Australian Companies Targeted By Chinese Hackers

January 8, 2019 Updated: January 8, 2019

Tens of thousands of Australian companies may have been compromised by the Chinese Regime’s cyber hacking campaign, one of Australia’s top cyber security advisor has warned.

The announcement comes amidst reports the Chinese Regime’s intelligence services hacked into the world’s biggest Managed Service Providers (MSPs) such as Hewlett Packard, IBM, and SAP (Systems Applications and Products).

Commercial secrets, client data, information related to human resources and account management are among the information likely to have been accessed.

“It’s the biggest and most audacious campaign I’ve seen,” said Alastair MacGibbon, head of the government’s Australian Cyber Security Centre. “This is massive in its scope and its scale. It’s breathtaking.”

Cyber attacks are known to have begun as early as 2006 and have been focused on several large-scale MSPs, which commercial firms trust to store, manage, and protect IT data and are also specialist companies that manage IT services and infrastructure for many medium to large sized organizations.

Mining Companies Targeted

Mining companies in Western Australia have also been victims of the Chinese regime’s cyber hacking activities, and reportedly lost billions of dollars in revenue in the past decade.

Data related to production levels at both big and small mining companies, were used by the Chinese regime’s state owned enterprises that buy Australian minerals, as leverage while negotiating contracts.

In 2012, MI5 director-general Jonathan Evans revealed an attack had cost Rio Tinto A$1.43 billion ($1.04 billion) in lost revenue, not just through intellectual property loss but also from “commercial disadvantage” in contractual negotiations, reported Bloomberg.

According to the Australian Strategic Policy Institute, the Chinese Communist Party gives high priority to the secure supply of raw materials. Hence there is still an ongoing interest in gathering commercial intelligence on Australian mining companies.

In another example of cyber hacking, Chinese hackers stole a metal detector design from Codan, an Australian metal detection and mining technology firm, and then sold cheap imitations into Africa back in 2015, reported IT News.

Codan chief executive Donald McGurk said the Australian Security Intelligence Organisation (ASIO) had informed him that an employee’s laptop had been hacked into by the Chinese regime.

McGurk requested the Australian government to speak to Chinese authorities, but discovered his company was on its own. He was then forced to slash the price of the company’s gold detectors from A$4000–A$5000 ($2851–$3563) to around A$2500 ($1781) to compete with the counterfeits.

International Condemnation

Countries such as Australia, New Zealand, Canada, the United Kingdom, United States, and Japan have publicly condemned China, following the indictment of two Chinese nationals, Zhu Hua and Zhang Jianguo, for a malicious global hacking campaign widely known as Cloud Hopper.

Both Zhu and Zhang were part of the hacking group known as Advanced Persistent Threat 10, or APT10. The men had been involved in hacking operations with APT10 since 2006, according to the U.S. Justice Department.

APT10 is accused of targeting companies and government agencies in more than a dozen countries around the world, to steal their intellectual property and sensitive commercial data.

“This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow the international rules in return for the privilege of participating in the global economic system,” U.S. Deputy Attorney General Rod J. Rosenstein said in a statement.

Australian Foreign Affairs Minister Marise Payne described cyber attacks from APT10 as significant and undermined global economic growth, national security, and international stability.

“Australia calls on all countries–including China–to uphold commitments to refrain from cyber-enabled theft of intellectual property, trade secrets, and confidential business information with the intent of obtaining a competitive advantage,” Payne said in a statement.

“These commitments were agreed by G20 Leaders in 2015. Australia and China reaffirmed them bilaterally in 2017. The worldwide cyber security compromise serves as a reminder that all organisations must remain vigilant about security and that organisations such as MSPs must be responsible and accountable to those they serve.”

Advice to Companies Affected

According to the Australian Cyber Security Centre (ACSC), MSP customers should contact their responsible MSPs to ensure they are doing everything necessary to investigate whether they have been compromised and what effect it has had.

The ACSC has compiled questions (pdf) companies can ask their MSPs  including whether they are:

  1. implementing best practice cyber security guidance
  2. regularly assessing customer cyber security posture
  3. protecting access to customer systems
  4. protecting users from socially engineered emails
  5. backing up customer data
  6. prepared for and actively reporting cyber security incidents

RECOMMENDED
TOP VIDEOS