A few days after Australian Prime Minister Scott Morrison called for an independent international probe into the origins of COVID-19, Chinese bots swarmed Australian government networks. It was April last year.
The bots ran hundreds of thousands of scans, apparently looking for vulnerabilities that could later be exploited. It was a massive and noisy attack with little effort made to hide the bots’ presence, said Robert Potter, chief executive officer of Internet 2.0, an Australian cybersecurity firm that works extensively with the federal government.
“It was just a door knock, like someone walking up and ringing your doorbell,” he said.
Illustration: Lance LIu
The previously unreported network scans were followed by months of hacks that would reverberate across the Australian economy. Victims included the parliamentary e-mail network, the Australian Bureau of Meteorology and the departments of defense and health, according to people familiar with the situation and reporting in the Australian media.
State government departments including education and finance were also hit, as well as numerous Australian universities and businesses. While Beijing denied any involvement, cybersecurity experts traced much of the activity to systems used by China-based advanced persistent threat groups, a term often used to describe state-sponsored hackers.
“China’s cyber reach is detectable on almost every government server,” Potter said. “It isn’t subtle and it increases and decreases in a way that correlates to our overall relationship.”
Beijing’s retaliation against Australia’s repeated calls for an international probe is a clear example of what can happen to even the wealthiest nations if they annoy China enough, people familiar with the situation said.
Around the world, cybersecurity entered everyday vernacular last year, as businesses and people working from home were phished, scammed, hacked and extorted. Evidence of Chinese hacks has been found from the US to India to Israel — and of course, China is far from the only nation-state that carries out such activity. What sets apart the campaign against Australia — the world’s most China-reliant economy — is its sheer scale.
Those bot network scans, along with cyberattacks including breaches of the government’s networks, were sufficiently critical for the prime minister to announce in June last year that a “state-based cyberactor” was “targeting Australian organizations across a range of sectors, including all levels of government, industry,” as well as education and critical infrastructure.
Morrison refused to attribute the malicious behavior, but said “there are not a large number of state-based actors that can engage in this type of activity.”
Unofficially, three people familiar with the situation said it was clear Beijing’s cyberarmy was behind it.
The Chinese Ministry of Foreign Affairs denied the allegations, saying that the “Australian government and media have wrongly accused China of hacking many times before based on insufficient evidence.”
China has “always supported and actively participated in scientific studies” on finding the origins of COVID-19, the ministry added.
Even before the calls for a COVID-19 probe, Australia’s relationship with China was looking shaky. Over the years, the country has increasingly legislated to curb foreign interference and acquisitions of critical infrastructure — moves widely seen as an attempt to contain Chinese influence.
Australia was the first country to ban Huawei Technologies and ZTE from bidding for contracts to install everything from the national broadband network to 5G. Other governments including the US and Sweden have followed suit.
“China’s treatment of Australia has been distinctive if not unique,” said Hugh White, a former intelligence official who is an emeritus professor of strategic studies at the Australian National University. “I haven’t been able to identify another country that had pressure placed on it over such a broad range of areas.”
Australia’s position in the region and its strategic partnership with the US — which continues to vie for dominance in Asia — make it difficult for China to back down, White said.
“The Chinese have been eager to look for the opportunity to show the rest of Asia what’s at stake, as they make their decisions about how they position themselves in relation to the US and China,” he said. “Australia is the perfect victim for that.”
Australian officials have been loath to publicly attribute much of the nation-state cyberactivity to China, and have only done so when calling out international espionage campaigns in unison with allies in Washington and London.
Beijing denied China was behind any cyberattack after Morrison’s announcement in June last year, with Chinese Ministry of Foreign Affairs spokesman Zhao Lijian (趙立堅) describing the country as a “staunch upholder” of cybersecurity and “the biggest victim of cyberattacks.”
Australian Security Intelligence Organisation Director-General Mike Burgess has said that attributing blame for spying is a distraction because “we all do it.”
“If I’m pointing my finger at you accusing you of espionage, I’ve got three fingers pointing back at me,” Burgess told Sky News in March. “Sometimes, though, it is right that governments do it because someone’s overstepped a line — it’s not just the theft of a military secret, it’s something else more offensive to our nation or damaging to our nation, and that’s the judgement governments are best placed to make.”
Chinese diplomats in Canberra have accused the government of pandering to Washington, and wondered aloud whether their country’s tourists and students — who collectively brought more than A$22 billion (US$16.32 billion) in revenue to Australia in 2019 — might stop patronizing a nation that is not friendly to China.
“It is up to the people to decide. Maybe the ordinary people will say: ‘Why should we drink Australian wine? Eat Australian beef?’” Chinese Ambassador to Australia Cheng Jingye (成競業) told the Australian Financial Review after Morrison’s call to establish an inquiry.
Beijing followed up with a months-long series of trade reprisals hitting Australian exports ranging from coal and grain to lobster and wine — an industry worth about A$1.2 billion in 2019 that is now subject to tariffs of more than 200 percent.
There was more. In November last year, the Chinese embassy in Canberra leaked a list of 14 grievances and accused Australia of “poisoning bilateral relations,” the Sydney Morning Herald reported.
The list included complaints about the Huawei ban, the call to investigate COVID-19’s origins, the cancelation of academic visas and the blocking of 10 Chinese investment deals, the Herald reported.
