Chinese-Backed Hackers Target Australian Networks: ACSC Report
The ACSC has accused Chinese-backed hackers, APT40, of stealing credentials from Australian networks in 2022. An extensive international investigation has identified ongoing cyber threats targeting various government and private sector networks.
- Country:
- Australia
Cybersecurity firms supported by Chinese authorities have been alleged to have stolen usernames and passwords from unspecified Australian networks in 2022, the Australian Cyber Security Centre (ACSC) reported on Tuesday. The investigation, which focused on the CCP-backed hacker group APT40, involved multiple international cybersecurity agencies.
The ACSC claimed APT40 conducted several operations for China's Ministry of State Security (MSS). According to leading cybersecurity agencies from the US, UK, Canada, New Zealand, Japan, South Korea, and Germany, APT40's activities and techniques align with those tracked as Advanced Persistent Threat (APT) 40.
According to the ACSC report, APT40 has consistently targeted Australian government and private sector networks. The group is known for rapidly adapting to exploit new vulnerabilities. They commonly engage in reconnaissance, exploit vulnerable infrastructure, and seek valid credentials to enable further activities using web shells.
The ACSC investigation noted that in August 2022, a malicious IP address linked to APT40 interacted with Australian computer networks. The compromised device likely belonged to a small business or home user.
(With inputs from agencies.)
ALSO READ
Tony Popovic Named as New Australian Coach Following Shock Resignation
Tony Popovic: A New Dawn for Australia's Socceroos
Tony Popovic Appointed Head Coach of Australia's National Football Team
Tony Popovic Takes Helm as New Australia Coach After Graham Arnold's Resignation
New Zealand, Fiji, and Australia Strengthen Trade Ties in Trilateral Talks