US cybersecurity firm Proofpoint revealed that Australian government agencies and businesses had been the focus of a sophisticated year-long espionage effort. A report by Proofpoint says that the hackers go by the names Red Ladon or Leviathan and are intimately associated with the security services of the Chinese government.
Emails sent to victims directed them to fraudulent news websites, where malicious malware was installed on their machines. This code would let hackers access details like the victim’s browser or the kind of device being used. Future hacks would subsequently make use of this information. According to Proofpoint, officials in the Australian government and those employed in the energy, shipbuilding, and financial services industries were the primary targets.
“One of the things that’s surprising is that the threat actor went so far as to create an entire media site scraping news from the BBC to make it appear that its a legitimate website,” VP of Threat Research at Proofpoint, Sherrod DeGrippo, told Euronews. “They created fake people and fake names that sounded Australian and looked very realistic. The amount of work put into the attack to make it seem real indicates the level of sophistication that we would expect by a cyber espionage group sponsored by a country like China,” added DeGrippo.
The Chinese government has not responded to the questions related to this hack. The last several years have seen tensions between Australia and Beijing. Relations deteriorated when Canberra demanded an investigation into the Covid-19 outbreak and barred Chinese tech giant Huawei from the 5G network. Proofpoint is warning the common public that even the data they post online related to their jobs might make them targets for cyberattacks by foreign nations like China.
Sherrod DeGrippo said they might have unique access as IT professionals, which might not feel like a luxury but could benefit an enemy, such as Chinese espionage. Rachel Noble, the director general of the Australian Signals Directorate (ASD), was questioned whether Western nations should call out cyberattacks when they are themselves engaging in online espionage. She answered: “All is fair in love and war and espionage… Of course, we spy on other countries. May the best spy win.”
