Cunning Australian computer networks were successfully breached by Chinese cyberspies in their attempt to acquire private data in support of Beijing’s militarization of the South China Sea.
The spies, who were connected to China’s Ministry of State Security, launched a phony media outlet in order to gather information from Australian employees in the government, energy, defense, and health sectors.
Before the May federal election, a series of emails from a self-described “humble” new website named the “Australian Morning News” asked users to click on a link that would violate their privacy and infect their systems with malware.
Cunning Chinese cyber spies have successfully infiltrated Australian computer systems in a bid to steal sensitive information to aid Beijing’s militarisation of the South China Sea (stock image)
Pictured: Chinese navy sailors march at Tiananmen Square in October, 2019
On closer scrutiny, it was discovered that the website had copied articles, images, and headlines from well-known mastheads.
On April 8, 2022, the domain name was initially registered under the fictitious name “Florence Gourley.”
In the three months leading up to the 2022 election, the hackers targeted Australia, breaking into systems not just there but also in Europe and Malaysia.
However, according to The Australian, the organization was identified by the American cyber security company Proofpoint and PwC Threat Intelligence.
Sherrod DeGrippo, vice-president of threat research and detection at Proofpoint, said the Red Ladon hackers were persistent
The government-backed cyber attackers were from a group called Red Ladon, or TA423, and were likely the same group of Chinese spies responsible for a similar attack on Australia two years ago.
Scott Morrison shocked the nation by outlining how un-named ‘state-actors’ had targeted banks, universities, hospitals, transport networks, electricity grids, and the military, as part of a lengthy cyber-warfare campaign in June, 2020.
Insiders at the time claimed the cyber invasion was payback for Australia’s decision to ban Chinese state firm Huawei from the national 5G network in 2018 over national security concerns.
Between April and June this year, hackers also targeted companies involved with the operations of energy generators in the South China Sea – where the authoritarian power is creating man-made islands in contravention of International law.
Sherrod DeGrippo, vice-president of threat research and detection at Proofpoint, said the Red Ladon spies were particularly ‘cunning and persistent’.
In the weeks leading up to the May federal election, a series of emails from Beijing asked recipients to click on a link that would infect their computers with malware and jeopardize their privacy. The emails came from the self-described “humble” Australian Morning News website (pictured).
Pictured: Chinese President Xi Jinping and Australian Prime Minister Anthony Albanese
She told The Australian that “they back the Chinese government on areas relating to the South China Sea, notably during the current difficulties in Taiwan.”
As China grows more assertive in the area, Ms. DeGrippo thinks the organization is especially interested in naval matters in the disputed sea domain and has intensified attempts to get sensitive information.
According to Proofpoint, the hackers used emails with subject lines like “sick leave” and “user study” to gain access to computer systems and concentrated most of their efforts on international firms that ran wind turbines in the South China Sea.
In reaction to political developments in the Asia-Pacific area, with an emphasis on the South China Sea, the threat actor TA423/Red Ladon, who is located in China, has been active since 2013, according to Proofpoint.
Defense contractors, producers, academic institutions, government organizations, law firms representing parties in diplomatic issues, and foreign enterprises engaged in Australasian policy or South China Sea activities are among the “targeted organizations.”
Between April and June, the cyber hackers targeted local and federal government agencies under the guise of ‘Australian Morning News’ (pictured Chinese troops training in Russia)
In 2021, former Prime Minister Scott Morrison said China was to blame for a series of assaults that were subsequently denounced in a joint declaration by the US, UK, EU, New Zealand, Canada, and NATO.
When Mr. Morrison’s administration demanded an impartial investigation into the causes of the coronavirus outbreak in April 2020, Communist Party leaders were incensed.
A number of arbitrary prohibitions and levies on important Australian exports, such as barley, wine, cattle, cotton, seafood, coal, and timber, were imposed in response to the request for openness.
According to intelligence sources, Beijing’s strategy to coerce or blackmail Australia as trade tensions escalate included the prior significant cyberattack on the Australian parliament last year.