Australian intelligence determined China was responsible for a cyber-attack on its national parliament and three largest political parties before the general election in May, five people with direct knowledge of the matter told Reuters.
Australia’s cyber intelligence agency the Australian Signals Directorate (ASD)—concluded in March that the ruling Chinese Communist Party’s (CCP’s) Ministry of State Security was responsible for the attack, the five people with direct knowledge of the findings of the investigation told Reuters.
The five sources declined to be identified due to the sensitivity of the issue. Reuters has not reviewed the classified report.
The report, which also included input from the Department of Foreign Affairs, recommended keeping the findings secret in order to avoid disrupting trade relations with Beijing, two of the people said. The Australian government has not disclosed who it believes was behind the attack or any details of the report.
In response to questions posed by Reuters, Prime Minister Scott Morrison’s office declined to comment on the attack, the report’s findings or whether Australia had privately raised the hack with China. The ASD also declined to comment.
China’s Foreign Ministry denied involvement in any sort of hacking attacks and said the internet was full of theories that were hard to trace.
“When investigating and determining the nature of online incidents there must be full proof of the facts, otherwise it’s just creating rumors and smearing others, pinning labels on people indiscriminately. We would like to stress that China is also a victim of internet attacks,” the Ministry said in a statement sent to Reuters.
“China hopes that Australia can meet China halfway, and do more to benefit mutual trust and cooperation between the two countries.”
China is Australia’s largest trading partner, dominating the purchase of Australian iron ore, coal and agricultural goods, buying more than one-third of the country’s total exports and sending more than a million tourists and students there each year.
Australian authorities felt there was a “very real prospect of damaging the economy” if it were to publicly accuse China over the attack, one of the people said.
Australia in February revealed hackers had breached the network of the Australian national parliament. Morrison said at the time that the attack was “sophisticated” and probably carried out by a foreign government. He did not name any government suspected of being involved.
When the hack was discovered, Australian lawmakers and their staff were told by the Speaker of the House of Representatives and the President of the Senate to urgently change their passwords, according to a parliamentary statement at the time.
The ASD investigation quickly established that the hackers had also accessed the networks of the ruling Liberal party, its coalition partner the rural-based Nationals, and the opposition Labor party, two of the sources said.
The Labor Party did not respond to a request for comment. One person close to the party said it was informed of the findings, without providing details.
The attack on the political parties gave the perpetrators access to policy papers on topics such as tax and foreign policy, and private email correspondence between lawmakers, their staff and other citizens, two sources said.
Independent members of parliament and other political parties were not affected, one of those sources said.
Australian investigators found the attacker used code and techniques known to have been used by agents of the CCP in the past, according to the two sources.
Australian intelligence also determined that the country’s political parties were a target of Beijing spying, they added, without specifying any other incidents.
The people declined to specify how the attackers breached network security and said it was unclear when the attack had begun or how long the hackers had access to the networks.
The attackers used sophisticated techniques to try to conceal their access and their identity, one of the people said, without providing details.
The findings were also shared with at least two allies, the United States and the United Kingdom, said four people familiar with the investigation.
The UK sent a small team of cyber experts to Canberra to help investigate the attack, three of those people said.
The United States and the United Kingdom both declined to comment.
Australia has in recent years intensified efforts to address the CCP’s growing influence in Australia, policies that have seen warnings from China.
For instance, in 2017, Canberra banned political donations from overseas and required lobbyists to register any links to foreign governments. A year later, the ASD led Australia’s risk assessment of new 5G technology, which prompted Canberra to effectively ban the CCP’s telecom firm Huawei from its nascent 5G network.
While some U.S. officials and diplomats have welcomed such steps by Australia and praise the countries’ strong intelligence relationship, others have been frustrated by Australia’s reluctance to more publicly confront China, according to two U.S. diplomatic sources.
China researcher at Charles Sturt University Professor Clive Hamilton said on Twitter, “Our refusal to call out Beijing is sheer gutlessness on the part of our political leaders and bureaucrats.”