iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Until this point, the senators and MPs affected had been kept in the dark.
A number of Australian senators and members of parliament (MPs) have confirmed that they were targeted in a 2021 attack conducted by Chinese state-sponsored hackers, despite Australian authorities failing to notify them of the incident after finding out almost three years ago.
Chinese state-sponsored hacking group APT31 launched an attack on the Inter-Parliamentary Alliance on China (IPAC) in 2021, sending a number of pixel tracking emails to high-profile politicians, including shadow cyber security and home affairs minister James Paterson.
“APT31 sent a large number of pixel tracking emails to the parliamentary emails of Australian MPs and senators from a domain masquerading as a news outlet,” the affected IPAC members said in a statement.
“The apparent intention was to garner sufficient information to mount more sophisticated follow-on attacks, escalating in severity.”
As reported by The Nightly yesterday (6 May), the FBI notified Australian agencies in mid-2021 that the breach had occurred, and again in June 2022, adding that APT31 was behind the breach. However, the agencies did not inform the government or the affected MPs.
Twenty MPs who were members of IPAC only found out in April, when the US issued an indictment against seven APT31 hackers.
“Last week, we were made aware that at least six Australian legislators were targeted by the PRC state-controlled hacking group APT31 in January 2021,” the Australian IPAC members said.
“Those targeted included Senator James Paterson, Senator Claire Chandler, Senator Alex Antic, David Smith MP, Daniel Mulino MP, and Tim Wilson MP.”
“While we have no evidence to suggest that these attacks were successful in Australia, it is now undeniable that Australian legislators were targeted by a foreign power in an unacceptable attempted infringement of Australian sovereignty.
“We were not informed by Australian agencies at any time since 2021 about this targeting.”
The targeted IPAC members added that as the attack was not on any single party or House of Parliament, but on a number of MPs who have “dared to exercise their legitimate democratic right to criticise Beijing”, the attack was on Australian Parliament “as a whole and demands a robust and proportionate response”.
Both the US and the UK have imposed sanctions on APT31 and actors connected to the group in the past, as they did in March 2024 for a cyber espionage campaign on UK parliamentarians and US senators.
Australia and New Zealand both joined the US and UK in attributing the attacks to APT31.
“The Australian government joins the United Kingdom and other international partners in expressing serious concerns about malicious cyber activities by China state-backed actors targeting UK democratic institutions and parliamentarians,” a joint statement by Cyber Security Minister Clare O’Neil and Foreign Minister Penny Wong said.
“The persistent targeting of democratic institutions and processes has implications for democratic and open societies like Australia. This behaviour is unacceptable and must stop.
“Australia calls on all states to act responsibly in cyber space.”
Additionally, Paterson called for Australia to join the US and UK in imposing sanctions on APT31 back in March.
“Now I’ve just seen … that the Foreign Minister has issued a statement of rhetorical support for that. But the question that Penny Wong needs to answer today is, will she use the powers under the Magnitsky legislation that the Parliament gave her, to also join our allies in sanctioning these individuals so there is real costs and real consequences for their behaviour?” he said.
For context, the Magnitsky legislation refers to laws that allow the introduction of sanctions on nations that have committed human rights violations or corruptive activity.
“It is shockingly malign behaviour to attack members of parliament and to attack electoral systems in democracies,” Paterson said.
“That is not the act of a friend. And yet it appears that Chinese state-sponsored hackers have been doing that in the case of the UK and New Zealand.
“It wouldn’t shock me at all to learn that they had done the same here in Australia, although that has not been publicly announced today.”
Be the first to hear the latest developments in the cyber industry.
