Australia makes huge move against China accusing the communist superpower of cyber attacks

The Australian government has taken a bold step in its ongoing diplomatic spat with China, naming the communist state for the first time as the party responsible for a series of ‘malicious’ cyber attacks.

Scott Morrison in June last year shocked the nation by outlining how an un-named ‘state-actor’ had targeted banks, universities, hospitals, transport networks, electricity grids, and the military, as part of a lengthy cyber-warfare campaign against Australia. 

China-watchers and security experts pointed the finger squarely at Beijing, with insiders claiming the cyber invasion was payback for Australia’s decision to ban Chinese state firm Huawei from the national 5G network in 2018 over national security concerns.

At the time, the Prime Minster and Australia’s intelligence agencies did not directly accuse the authoritarian power of being behind the hacking scandal.

But on Monday night, in a joint statement co-ordinated with the US, UK, European Union, New Zealand, Canada and NATO, Beijing was named and shamed for shadowy tactics here and around the globe.

Scott Morrison (pictured) in June last year shocked the nation by outlining how an un-named ‘state-actor’ had targeted banks, universities, hospitals, transport networks, electricity grids, and the military, as part of a lengthy cyber-warfare campaign against Australia

The Australian government has taken a bold step in its ongoing diplomatic spat with China and it's President-for-life Xi Jinping (pictured), naming the communist state for the first time as the party responsible for a series of 'malicious' cyber attacks

The Australian government has taken a bold step in its ongoing diplomatic spat with China and it’s President-for-life Xi Jinping (pictured), naming the communist state for the first time as the party responsible for a series of ‘malicious’ cyber attacks

‘Today, the Australian Government joins international partners in expressing serious concerns about malicious cyber activities by China’s Ministry of State Security,’ a joint statement by Defence Minister Peter Dutton, Foreign Affairs Minister Marise Payne and the Minister for Home Affairs Karen Andrews.   

‘In consultation with our partners, the Australian Government has determined that China’s Ministry of State Security exploited vulnerabilities in the Microsoft Exchange software to affect thousands of computers and networks worldwide, including in Australia.

‘These actions have undermined international stability and security by opening the door to a range of other actors, including cybercriminals, who continue to exploit this vulnerability for illicit gain.’

The explosive statement goes on to say that the Australian Government is aware and seriously concerned that China’s Ministry of State Security is hiring ‘contract hackers’ to carryout intellectual property crimes on behalf of the Beijing.  

‘Australia calls on all countries – including China – to act responsibly in cyberspace,’ the statement said.

‘China must adhere to the commitments it has made in the G20, and bilaterally, to refrain from cyber-enabled theft of intellectual property, trade secrets and confidential business information with the intent of obtaining competitive advantage.’

Insiders claimed Beijing's cyber invasion was payback for Australia's decision to ban Chinese state firm Huawei from the national 5G network in 2018, over national security concerns. Pictured: Chinese netizens are pictured at an internet cafe in Guangdong Province, China

Insiders claimed Beijing’s cyber invasion was payback for Australia’s decision to ban Chinese state firm Huawei from the national 5G network in 2018, over national security concerns. Pictured: Chinese netizens are pictured at an internet cafe in Guangdong Province, China

How are the attacks carried out? 

The Australian Cyber Security Centre has identified the actor utilising various spearphishing techniques. 

This spearphishing has taken the form of: 

  • Links to credential harvesting websites 
  • Emails with links to malicious files, or with the malicious file directly attached 
  • Links prompting users to grant Office 365 OAuth tokens to the actor 
  • Use of email tracking services to identify the email opening and lure click-through events

Source: Australia Cyber Security Centre 

Scott Morrison’s government decided to call out China to ‘highlight the significant risk they can pose to Australia’s national security or to international stability’.

They say the cyber attacks can ‘undermine business confidence’ and stagnate ‘inclusive economic growth’ – a key talking point of Chinese diplomats at international conferences.

While critical infrastructure and information intelligence remains Australia’s most heavily protected cyber assets, experts warn that trust in democratic institutions is our most vulnerable target.

They say the real goal of authoritarian powers such as China, Russia, North Korea and Iran is to overwhelm the west with paranoia and distrust in governments, media, science and independent judiciary.

‘While the nominal targets of this attack are unidentified, the deeper target is the institutional trust that enables Australia’s open democratic system to function,’ Flinders University national security analyst Dr Zac Rogers told news.com in the wake of last year’s attacks.

