Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

China denies hacking the Pacific Islands Forum earlier this year

According to reports by the ABC, Chinese state-backed hackers were detected in the Forum Secretariat’s network in February.

user icon David Hollingworth
Fri, 13 Sep 2024
China denies hacking the Pacific Islands Forum earlier this year
expand image

The Pacific Islands Forum Secretariat was targeted by a Chinese cyber attack characterised as “extensive”, according to an individual close to the incident.

The ABC reported yesterday (12 September) that it had been told – but not by whom – that the attack was detected in February 2024, though the compromise of the secretariat’s network had likely been ongoing for some time.

The hackers were reported to have been monitoring communications between Pacific Island Forum members and gathering information on the Suva-based secretariat itself.

============
============

The compromise was so extensive that the Australian government dispatched cyber security experts to remediate the incident, which took time, but the hackers have so far been repelled.

According to an analysis by the Australian Cyber Security Centre (ACSC) reported to the ABC, the incident was attributed to Chinese state-backed threat actors.

Cyber Daily has contacted the ACSC for further comment.

China, however, is referring to the ABC’s report as “fake news”.

“The Chinese embassy in Fiji noticed the ABC News saying ‘Chinese state-backed hackers attack Pacific Islands Forum’. This is purely a made-up story and has no basis at all. China regrets this and hereby makes the following clarifications,” a spokesperson for the Chinese embassy in Fiji released late 12 September.

“China firmly opposes the practice of politicising cyber security issues, accusing other countries without evidence, and wantonly associating cyber attacks with the government of any country.

“China is a major victim of cyber attacks. We have been resolute in combating all kinds of malign cyber activities in accordance with law, and never encourage, support or condone cyber attacks.”

China said that it respected cyber sovereignty, as other countries should, and that it rejected “the use of information and communications technology to jeopardise critical infrastructure or steal important data of other countries, or conduct activities that undermine their national security and public interest”.

“We urge the relevant media outlet to respect facts and abide by principles such as objectivity, impartiality and professionalism, avoid making a presumption of China’s guilt without verifying the facts, and stop spreading disinformation that misleads public opinion and smears China,” the embassy spokesperson said.

Rik Ferguson, vice president of security intelligence with cyber security firm Forescout, has made a career out of studying Chinese hacking and is certain of the scope and reach of state-based hackers.

“Chinese protagonists target not only foreign governments but also associated NGOs, military, services, and industrial sectors,” Ferguson told Cyber Daily.

“It is definitely fair to say that the number, scope and scale [have] been increasing over time, with several new threat actor groups emerging over the last 10 years, but the rate of acceleration in this decade is not markedly different to the previous one. Meaning – these capabilities are already highly mature and highly organised.”

Ferguson also said that while sanctions and regulations are essential in fighting Chinese cyber aggression, there’s still work to be done by everyone in the firing line.

“Network and device security is crucial in protecting sensitive data, maintaining operational integrity, and ensuring the continuity of services, and that all starts with visibility,” Ferguson said.

“Organisations need a dynamic, accurate picture of everything that connects to their network and a means of effectively evaluating the risk profile of each connected asset.”

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.