On Tuesday, the Australian cyber security agency, Australian Signals Directorate (ASD), once more issued its warning concerning the continuous threat from Chinese hackers towards Australia.
The Threat Actor:
A new document outlines the workings of a collective going by the name of “APT40,” which the ASD says is affiliated with China’s Ministry of State Security and is Hainan province-based. APT40, the ASD warns, “has repeatedly targeted Australian networks as well as government and private networks in the region. The threat they pose to our critical infrastructure is ongoing.”
Stealthy Tactics:
But, unlike most of the discussed hacker groups above, APT40 doesn’t rely on flashy tactics. The ASD found that APT40 commonly goes after old devices that are still attached to key networks in an effort to go unnoticed within systems. “APT40 regularly conducts reconnaissance operations on strategic networks in Australia to identify these vulnerabilities,” the ASD said.
The ASD alert was not issued in a vacuum; it was developed with the help of cyber security agencies from the US, Great Britain, Germany, Japan, South Korea, and others. It is yet another example of a growing risk and an imperative call for vigilance.
Cybersecurity experts blame other causes for such an increased targeting in the vulnerabilities detected within Australia’s security systems.
In November 2023, hackers infiltrated DP World computers and launched a cyber attack against Australia’s largest ports, which handle 40% of the country’s cargo volume.
This is after a significant data breach in 2022 in which Optus, one of the largest telecommunications operators in the country, had personal information stolen from over nine million customers.
More recently, a November 2022 hack compromised the data of 9.7 million current and former customers of Medibank, Australia’s largest private health insurer. Such incidents are just an eye-opener to the urgent need for Australia to strengthen its cybersecurity protection.