‘The threat of an enemy at the gates can pale in comparison to the damage done by the monster under the bed.

‘The irony of the age of information would be that it could herald the end of influence.’

Australia has seen a 60 per cent rise in ransomware ­attacks over the past year, with damages estimated to cost the economy about $1.4billion.

There were 291 Australian entities targeted with malware attacks in the year to April 2019.

In the following 12-months that figure shot up to 459. 

Chinese troops marching during a military parade in Tiananmen Square in Beijing to mark the 70th anniversary of the founding of the People's Republic of China

Chinese troops marching during a military parade in Tiananmen Square in Beijing to mark the 70th anniversary of the founding of the People’s Republic of China

The Australian Government is seriously concerned that China's Ministry of State Security is hiring 'contract hackers' to carryout intellectual property crimes on behalf of the Beijing. Pictured: Chinese students working on laptops at Shanghai University

The Australian Government is seriously concerned that China’s Ministry of State Security is hiring ‘contract hackers’ to carryout intellectual property crimes on behalf of the Beijing. Pictured: Chinese students working on laptops at Shanghai University

The Australian Federal Police recently set up Operation Orcus to combat the spate of online attacks against Australia by rogue regimes like Russia and China.    

‘Australia’s cyber security posture is strong, but there is no room for complacency given the online threat environment is constantly evolving,’ the joint statement said.

‘Protecting Australia from malicious cyber activity – be it by state actors or cybercriminals – requires a continuous improvement approach to cyber security practices across all levels of society including government, business and households.’

‘The Australian Government will continue to work with international partners and the private sector to strengthen cyber security.’

The Joe Biden administration led the worldwide condemnation of China for state-sponsored ransomware attacks

The Joe Biden administration led the worldwide condemnation of China for state-sponsored ransomware attacks

The UK's foreign secretary Dominic Raab demanded China stops its 'systematic cyber sabotage' as state-backed groups were blamed for Microsoft Exchange attacks

The UK’s foreign secretary Dominic Raab demanded China stops its ‘systematic cyber sabotage’ as state-backed groups were blamed for Microsoft Exchange attacks 

The disclosure comes as Canberra’s diplomatic relationship with Beijing continues to sour.

Communist Party officials were outraged when Mr Morrison’s government called for an independent inquiry into the origins of the coronavirus pandemic in April 2020.  

The call for transparency was met with an array of arbitrary bans and tariffs on key Australian exports including barley, wine, beef, cotton, seafood, coal and timbre. 

Intelligence officials attributed a major cyber attack on the Australian parliament last year, as part of Beijing’s campaign to intimidate or bully Australia as tensions over trade foment.

Cybersecurity experts claimed in March that at least 10 hacking groups used a flaw in Microsoft's email software to break in to targets around the world

Cybersecurity experts claimed in March that at least 10 hacking groups used a flaw in Microsoft’s email software to break in to targets around the world

What you need to do NOW to avoid being hacked by China: The simple steps that help keep you safe online as cyber attackers target Australia 

Defence Minister Linda Reynolds today told businesses how to improve their cyber security as Australia faces a series of major cyber attacks from a ‘sophisticated state actor’.

Cyber experts said it was the first time in history that an Australian defence minister had addressed the nation with specific technical tips to avoid being hacked. 

She urged businesses to check their security systems and take extra steps such as ensuring employees use multi-factor identification to log in to devices. 

Defence Minister Linda Reynolds (left) today told businesses how to improve their cyber security as Australia faces a series of major cyber attacks from a 'sophisticated state actor'

Defence Minister Linda Reynolds (left) today told businesses how to improve their cyber security as Australia faces a series of major cyber attacks from a ‘sophisticated state actor’

Ms Reynolds also warned companies to download recent software, secure their cloud-based platforms and report any breaches to the Australia Cyber Security Centre.

She said: ‘Firstly, patch your Internet facing devices promptly, ensuring that any web or email servers are fully updated with the latest software. 

‘Secondly, ensure you always use multifactor authentication to secure your Internet access, infrastructure and also your CLOUD-based platforms. 

Dane Meah of cyber security firm, InfoTrust, said the announcement ‘serves as a reminder that cyber security is crucial.’

‘Often security projects are one of the first to be scaled back during a recession and this could potentially cause even more damage to the Australian economy if we see businesses start to fall victim to these attacks,’ he said.

‘Our advice to businesses would be to complete a review of the controls, policies and procedures they currently have in place, including testing a response plan and making staff aware of threats.’  

Read more at DailyMail.co.uk