A few days after Australian Prime Minister Scott Morrison called for an independent international probe into the origins of COVID-19, Chinese bots swarmed Australian government networks. It was April last year.
The bots ran hundreds of thousands of scans, apparently looking for vulnerabilities that could later be exploited. It was a massive and noisy attack with little effort made to hide the bots’ presence, said Robert Potter, chief executive officer of Internet 2.0, an Australian cybersecurity firm that works extensively with the federal government.
“It was just a door knock, like someone walking up and ringing your doorbell,” he said.
Illustration: Lance LIu
The previously unreported network scans were followed by months of hacks that would reverberate across the Australian economy. Victims included the parliamentary e-mail network, the Australian Bureau of Meteorology and the departments of defense and health, according to people familiar with the situation and reporting in the Australian media.
State government departments including education and finance were also hit, as well as numerous Australian universities and businesses. While Beijing denied any involvement, cybersecurity experts traced much of the activity to systems used by China-based advanced persistent threat groups, a term often used to describe state-sponsored hackers.
“China’s cyber reach is detectable on almost every government server,” Potter said. “It isn’t subtle and it increases and decreases in a way that correlates to our overall relationship.”
Beijing’s retaliation against Australia’s repeated calls for an international probe is a clear example of what can happen to even the wealthiest nations if they annoy China enough, people familiar with the situation said.
Around the world, cybersecurity entered everyday vernacular last year, as businesses and people working from home were phished, scammed, hacked and extorted. Evidence of Chinese hacks has been found from the US to India to Israel — and of course, China is far from the only nation-state that carries out such activity. What sets apart the campaign against Australia — the world’s most China-reliant economy — is its sheer scale.
Those bot network scans, along with cyberattacks including breaches of the government’s networks, were sufficiently critical for the prime minister to announce in June last year that a “state-based cyberactor” was “targeting Australian organizations across a range of sectors, including all levels of government, industry,” as well as education and critical infrastructure.
Morrison refused to attribute the malicious behavior, but said “there are not a large number of state-based actors that can engage in this type of activity.”
Unofficially, three people familiar with the situation said it was clear Beijing’s cyberarmy was behind it.
The Chinese Ministry of Foreign Affairs denied the allegations, saying that the “Australian government and media have wrongly accused China of hacking many times before based on insufficient evidence.”
China has “always supported and actively participated in scientific studies” on finding the origins of COVID-19, the ministry added.
Even before the calls for a COVID-19 probe, Australia’s relationship with China was looking shaky. Over the years, the country has increasingly legislated to curb foreign interference and acquisitions of critical infrastructure — moves widely seen as an attempt to contain Chinese influence.
Australia was the first country to ban Huawei Technologies and ZTE from bidding for contracts to install everything from the national broadband network to 5G. Other governments including the US and Sweden have followed suit.
“China’s treatment of Australia has been distinctive if not unique,” said Hugh White, a former intelligence official who is an emeritus professor of strategic studies at the Australian National University. “I haven’t been able to identify another country that had pressure placed on it over such a broad range of areas.”
Australia’s position in the region and its strategic partnership with the US — which continues to vie for dominance in Asia — make it difficult for China to back down, White said.
“The Chinese have been eager to look for the opportunity to show the rest of Asia what’s at stake, as they make their decisions about how they position themselves in relation to the US and China,” he said. “Australia is the perfect victim for that.”
Australian officials have been loath to publicly attribute much of the nation-state cyberactivity to China, and have only done so when calling out international espionage campaigns in unison with allies in Washington and London.
Beijing denied China was behind any cyberattack after Morrison’s announcement in June last year, with Chinese Ministry of Foreign Affairs spokesman Zhao Lijian (趙立堅) describing the country as a “staunch upholder” of cybersecurity and “the biggest victim of cyberattacks.”
Australian Security Intelligence Organisation Director-General Mike Burgess has said that attributing blame for spying is a distraction because “we all do it.”
“If I’m pointing my finger at you accusing you of espionage, I’ve got three fingers pointing back at me,” Burgess told Sky News in March. “Sometimes, though, it is right that governments do it because someone’s overstepped a line — it’s not just the theft of a military secret, it’s something else more offensive to our nation or damaging to our nation, and that’s the judgement governments are best placed to make.”
Chinese diplomats in Canberra have accused the government of pandering to Washington, and wondered aloud whether their country’s tourists and students — who collectively brought more than A$22 billion (US$16.32 billion) in revenue to Australia in 2019 — might stop patronizing a nation that is not friendly to China.
“It is up to the people to decide. Maybe the ordinary people will say: ‘Why should we drink Australian wine? Eat Australian beef?’” Chinese Ambassador to Australia Cheng Jingye (成競業) told the Australian Financial Review after Morrison’s call to establish an inquiry.
Beijing followed up with a months-long series of trade reprisals hitting Australian exports ranging from coal and grain to lobster and wine — an industry worth about A$1.2 billion in 2019 that is now subject to tariffs of more than 200 percent.
There was more. In November last year, the Chinese embassy in Canberra leaked a list of 14 grievances and accused Australia of “poisoning bilateral relations,” the Sydney Morning Herald reported.
The list included complaints about the Huawei ban, the call to investigate COVID-19’s origins, the cancelation of academic visas and the blocking of 10 Chinese investment deals, the Herald reported.
