CCP Is Backer Behind Cyberattacks, Australian Intelligence Says

The CCP—a backer of cyber crime—remains a significant threat to Australia’s cyber security amid a surge in cybercrimes in 2022-2023.
CCP Is Backer Behind Cyberattacks, Australian Intelligence Says
A map of China is seen through a magnifying glass on a computer screen showing binary digits on Jan. 2, 2014. (Edgar Su/Reuters)
Alfred Bui

The Australian government has singled out the Chinese Communist Party (CCP) as a sponsor of cyberattacks and malicious activities targeting critical infrastructures and businesses in the country.

In a newly released report, the Australian Signals Directorate (ASD), responsible for foreign signals intelligence, cyber security, and offensive cyber operations, raised the alarm about a sharp rise in cybercrimes against Australian government entities, companies, and individuals.

The report (pdf) pointed out that the CCP remained a significant threat to Australia’s cyber security in 2023.

In May, the ASD highlighted that Volt Typhoon, a hacking group backed by the Chinese regime, was able to use a technique called “living off the land” to blend in with normal system and network activities to steal information and conduct cyber espionage.

The ASD said the Volt Typhoon had infiltrated networks across U.S. critical infrastructure sectors and was concerned that the hacking group could apply this technique to Australian systems.

Along with the CCP, Russia was listed as a threat after its Federal Security Service used the “Snake” malware for long-term intelligence collection on high-priority targets worldwide.

The ASD expressed concern that the AUKUS partnership, involving Australia, the United Kingdom, and the United States, and its focus on nuclear submarines and other advanced military capabilities, was likely to be targeted by malicious state actors.

“The global and regional strategic environment continues to deteriorate, which is reflected in the observable activities of some state actors in cyberspace,” the report said.

“Some states are willing to use cyber capabilities to destabilise or disrupt economic, political, and social systems.

“Some also target critical infrastructure or networks of strategic value with the aim of coercion or prepositioning on a network for future disruptive activity.”

The ASD also warned that state actors would continue to target Australian government agencies, critical infrastructure, and companies to collect information, with the potential for significant disruptive and destructive activities in a deteriorating geopolitical environment.

Australia’s Dilemma in Maintaining a Relationship with the CCP

Despite ongoing malicious campaigns from the CCP, China continues to be Australia’s largest trading partner.

In a television interview with the Australian Broadcasting Corporation, Deputy Prime Minister and Defence Minister Richard Marles admitted that Australia’s relationship with China was “complex.”

“We value, clearly, a productive relationship with China. But we’ve never pretended that this relationship is easy,” he said.

“They’re our largest trading partner, so it’s right to be investing in that relationship. But China has been a source of security anxiety for our country, and we prepare for that as well.”

Deputy PM Richard Marles speaks to the media in Tasmania, Australia, on May 3, 2023. (Steve Bell/Getty Images)
Deputy PM Richard Marles speaks to the media in Tasmania, Australia, on May 3, 2023. (Steve Bell/Getty Images)

While the government attributed the CCP as a backer behind cyberattacks against Australia, the deputy prime minister said there was a need to maintain “excellent” diplomacy with the Chinese regime and stabilise the relationship between the two countries.

At the same time, Mr. Marles also assured the public that the government was trying to make critical infrastructure defence as robust as possible.

“That’s why we’re seeing a $10 billion (US$6.5 billion) investment over ten years in the Australian Signals Directorate, which effectively doubles the size of ASD,” he said.

“It is a huge uplift in our cyber capability and our cyber defence.”

Mr. Marles’s remarks came after Home Affairs and Cybersecurity Minister Clare O'Neil openly admitted that Australia was vulnerable to cyberattacks following the hack of Australia’s second-largest port operator, DP World Australia, on Nov. 10, which sparked fears about a severe disruption to the supply chain.

A Surge in Cybercrimes Targeting Australian Entities

The ASD reported over 94,000 reports of cybercrimes in the 2022-2023 financial year, up 23 percent from the previous year.

This is equal to a cybercrime being reported every six minutes.

In addition, the Australian Cyber Security Hotline received 90 calls about cybercrimes per day, up from 69 calls previously.

While these figures represented a sharp rise in the number of cyber incidents, it was the tip of the iceberg, as only a small proportion of affected individuals and institutions reported incidents to authorities.

Meanwhile, enterprises saw a 14 percent increase in the cost of cybercrime, with small businesses experiencing an average financial loss of $46,000, $97,200 for medium businesses, and $71,600 for large businesses.

The top three cybercrime types for individuals were identity fraud, online banking fraud, and online shopping fraud, while the top three cybercrime types for businesses were email compromise, business email compromise fraud, and online banking fraud.

During the past year, the ASD responded to over 1,100 cybersecurity incidents, with 10 percent of them related to ransomware.

Alfred Bui is an Australian reporter based in Melbourne and focuses on local and business news. He is a former small business owner and has two master’s degrees in business and business law. Contact him at [email protected].
Related Topics