There was also criticism of “thinly veiled allegations against China on cyberattacks without any evidence,” the newspaper reported.
There were also the hacks.
For the first time, the government was among the top five sectors with the most reportable data breaches last year, according to a government agency that tracks the activity.
State government systems and e-mail networks were attacked, at least one government entity was subject to a brute force attack, and Cabinet ministers were victims of phishing scams that attempted to extort money and collect information on their connections with dissidents in Hong Kong.
Unlike ransomware or denial of service attacks — which paralyze network systems until payments are made — state actor activity often goes unnoticed by targets, who only find out they have been compromised from government officials or outside threat analysts, said Paul Nevin, chief technology officer at Canberra-based cybersecurity firm CyberMerc.
“Those initial discussions usually come as a shock, and it takes a while for that to sink in,” Nevin said.
Sophisticated cybercriminals or state actors might be reading the e-mails of executives watching for breach notifications.
“So one of the first things I would do is explain over the phone or a secure messaging system: Do not mention this on e-mail, do not talk about it, take it offline. You have to literally assume the actors are in there watching, and very often they are.”
In September last year, as the government’s cybersecurity agency released its first annual report, then-Australian minister for defense Linda Reynolds said there was a “new normal” of cyberattacks on Australia that blurred the line between “peace and war.”
While cybercriminals were taking advantage of the vulnerabilities laid bare by COVID-19, there were also “sophisticated and very well-resourced state-based actors who are seeking to interfere in our nation in this gray zone in any opportunistic way they can,” she said.
The business community has also been affected, said Michelle Price, chief executive officer of AustCyber, a government-funded company focused on building the domestic cybersecurity industry.
“Industry threat analysts in Australia and elsewhere were telling me that as lobster shipments and barley were being rejected, they were seeing a commensurate level of activity happening in the cyberdomain coming from China,” she said.
“We are going through the experience that other nations have before us, where it’s not just retaliation aimed at the government, it spills out over into the broader economy and to the community,” she said. “We become collateral damage in those kinds of government-to-government machinations.”
Australian universities, which collect about A$10 billion per year from Chinese students, are reluctant to discuss the country’s online behavior in any aspect.
The cybersecurity research department at Monash University in Melbourne does not “get involved in any political stories relating to China,” as their researchers “are not comfortable commenting on this issue,” Hande Cater, the media adviser at Monash’s Information Technology Faculty, wrote in an e-mail.
Australia’s circumstances might be unique. Nevertheless its situation shows the range of tactics experts say China can deploy against any country that falls foul of Beijing.
For now, Australia is in the freezer, former Australian prime minister Malcolm Turnbull said, and it is unlikely either side will blink anytime soon.
“We have boundaries of trust with China, and there’s nothing wrong with that, but what we’ve got to do is focus on the areas where we do have a level of trust,” said Turnbull, who as prime minister banned Huawei from bidding to install Australia’s 5G network.
“If I say I don’t trust you enough to not misuse a capability that you would have if you built our 5G network, you are not going to persuade me by then beating me up in a whole lot of other areas,” he said.
Unless Hollywood movies like Greenland, Deep Impact, and Armageddon have predictive powers and a rogue space rock is heading our way, stopping Chinese Communist Party expansionism is likely to prove the single most challenging and dangerous problem of our lifetimes. How can the United States, Taiwan, and other liberal democracies prepare for and prevent attacks from China? How can Washington bolster Taipei’s confidence when it doesn’t recognize Taiwan as a real country and, so far, lacks the political will to make major adjustments to its ossified China policy and Taiwan policy? How can Taiwan make itself heard on the world stage when
Hypersonic weapons are defined as armaments capable of traveling at speeds faster than Mach 5 and can be broadly classified into two types: hypersonic glide vehicles (HGV) and hypersonic cruise missiles. The former are launched into the upper atmosphere by ballistic missiles. The vehicle is then separated from the booster to maneuver, or glide, toward its target. The latter can be launched from a jet plane or rocket to reach supersonic speed before igniting a scramjet engine to achieve hypersonic speeds. As the US engages in a great-power competition with China and Russia, all three countries are racing to field hypersonic
The number of people emigrating from Hong Kong has been rapidly increasing, Hong Kong Census and Statistics Department data show, with the territory’s population dropping by 110,000 people from 2019 to this year. China’s imposition of a National Security Law has clearly triggered a massive population outflow. However, not only people but also foreign businesses are leaving Hong Kong. For example, Vanguard Group, the world’s second-largest asset management company, VF Corp and Sony Interactive Entertainment have moved their top regional management from Hong Kong to Singapore. LVMH Moet Hennessy Louis Vuitton, the world’s largest luxury goods company, has also relocated staff
President Tsai Ing-wen’s (蔡英文) Double Ten National Day address has attracted a great deal of analysis and many different interpretations. One core question is why Tsai chose this occasion to discuss Taiwan’s national status. What was her main motive and what effect did she intend to have? These are issues that clearly need further clarification. The section of Tsai’s speech that attracted the most attention internationally was, not surprisingly, the part where she laid out “four commitments” that she said should serve as common ground for all Taiwanese, regardless of political affiliation. The commitments were to liberal democracy and constitutional government; that the