Australia accuses Hainan-based Chinese hackers of prowling sensitive computer networks

Australian intelligence on Tuesday issued a warning about APT40 using old and forgotten devices to infiltrate sensitive networks

Reading Time:2 minutes

A remote sensing satellite ground station is seen in Hainan province. Australian intelligence claimed APT40 conducted “malicious cyber operations” for an arm of China’s Ministry of State Security based in Hainan. Photo: Xinhua

Published: 11:45am, 9 Jul 2024Updated: 2:54pm, 9 Jul 2024

Australia’s cyber intelligence agency sounded a rare warning on Tuesday about the rising threat of state-backed Chinese hackers, saying they were “actively” looking for targets to compromise.

The Australian Signals Directorate singled out the APT40 hacking group in a detailed, technical advisory note that unpicked its evolving tradecraft.

“APT40 has repeatedly targeted Australian networks as well as government and private sector networks in the region, and the threat they pose to our networks is ongoing,” the note read.

The Australian Signals Directorate said APT40 – meaning Advanced Persistent Threat – conducted “malicious cyber operations” for an arm of China’s Ministry of State Security based in Hainan province.

01:58

China denies accusations of state-sponsored hacking from US, UK and New Zealand

The directorate said APT40 looked to infiltrate old and forgotten devices that were still connected to sensitive computer networks.

Using these computers to gain an undetected “foothold”, they were then able to “rapidly” exploit vulnerabilities and plunder information.