NewsBite

CIA believes China pressured WHO to delay life-saving coronavirus warnings

The CIA has joined the chorus of voices around the world accusing the World Health Organisation of bowing to pressure from China to delay COVID warnings.

China and COVID-19: "They lied to us and we're going to make them pay"

The CIA has backed international claims that China heavied the World Health Organisation to hold off on issuing COVID-19 warnings, accusing the communist state of using the delay to hoard vital medical equipment.

According to a new report, the CIA believes China threatened the WHO, saying Beijing would stop working with them if the agency declared a global health emergency.

The alleged pressure in January enabled China to stockpile crucial medical equipment while the coronavirus - which started in Wuhan late last year - spread around the world, reports Newsweek.

World Health Organization director general Tedros Adhanom shakes hands with Chinese President Xi Jinping. Picture: AFP
World Health Organization director general Tedros Adhanom shakes hands with Chinese President Xi Jinping. Picture: AFP

President Donald Trump has branded the WHO a tool of “Chinese propaganda” and suspended US funding for the UN agency.

Mr Trump says there is enough evidence China misled the rest of the world about the nature of the outbreak while Secretary of State Mike Pompeo accused Beijing of withholding samples of Covid-19 from other countries, The Sun reports.

Two US intelligence sources confirmed the contents of the CIA report, U.N.-China: WHO Mindful But Not Beholden to China.

WHO boss Tedros Adhanom bends his knee as he is greeted by Xi Jinping. Picture: AFP
WHO boss Tedros Adhanom bends his knee as he is greeted by Xi Jinping. Picture: AFP

WHO DENIES CLAIMS

WHO has strongly denied the ongoing claims that it did China’s bidding and delayed declaring a crisis, calling them “unfounded and untrue”.

According to the New York Post, the January 21 conversation between Jinping and WHO leader Tedros Adhanom Ghebreyesus was reported in Der Spiegel, which cited intelligence from Germany’s federal intelligence service, known as the Bundesnachrichtendienst (BND).

The report published over the weekend said Xi urged the WHO chief to “delay a global warning” about the pandemic and hold back information on human-to-human transmission of the virus.

Chinese President Xi Jinping allegedly pressured WHO to not warn the world about the threat of coronavirus. Picture: AFP
Chinese President Xi Jinping allegedly pressured WHO to not warn the world about the threat of coronavirus. Picture: AFP

The BND estimated that China’s action to conceal information resulted in a loss of four to six weeks in the fight against COVID-19.

WHO hit back at the allegations in a statement.

“Dr. Tedros and President Xi did not speak on January 21 and they have never spoken by phone. Such inaccurate reports distract and detract from WHO’s and the world’s efforts to end the COVID-19 pandemic,” the statement read.

WHO continued to say China confirmed human-to-human transmission to the UN health agency on Jan. 20 and the WHO “publicly declared” two days later that “data collected … suggests that human-to-human transmission is taking place in Wuhan.”

US President Donald Trump has blasted China for holding back critical information about the virus to the world, including failing to accurately report the number of cases.

He also ripped the WHO for being a “pipe organ” for the Chinese Communist Party.

He told reporters at the White House last month, “We knew things that they didn’t know, and either they didn’t know they didn’t tell us … right now, they’re literally a pipe organ for China, that’s the way I view it.”

The president has frozen US payments to the WHO pending investigations by the intelligence community into the UN agency’s relationship with China.

WHY IT’S CRITICAL TO KNOW COVID-19 ORIGINS

The highly infectious nature of COVID-19 compared to similar viruses is one of the reasons it’s critical the source of the disease is found, says Australia’s top health official.

Australia’s Chief Medical Officer Professor Brendan Murphy said from a health point of view it was important to understand how the virus became “so readily transmitted from human to human”.

“We want to understand what animal that came from,” he said.

“There is likely to have been an intermediate host, from a bat to another animal into humans.

“How it mutated, so that you could spread across humans.”

Australia's Chief Medical Officer Brendan Murphy says its critical the source of the coronavirus is found. Picture: Getty Images
Australia's Chief Medical Officer Brendan Murphy says its critical the source of the coronavirus is found. Picture: Getty Images

Prof Murphy said the COVID-19 pandemic took hold much faster than previous zoonotic viruses including the avian flu, SARS and MERS.

“Almost none of them developed this capacity to spread rapidly from human to human like coronavirus,” he said.

Prof Murphy said everyone wanted to know what “each and every country” could have down better to stop this widespread pandemic.

He said Australia had received a lot of medical information about COVID-19 from China.

“The Chinese medical and scientific community has been readily sharing information and collaborating scientifically over the last few months,” he said.

“I think they will continue to do so, they are reporting to the WHO, as are we, and the WHO is going to do this scientific investigation and I hope it becomes a scientific and health -based investigation looking at lessons to be learned.”

CHINA’S NEW ‘DEEPLY CONCERNING’ THREAT AGAINST AUSTRALIA

Trade Minister Simon Birmingham is “deeply concerned” by China threatening to slap a tariff on Australian barley imports, saying there is “no justification”.

He said the government is working with the Australian grains industry to mount the strongest possible case against China’s 18-month anti-dumping investigation.

“Every country has a right to apply tariffs in relation to matters of dumping,” Senator Birmingham told reporters in Canberra on Sunday.

“But we are quite clear and firm in our view that there is no justification to find that Australia’s farmers and barley producers are subsidised or are dumping their product in such ways.”

Western Australian Agriculture Minister Alannah MacTiernan said a tariff would be a “major blow” to farmers in her state as they provide 88 per cent of barley exports to China.

“The Western Australian Government has always maintained good relationships with China as our major trading partner, and we will be making direct contact with the Chinese Consul General on the matter,” she said in a statement.

