The hacking accusation comes as Australia and China seek to restore ties. Image by Lukas Coch/AAP PHOTOS

politics

China-backed hackers blamed for espionage, data theft

Dominic Giannini and Kat Wong
July 9, 2024

Australia has unmasked a hacking group backed by China’s government, weeks after the two nations highlighted stability in their relationship.

The federal government, Five Eyes partners and other nations have named state-sponsored group APT40 as responsible for attacks on the public and private sectors.

The group was acting on behalf of China’s powerful minister of state security and is blamed for espionage and hacks.

Hundreds of usernames and passwords were stolen in an attack on one Australian entity in April 2022.

The word 'password' among zeroes and ones on a screen — *Passwords and usernames were stolen in a 2022 attack by APT40, the signals directorate says. Image by Dave Hunt/AAP PHOTOS*

“The threat they pose to our networks is ongoing,” the Australian Signals Directorate said in a joint advisory on Tuesday.

The group targeted outdated networks and devices that are no longer maintained, the directorate said.

“APT40 continues to find success exploiting vulnerabilities from as early as 2017.”

Compromised software included versions of Log4, Atlassian Confluence and Microsoft Exchange, according to the advisory.

One Australian organisation was compromised between July and September 2022, with APT40 able to map the network and execute control.

“The investigation uncovered evidence of large amounts of sensitive data being accessed and evidence that the actor moved laterally through the network,” the advisory said.

A Chinese embassy spokesperson rebuffed the findings and claimed China itself was a “major victim” of cyber attacks.

“We oppose any groundless smears and accusations against China,” they said in a statement on Tuesday.

“We keep a firm stance against all forms of cyber attacks and resort to lawful methods in tackling them.

“China does not encourage, support or condone attacks launched by hackers.”

Ethernet cables in a server room — *China says it does not condone cyber crime and was itself a “major victim” of hacking attacks. Image by Mick Tsikas/AAP PHOTOS*

It’s the first time Australia has taken the lead on a cyber advisory from Five Eyes intelligence partners Canada, New Zealand, the US and UK, and the first time Japan and Korea have joined the nation in attribution.

Attributions were an increasingly important tool in deterring malicious cyber activity, Defence Minister Richard Marles said.

Home Affairs Minister Clare O’Neil said cyber intrusions from foreign governments added “one of the most significant threats we face”.

ASD has issued advice on how to detect intrusions on its website.

The revelation comes weeks after Prime Minister Anthony Albanese hosted Chinese Premier Li Qiang during a four-day visit to Australia.

Mr Albanese said there were “encouraging signs” of stabilisation between the two nations during the trip and room for their relationship to expand.

Keep updated

Latest News

Argentina hand Wallabies historic Santa Fe belting

Sabalenka beats Pegula to win US Open title

K-pop phenomenon continues meteoric rise in Australia

Green stars as Australia limber up for England with win

Aussies Thompson and Purcell win US Open doubles crown

Latest Fact Checks

NASA mass extinction claims are utter gibberish

Facts throw shade on sunglasses-sunburn link claim

No, US government agency did not say there's no evidence of mpox

Fake news story used to spread defence deal falsehood

No, Imane Khelif not stripped of Olympic gold

AAP FactCheck

Information you can trust
Written by trained, experienced journalists using authoritative sources
Accredited by the International Fact-Checking Network (IFCN)

AAP FactCheck provides factual, authoritative information Australians can rely on. Accredited with the Poynter Institute's International Fact-Checking Network and adhering to the highest industry standards, our experienced team works to minimise the impact of misinformation.

AAP Photos

Award-winning Australian Photography
Editorial or Commercial use
Subscriptions or one-off licences

Image buyers from all industries rely on AAP Photos. A digital treasure trove of content depicting Australian life, our fully-searchable database contains millions of images from around the country and around the world.

AAPNews

News delivered to your inbox
Trusted, reliable and accurate
Corporate and individual packages available

AAPNews delivers newswire content direct to the public. Choose from a number of subscription models to not only gain access to high-quality fact-based news on your desktop or mobile device, but also to show your support for Australia's only not-for-profit newswire.

Newsroom

The wire – up to the minute news at your fingertips
Feeds delivered to your CMS
Agenda – AAP’s planning and events tool

Get the news feed your organisation needs, with AAP offering extensive coverage of news, courts, politics, sports, finance and the arts. Take advantage of AAP’s partner content to get the international news that matters to your business, with news feeds delivered via multiple channels including API and FTP.

Donate Now

WHY

AAP is Australia's only independent newswire service, delivering stories and images around the country and around the world every day. By supporting AAP with your contribution you are backing a team of dedicated, objective journalists to continue this work. Thank you.

Donations over $2 are tax deductible.

$10
$100
$500

Once
Monthly
Annually

DONATE