There was also criticism of “thinly veiled allegations against China on cyberattacks without any evidence,” the newspaper reported.
There were also the hacks.
For the first time, the government was among the top five sectors with the most reportable data breaches last year, according to a government agency that tracks the activity.
State government systems and e-mail networks were attacked, at least one government entity was subject to a brute force attack, and Cabinet ministers were victims of phishing scams that attempted to extort money and collect information on their connections with dissidents in Hong Kong.
Unlike ransomware or denial of service attacks — which paralyze network systems until payments are made — state actor activity often goes unnoticed by targets, who only find out they have been compromised from government officials or outside threat analysts, said Paul Nevin, chief technology officer at Canberra-based cybersecurity firm CyberMerc.
“Those initial discussions usually come as a shock, and it takes a while for that to sink in,” Nevin said.
Sophisticated cybercriminals or state actors might be reading the e-mails of executives watching for breach notifications.
“So one of the first things I would do is explain over the phone or a secure messaging system: Do not mention this on e-mail, do not talk about it, take it offline. You have to literally assume the actors are in there watching, and very often they are.”
In September last year, as the government’s cybersecurity agency released its first annual report, then-Australian minister for defense Linda Reynolds said there was a “new normal” of cyberattacks on Australia that blurred the line between “peace and war.”
While cybercriminals were taking advantage of the vulnerabilities laid bare by COVID-19, there were also “sophisticated and very well-resourced state-based actors who are seeking to interfere in our nation in this gray zone in any opportunistic way they can,” she said.
The business community has also been affected, said Michelle Price, chief executive officer of AustCyber, a government-funded company focused on building the domestic cybersecurity industry.
“Industry threat analysts in Australia and elsewhere were telling me that as lobster shipments and barley were being rejected, they were seeing a commensurate level of activity happening in the cyberdomain coming from China,” she said.
“We are going through the experience that other nations have before us, where it’s not just retaliation aimed at the government, it spills out over into the broader economy and to the community,” she said. “We become collateral damage in those kinds of government-to-government machinations.”
Australian universities, which collect about A$10 billion per year from Chinese students, are reluctant to discuss the country’s online behavior in any aspect.
The cybersecurity research department at Monash University in Melbourne does not “get involved in any political stories relating to China,” as their researchers “are not comfortable commenting on this issue,” Hande Cater, the media adviser at Monash’s Information Technology Faculty, wrote in an e-mail.
Australia’s circumstances might be unique. Nevertheless its situation shows the range of tactics experts say China can deploy against any country that falls foul of Beijing.
For now, Australia is in the freezer, former Australian prime minister Malcolm Turnbull said, and it is unlikely either side will blink anytime soon.
“We have boundaries of trust with China, and there’s nothing wrong with that, but what we’ve got to do is focus on the areas where we do have a level of trust,” said Turnbull, who as prime minister banned Huawei from bidding to install Australia’s 5G network.
“If I say I don’t trust you enough to not misuse a capability that you would have if you built our 5G network, you are not going to persuade me by then beating me up in a whole lot of other areas,” he said.
Recently, China launched another diplomatic offensive against Taiwan, improperly linking its “one China principle” with UN General Assembly Resolution 2758 to constrain Taiwan’s diplomatic space. After Taiwan’s presidential election on Jan. 13, China persuaded Nauru to sever diplomatic ties with Taiwan. Nauru cited Resolution 2758 in its declaration of the diplomatic break. Subsequently, during the WHO Executive Board meeting that month, Beijing rallied countries including Venezuela, Zimbabwe, Belarus, Egypt, Nicaragua, Sri Lanka, Laos, Russia, Syria and Pakistan to reiterate the “one China principle” in their statements, and assert that “Resolution 2758 has settled the status of Taiwan” to hinder Taiwan’s
Can US dialogue and cooperation with the communist dictatorship in Beijing help avert a Taiwan Strait crisis? Or is US President Joe Biden playing into Chinese President Xi Jinping’s (習近平) hands? With America preoccupied with the wars in Europe and the Middle East, Biden is seeking better relations with Xi’s regime. The goal is to responsibly manage US-China competition and prevent unintended conflict, thereby hoping to create greater space for the two countries to work together in areas where their interests align. The existing wars have already stretched US military resources thin, and the last thing Biden wants is yet another war.
As Maldivian President Mohamed Muizzu’s party won by a landslide in Sunday’s parliamentary election, it is a good time to take another look at recent developments in the Maldivian foreign policy. While Muizzu has been promoting his “Maldives First” policy, the agenda seems to have lost sight of a number of factors. Contemporary Maldivian policy serves as a stark illustration of how a blend of missteps in public posturing, populist agendas and inattentive leadership can lead to diplomatic setbacks and damage a country’s long-term foreign policy priorities. Over the past few months, Maldivian foreign policy has entangled itself in playing
A group of Chinese Nationalist Party (KMT) lawmakers led by the party’s legislative caucus whip Fu Kun-chi (?) are to visit Beijing for four days this week, but some have questioned the timing and purpose of the visit, which demonstrates the KMT caucus’ increasing arrogance. Fu on Wednesday last week confirmed that following an invitation by Beijing, he would lead a group of lawmakers to China from Thursday to Sunday to discuss tourism and agricultural exports, but he refused to say whether they would meet with Chinese officials. That the visit is taking place during the legislative session and in the aftermath