Members of the People's Liberation Army (PLA) attend a flag raising ceremony at the Shek Kong Barracks on June 30, 2018. Picture: Anthony Kwan
Members of the People's Liberation Army (PLA) attend a flag raising ceremony at the Shek Kong Barracks on June 30, 2018. Picture: Anthony Kwan

Chinese hacking plot against Aus businesses

The Australian federal government has called on China to close down a global plot by an intelligence service-backed hacking group to steal intellectual property from the West.

Two Chinese nationals have been charged in the US over their alleged membership of a hacking group operating in China known in global intelligence circles as Advanced Persistent Threat 10, of APT10.

The group, acting on behalf of the Chinese Ministry of State Security, is accused of targeting companies and government agencies in at least a dozen countries and trying to access to intellectual property and other sensitive business information.

Much of the hacking activities were carried out in recent years but global intelligence agencies have decided to go public now in a strong rebuke of China.

Speaking to ABC radio this morning, the head of Australian Cyber Security Centre, Alastair MacGibbon, said it was the largest state-backed effort to steal intellectual property from the private sector that he was aware of.

"This is an audacious global campaign run by a group that worked on behalf of the Ministry of State Security for the Chinese government. It is global in scale and very significant," he said.

"It is audacious, it is huge and it impacts potentially thousands of businesses globally. We know there are victims in Australia."

He accused the Chinese hacking division of "taking food off Australian tables."

A number of Australian companies affected were notified by authorities in 2016 and 2017.

China has been accused of a global hacking campaign, targeting Australian and other western companies to steal their secrets. Picture: Jens Schlueter
China has been accused of a global hacking campaign, targeting Australian and other western companies to steal their secrets. Picture: Jens Schlueter

Foreign Affairs Minister Marise Payne and Home Affairs Minister Peter Dutton said in a joint statement this morning that APT10's "sustained cyber intrusions" were significant and a "serious concern".

The hackers have focused on large managed service providers - companies that manage IT services and infrastructure for medium-to-large businesses and organisations - both in Australia and globally, the ministers said.

"Australia calls on all countries - including China - to uphold commitments to refrain from cyber-enabled theft of intellectual property, trade secrets and confidential business information with the intent of obtaining a competitive advantage," they said.

The Australian and Chinese governments signed a 2015 agreement not to steal private sector secrets but Mr MacGibbon said it is clear China has not been playing by the rules.

The US has charged the two Chinese nationals with conducting a massive state- sponsored cyber theft targeting companies and government agencies in at least a dozen countries.

"This is outright cheating and theft," US Deputy Attorney General Rod Rosenstein said in Washington.

FBI Director Christopher Wray with Deputy Attorney General Rod Rosenstein, speaks during a news conference at the Department of Justice in Washington, overnight. The Justice Department is charging two Chinese citizens with carrying out an extensive hacking campaign to steal data from Western companies. Picture: Manuel Balce Ceneta
FBI Director Christopher Wray with Deputy Attorney General Rod Rosenstein, speaks during a news conference at the Department of Justice in Washington, overnight. The Justice Department is charging two Chinese citizens with carrying out an extensive hacking campaign to steal data from Western companies. Picture: Manuel Balce Ceneta

He said the hacked data gave China an unfair advantage at the expense of businesses and countries that followed international law.

Mr Rosenstein said the threats posed by the hacking operation, which dates back to 2006, have never been more severe or more pervasive and are part of China's ultimate goal to replace the US as the world's leading superpower. Named in the US indictment are Zhu Hua and Zhang Shilong.

They allegedly worked for a company that acted in association with the Chinese Ministry of State Security's Tianjin State Security Bureau, the US Justice Department said.

The British government also accused China of conducting a "widespread and significant" campaign of cyber espionage against the UK and its allies.

The security compromise was a reminder to all organisations to be vigilant, the Australian federal government said.