Senator Sam Dastyari arrives to deliver a statement to the Senate, at Parliament House in Canberra on Thursday 30 November 2017. fedpol Photo: Alex EllinghausenIntelligence activity by foreign nations is probably at an all-time high in Australia. Most of the time it is low-profile; the main effort is hacking public and private electronic systems, and phishing for data.
The collected data is used in various ways: to gain an understanding of national security systems and capabilities; to further the collector’s strategic, political and economic interests; and to pressure people of interest.
The most active foreign intelligence actor in Australia is China. The espionage of China’s Ministry of State Security is directed mainly at preserving and enhancing China’s national security by collecting commercial, technological and military data, and identifying zero-day cyber-attack vulnerabilities. The Public Sector Informant: latest issue
Australian defence-related programs that China has hacked include the F-35 joint strike fighter, the P-8 Poseidon electronic surveillance aircraft, and joint direct attack munitions (kits that allow bombs to be guided). Chinese hackers have also penetrated federal government departments and agencies, apparently to collect data and gain a better understanding of our operating systems.
Australia does not name and shame foreign hackers, but the United States has a more robust approach. On November 27, it unsealed an indictment against three named people in China, for computer hacking, theft of trade secrets, conspiracy, and identity theft from US financial, engineering and technology industries. The three Chinese work for internet security firm “Guangzhou Bo Yu Information Technology Company Limited” (Boyusec). Boyusec, APT3 and Gothic Panda are all hacking organisations linked to China’s Ministry of States Security.
The ministry also monitors the Australian activities of Tibetan and Chinese dissidents, while some Chinese students are pressured to report on fellow Chinese students.
The 1.3 million ethnic-Chinese Australian community is also subject to monitoring. This has been the case at least since the 1989 Tiananmen massacre, when about 2000 students died (by our intelligence estimate), after which prime minister Bob Hawke allowed 42,000 Chinese students to stay in Australia.
China’s economic cyber-espionage has allowed it to shortcut years of research and produce items more cheaply and often more quickly than the organisations funding the research. On trade, Chinese companies often know their Australian trading partners’ negotiating parameters before negotiations take place. This allows them to secure advantageous trade deals.
Chinese diplomat Chen Yonglin, who defected in Sydney in 2005, said China had more than 1000 agents operating in Australia. Their main activity is collecting unclassified data of interest that is not in the public domain – such as scientific papers, and commercial and government documents.
The ministry may also pressure or pay well-placed Chinese-Australians to provide information to help China – and help family members in China. Conversely, anyone who is unprepared to cooperate can expect relatives in China to be disadvantaged.
As China becomes more powerful and influential, Chinese-Australians will come under greater pressure to cooperate.
China is sometimes prepared to risk using human agents to gain access when cyber-penetration fails. This commonly takes the form of illegal access through tailgating, cleaning contractors and so on. The aim of an illegal entry is usually to gain on-site access to a company’s computer network to extract data and plant malware or spyware.
We don’t publicise such cases but, again, the US does. For example, on August 28, there was an attempted penetration of American surgical products company Medrobotics. The chief executive asked a Chinese man, who was using three electronic devices in the headquarters’ conference room, what he was doing there at 7.30pm. Unfortunately for the trespasser, he said he was there to meet the chief executive. He was arrested and is now being tried for attempted theft of trade secrets.
Another Chinese ploy is to gain visitor access and to seek briefings and research samples from naive Australian companies by dangling lucrative contracts. The contracts never eventuate because the items end up being reverse-engineered in China.
The internal threat also extends to disaffected or bribable Australian employees and contractors. The better a target organisation’s cyber-security, the more likely that pressure will be placed on insiders to provide remote login information and so on. Traditional levers include sex, cash, benefits or exploiting disenchantment.
Like other intelligence organisations, China’s also work towards having well-placed sleeper agents in key positions. The most common method China uses to influence our political process is via “agents of influence”. Some of these agents are dual citizens of China and Australia. Their aim is to bribe current and past politicians to support China’s interests, sometimes to the detriment of Australia’s.
The bribes can take many forms: payment of debts, subsidised travel to China, political donations and even paying substantial amounts of money for “soft consultancies” or minimal support for other issues. Leading politicians and power brokers from both our main parties have, in the past, been prepared to accept China’s largesse; some more blatantly than others.
Indeed, our federal parliamentarians have often been guilty of lapses of integrity that would simply not be tolerated of federal public servants.
The simple rule of integrity for current and past politicians, and particularly former prime ministers and ministers, is that they should not accept foreign benefits – no matter what the source – when the obvious intention is to influence or undermine Australian government policy.
Charles Wallace is a former Australian intelligence officer.
This story Administrator ready to work first appeared on Nanjing Night Net.