Chinese-Backed Hackers Target Australian Networks: ACSC Report
The ACSC has accused Chinese-backed hackers, APT40, of stealing credentials from Australian networks in 2022. An extensive international investigation has identified ongoing cyber threats targeting various government and private sector networks.
- Country:
- Australia
Cybersecurity firms supported by Chinese authorities have been alleged to have stolen usernames and passwords from unspecified Australian networks in 2022, the Australian Cyber Security Centre (ACSC) reported on Tuesday. The investigation, which focused on the CCP-backed hacker group APT40, involved multiple international cybersecurity agencies.
The ACSC claimed APT40 conducted several operations for China's Ministry of State Security (MSS). According to leading cybersecurity agencies from the US, UK, Canada, New Zealand, Japan, South Korea, and Germany, APT40's activities and techniques align with those tracked as Advanced Persistent Threat (APT) 40.
According to the ACSC report, APT40 has consistently targeted Australian government and private sector networks. The group is known for rapidly adapting to exploit new vulnerabilities. They commonly engage in reconnaissance, exploit vulnerable infrastructure, and seek valid credentials to enable further activities using web shells.
The ACSC investigation noted that in August 2022, a malicious IP address linked to APT40 interacted with Australian computer networks. The compromised device likely belonged to a small business or home user.
(With inputs from agencies.)
ALSO READ
Australia Clinches Ashes Victory with Decisive Win Over England
Australia Unites in Candlelit Vigil for Sydney Shooting Victims
Australia Unites in Remembrance: A Nation Reflects After Sydney's Bondi Beach Attack
Australia on Verge of Ashes Victory Despite Lyon's Injury
Australia Clinches The Ashes in Commanding Style
Google News