‘I’ve never seen anything like it’: Tens of thousands of Australians could have has information stolen by Chinese hackers, cybersecurity boss warns
- China accused of cyber theft of potentially thousands of Australian companies
- The Australian arm of multi-national construction company confirmed to be hacked
- ‘The biggest and most audacious hack I’ve ever seen,’ cybersecurity boss said
China has been accused of hacking and cyber theft against potentially thousands of Australian companies by the federal government.
‘It’s the biggest and most audacious hack I’ve ever seen. The global scale of this. It’s breathtaking,’ the head of the Australian Cyber Security Centre, Alastair MacGibbon, told Sky News.
Mr MacGibbon described the hack as a ‘campaign to steal commercial secrets, and that translates to stealing food from the tables of Australian families.’
The startling revelations began with two Chinese nationals charged in the US on Thursday over their alleged membership to a hacking group operating in China
The startling revelations began with two Chinese nationals charged in the US on Thursday over their alleged membership to a hacking group operating in China known as APT10, which stands for Advanced Persistent Threat 10.
The group allegedly targeted companies and government agencies in at least a dozen countries and gave China’s intelligence service access to intellectual property and other sensitive business information.
A joint statement from Foreign Affairs Minister Marise Payne and Home Affairs Minister Peter Dutton said APT10 was acting on behalf of the Chinese Ministry of State Security and the group’s ‘sustained cyber intrusions’ were significant.
The group focused on large-scale managed service providers, known as MSPs, that manage IT services and infrastructure for medium-to-large businesses and organizations.
‘It’s the biggest and most audacious hack I’ve ever seen. The global scale of this. It’s breathtaking,’ the head of the Australian Cyber Security Centre, Alastair MacGibbon said
FBI Director (pictured) confirmed that banking, mining, and telecommunications companies were focused on by the alleged hackers, as was NASA and the US Department of Energy
Examples of MSPs allegedly targeted in the attacks include IBM, Hewlett Packard, and SAP.
Through hacking these MSPs, the group was able to gain access to information of potentially thousands of their clients, though the exact number is not known.
Among the businesses confirmed to be compromised is the Australian arm of a multi-national construction company.
Banking, mining, and telecommunications companies were focused on by the alleged hackers, as was NASA and the US Department of Energy.
The alleged hacking was uncovered by security experts from Price Waterhouse Coopers UK and BAE Systems under the name Operation Cloud Hopper in 2017.
China has denied the claims, saying the allegations of economic espionage were ‘slanderous.’
‘Australia calls on all countries – including China – to uphold commitments to refrain from cyber-enabled theft of intellectual property, trade secrets and confidential business information with the intent of obtaining a competitive advantage,’ the Ministers said in the statement, issued early on Friday.
The statement added that the security compromise was a reminder to all organizations to be vigilant, and directed Australian organizations to the government’s cyber security information website www.cyber.gov.au for advice.
The alleged hacking was uncovered by security experts from Price Waterhouse Coopers UK and BAE Systems under the name Operation Cloud Hopper in 2017