.

Prime Minister Anthony Albanese and Chinese Premier Li Qiang enjoy the view over Perth in June. Picture: NewsWire / Richard Wainwright / Pool
Prime Minister Anthony Albanese and Chinese Premier Li Qiang enjoy the view over Perth in June. Picture: NewsWire / Richard Wainwright / Pool

“This regular reconnaissance postures the group to identify vulnerable, end-of-life or no longer maintained devices on networks of interest and to rapidly deploy exploits.”

The hackers prefer exploiting “vulnerable, public-facing infrastructure” through phishing campaigns and illegally obtaining passwords and other credentials.

“APT40 continues to find success exploiting vulnerabilities from as early as 2017,” the report said.

But Mr Lin questioned the US global surveillance network when asked specifically about the Australian report.

Australia’s Five Eyes allies co-authored the report on a Chinese hacking group, as did Germany, South Korea and Japan. Picture: NewsWire / Richard Wainwright / Pool
Australia’s Five Eyes allies co-authored the report on a Chinese hacking group, as did Germany, South Korea and Japan. Picture: NewsWire / Richard Wainwright / Pool

“The US still hasn’t answered our question: Who’s behind the scene of the surveillance on its allies and partners and the worldwide indiscriminate cyber attacks? Who’s responsible for a global cyber deterrence strategy?” he said.

“Who’s the greatest threat to global cyber security? I believe the international community knows well what the answer should be.

“We urge relevant parties to open their eyes and make the right judgment, rather than serving as the cat’s paw at their own expense.”