TRANSCRIPT
Australia is leading the charge on cyber diplomacy for the first time by releasing a security advisory detailing what it's calling China's "malicious cyber operations".
Co-signed by the UK, US, Canada and New Zealand - known as the Five Eyes alliance.
As well as Germany, Japan and South Korea.
It focuses on the group APT40 based in Hainan Province, which it says acts on behalf of China's Ministry of State Security.
Rachael Falk, CEO of the Cyber Security Cooperative Research Centre, says governments often call out foreign cyber activity, but it's rare for 13 agencies from 8 countries to release a joint report.
"What's significant about this advisory is it's not just the Australian government saying, ‘hey we’re being targeted, our organisations are being targeted’. This is an ongoing threat. We want to raise awareness and get it out there in the public so that businesses large and small can do more to protect themselves because they've noted that the way they are getting is often known vulnerabilities, known to party software vulnerabilities. Some of the vulnerabilities are very new but in some cases the vulnerabilities they say using to get in date back to 2017."
APT stands for Advanced Persistent Threat.
Which according to the Australian Signals Directorate is "the most sophisticated and well-resourced type of malicious cyber adversary commonly associated with nation states."
The advisory says APT40 usually exploits 'vulnerabilities' in third party software, internet applications or out-of-date hardware to access a network, move around it, collect data and impair defences.
One example found hundreds of usernames and passwords were stolen from an Australian organisation in 2022.
Deputy Prime Minister Richard Marles says calling out this cyber activity can be a form of deterrence.
A move attracting bipartisan support.
Acting Shadow Home Affairs Minister Dan Tehan says it's important Australia continue to call out foreign cyber-attacks.
"We welcome the fact the Government has acted with our other international partners in calling this out. We have to continue to call out bad faith when we see it, we have to call out unfriendly actions when we see it, and it's absolutely vital that we stand up for our national interest. My hope would be that China realises that we're going to call this action out and we're going to stop it."
The Chinese embassy in Canberra says it opposes any groundless smears and accusations against China.
In fact, China is a major victim of cyber-attacks. China does not encourage, support or condone attacks launched by hackers.
Foreign Minister Penny Wong says the Government will continue to engage with China, but some analysts are concerned this move will derail Australia's efforts.
Greg Austin, adjunct professor at the Australia-China Relations Institute at the University of Technology Sydney, says 'public attribution' might not be the most advantageous tactic in cyber diplomacy.
"Whether this process of attribution is all that productive given that it's like the pot calling the kettle black because countries like Australia and the United States conduct cyber espionage against China. As we go forward with the Australian and Chinese government's attempting to restore relationships or achieve a degree of normalcy. These recurrent cyber-attacks stories will remain an important point of disagreement and have the chance ultimately to destabilise that rapport."
The advisory coincides with revelations almost 200 Commonwealth agencies have been instructed to audit all internet-facing technology amid rising fears about foreign interference and cyber security.
Rachael Falk says it's important for businesses and individuals to take note and remain vigilant to the ever-present threat of cyber-attacks.
"I think what it tells us this will never be over will never have this completely under control, but it is foreseeable, and organisations and companies and Boards do need to be aware of these ongoing threats and always question whether they're doing anything more or where they're directing their budget so they can best be mitigating these types of threats."
