Chinese-Backed Hackers Target Australian Networks: ACSC Report
The ACSC has accused Chinese-backed hackers, APT40, of stealing credentials from Australian networks in 2022. An extensive international investigation has identified ongoing cyber threats targeting various government and private sector networks.
- Country:
- Australia
Cybersecurity firms supported by Chinese authorities have been alleged to have stolen usernames and passwords from unspecified Australian networks in 2022, the Australian Cyber Security Centre (ACSC) reported on Tuesday. The investigation, which focused on the CCP-backed hacker group APT40, involved multiple international cybersecurity agencies.
The ACSC claimed APT40 conducted several operations for China's Ministry of State Security (MSS). According to leading cybersecurity agencies from the US, UK, Canada, New Zealand, Japan, South Korea, and Germany, APT40's activities and techniques align with those tracked as Advanced Persistent Threat (APT) 40.
According to the ACSC report, APT40 has consistently targeted Australian government and private sector networks. The group is known for rapidly adapting to exploit new vulnerabilities. They commonly engage in reconnaissance, exploit vulnerable infrastructure, and seek valid credentials to enable further activities using web shells.
The ACSC investigation noted that in August 2022, a malicious IP address linked to APT40 interacted with Australian computer networks. The compromised device likely belonged to a small business or home user.
(With inputs from agencies.)
ALSO READ
Australia and Papua New Guinea Set to Forge Historic Defense Pact
Australia's Swift Adjustment for Champions Glory
Australia Stands Firm on Supporting Ukraine Amid Controversial Comments
Unprecedented Naval Movement: Chinese Warships Off Australia's East Coast
Mass Repatriation Effort Unravels Scam Networks in Southeast Asia
Google News