A recent Fairfax investigation has found that China’s top security agency has ordered a rise in the number of cyber attacks directly targeting Australian businesses in the past twelve months.
A report published by The Age “confirms that China’s Ministry of State Security is responsible for what is known in cyber circles as ‘Operation Cloud Hopper’, a wave of attacks detected by Australia and its partners in the ‘Five Eyes’ intelligence sharing alliance.”
A spokesperson for the government has since issued this statement: “The Coalition Government has been active in strengthening Australia’s capability to detect and respond to cyber enabled threats and is committed to ensuring businesses and the Australian public community are resilient to cyber-attacks.”
However, The Age is reporting that members of the Australian Federal Police have aired frustrations “that Australian companies and universities failed to heed repeated warnings to harden their security against both criminals and attacks directed by nation states.”
In response, an anonymous senior Government source told The Age that China’s online activity presents “a constant, significant effort to steal our intellectual property.” The revelation that China has actually increased the frequency of its attacks can be taken as a violation of a previous agreement struck between former Australian Prime Minister Malcolm Turnbull and Chinese Premier Li Keqiang to curb the rate of stealing each other’s commercial secrets; something the U.S. is currently alleging against China at the time of writing.
The U.S. Department of Justice has in the past twelve months focussed on investigating and prosecuting of Chinese cyber attacks, with vice president Mike Pence alleging China of “intellectual property theft” just days ago at the APEC summit in Papua New Guinea.
“One of the most active Chinese adversaries has been dubbed ‘APT10’, while ‘Cloud Hopper’ refers to the technique used by this group as they ‘hop’ from cloud storage services into a company’s IT system”, according to The Age.
In many cases, Chinese hackers were able to access the inner-workings of an Australian enterprise’s network by targeting firms that were outsourcing their IT. Adrian Nish, head of Threat Intelligence at BAE Systems says the attackers are focussing on mining, engineering and professional service companies in particular with their attacks.
This will likely come as no surprise, but does act to underline the importance of having a robust set of security protocols in place for your IT systems. All the evidence currently available points to the fact that this is going to be an increasing trend, so do your business – and your staff and clients – a favour and look into improving the proficiency of your data management and security procedures.