The Australian Government and industry have been warned to increase their cyber defences against China-backed hackers, who are using common office equipment to gain network access. 

In an alert released by the US Cybersecurity & Infrastructure Security Agency (CISA), the United States’ allied governments are being warned that China state-sponsored cyber actors are targeting major global telecommunications companies and network service providers. 

Aside from this, publicly identified security vulnerabilities, also known as common vulnerabilities and exposures (CVEs), that are associated with network devices are still being routinely exploited by China’s actors since 2020. 

According to the alert, hackers usually hackers identify critical users and infrastructure that controls authentication, authorisation and accounting after gaining an initial foothold within the system.  

Once armed with valid accounts and credentials, the state-sponsored cyber experts then return and attack the network. 

The CISA alert stated that China-backed hackers often use publicly available network tools to “blend into the noise or normal activity” of government and business networks. 

This enables them to exploit broadband routers used in many offices, including equipment from major industry providers such as Cisco, Fortinet, and MikroTik. 

Following this, CISA advises partner governments to enact the following practices to ensure protection from China-sponsored cyber attacks: 

• Keep systems and products updated and patched. 
• Implement a centralised, automated patch management system. 
• Enforce multi-factor authentication for all users, without exception. 
• Implement and enforce strict password requirements. 
• Disable unnecessary ports and protocols. 
• Replace old equipment. 

This announcement is timely after Australian news organization Media Today experienced a cyber attack early in the hours of June 4. Users of the Chinese-language media platform received authentication texts after over 20 million attempts were made to reset their passwords. 

The attack was said to have originated from IP addresses in the US, Canada and Hong Kong and was executed against the platform’s registration system. Media Today reassured the public that no personal information was leaked and that they had reported the cyber attack to the police. 

Media Today’s cyber attack is just the latest incident faced by Australian organisations within the cyber space. Cyber attacks against the country have been on the rise, with the financial and healthcare sectors being the most affected.  

Urged by the United States Government to strengthen the nation’s cyber defences, the Australian Government has been updating its cybersecurity frameworks and policies to strengthen its resilience against cyber attacks. Labor has even appointed a new Cybersecurity Minister, separating the government’s cyber security portfolio from that of the Home Affairs.  

With AAP

Eliza Sayon

Website | + posts

Eliza is a content producer and editor at Public Spectrum. She is an experienced writer on topics related to the government and to the public, as well as stories that uplift and improve the community.

• Developing an effective data ecosystem
• The journey of building an ecosystem through data
• NZ government strengthens data privacy laws against third parties
• eSafety Commissioner issues legal notice against Twitter