Trade Minister Simon Birmingham is “deeply concerned” by China threatening to slap a tariff on Australian barley imports, saying there is “no justification”. Picture: AAP
Trade Minister Simon Birmingham is “deeply concerned” by China threatening to slap a tariff on Australian barley imports, saying there is “no justification”. Picture: AAP

The reports come at a time of heightened tensions between Australia and China over the coronavirus pandemic.

The Morrison government has been calling for an inquiry into the origin of COVID-19 for some weeks to better understand how the virus started in Wuhan, China to be able to counter such pandemics in the future.

As such, Health Minister Greg Hunt says the government supports a European Union motion for an independent investigation.

“We support the EU motion which includes an independent investigation, regulatory work on wet markets and also the potential for independent inspection powers,” Mr Hunt told Sky News.

But such an examination has already sparked a harsh response from Australia’s number one trading partner, and further undermining a sometimes fragile partnership between the two countries.

Meanwhile, Queensland’s The Sunday Mail newspaper reports a federal parliamentary committee intends to summon China’s ambassador to give evidence and explain why China has “economically threatened” Australia before and after the coronavirus outbreak.

The joint parliamentary investigation was set up by maverick Queensland MP George Christensen without the approval of key cabinet ministers. He believes “enough is enough”.

“This inquiry will be the first major look into Communist China’s infiltration of Australia, through rampant foreign investment and export market dominance, Mr Christensen told The Sunday Mail.

WA GOVERNMENT TARGET OF CYBER ATTACK

An inaccurate story about Chinese hackers targeting the Prime Minister’s staff was published by The New York Times without being verified, as the Western Australia government confirms they were targeted.

The US-based media outlet has not apologised to the federal government for failing to seek a comment from Scott Morrison’s office before publishing the claim an email containing a sophisticated “backdoor” virus had been sent to a staff member.

Senior Morrison Government staff are furious at The New York Times’ handling of the debacle, with the story only corrected after they made repeated phone calls and emails late on Thursday night.

The newspaper sent one email to the Department of Foreign Affairs, but never followed up the request or tried to contact the Prime Minister’s Office.

News Corp understands the newspaper tried to blame the source of the story, a report by Israeli security company Check Point Software Technologies, for the mistake, refusing to take responsibility for not seeking verification.

Western Australia Premier Mark McGowan. Picture: AAP
Western Australia Premier Mark McGowan. Picture: AAP

After initially claiming hacking group Naikon APT had targeted the Prime Minister’s office, Check Point’s head of cyberthreat intelligence group Lotem Finkelstein backtracked suggesting another “ministerial” office had received the email.

“I don’t know the Australian Government structure, I can tell you there is West Australia and other states but I know it was a ministerial office, it might not be not federal,” he told News Corp.

Mr Finkelstein later confirmed the cyber attack was not deployed against the federal government.

The New York Times changed their story to name the office of West Australian Premier Mark McGowan as the cyber attack target.

Tonight a spokesman for Mr McGowan said the Department of Premier and Cabinet – not his office – had actually been the target.

“The malicious email referred to in the article was detected by the Department of the Premier and Cabinet’s email security and blocked,” he said.

“The incident was reviewed by the Australian Cyber Security Centre and the Department’s email security system. No further action was necessary.”

The spokesman said the link between the hacking tool and the Chinese military “cannot be verified”.

West Australia’s Department of Premier and Cabinet was the target of a cyber attack. Picture: Supplied
West Australia’s Department of Premier and Cabinet was the target of a cyber attack. Picture: Supplied

The New York Times report said the hacker was able to take over the computer used by an Indonesian diplomat in Canberra, complete a document the diplomat was working on, then send it to the McGowan government staffer.

But the email bounced back because it was initially sent to the wrong address, which “aroused suspicion that something in the original message was fishy”.

A Morrison government spokesman last night categorically ruled out the incident, which company Check Point Software Technologies claimed happened on January 3.

“The Australian Cyber Security­ Centre has engaged with Check Point and confirmed the incident reported by The New York Times did not involve the Prime Minister’s office or the federal government,” the spokesman said.

The New York Times named the target as WA Premier Mark McGowan.

But the Prime Minister’s office­ said the department which manages ICT within the office had not detected any attempted­ attack or bounce-back email.

“The Department of the Prime Minister and Cabinet … has advised that there is no evidence of such an incident,” a spokesman said.

“There are robust­ cyber security arrangements in place to protect (Prime Minister and Cabinet and Prime Minister’s Office) networks.”

The explosive claims come as tensions between Australia and China continue to rise over Beijing’s refusal to co-operate with calls for an inquiry into the origins of the coronavirus.

And an Australian defence expert has warned that China has “industrial-scale” capacity to launch attacks against western governments, with “tens of thousands” of operatives working in cyber espionage.

According to the Times report, an email with a seemingly harmless Word document attached was sent from the Indonesian Embassy in Canberra on January 3 to a member of Mr McGowan’s staff who worked on health and ecological issues.

The Indonesian Embassy in Canberra. Picture: Supplied
The Indonesian Embassy in Canberra. Picture: Supplied

The recipient reportedly knew the supposed sender.

But the attachment contained the Aria-body tool – which had never been detected before.

According to cyber security company Check Point Software Technologies, the hacker using Aria-body was able to take over the computer used by an Indonesian diplomat at the embassy in Canberra.

The hacker, believed to be part of the Naikon group tied to the Chinese military, found a document that the diplomat was working on, completed it and then sent it to the staff member in the WA Premier’s office, armed with the Aria-body tool.

But the hacker made one simple error, sending it to the wrong email address. When the email bounced back with a message saying the email address had not been found, suspicions were aroused and an investigation revealed the attempted attack, Check Point says in a report released today.

If it had succeeded, the hacker would have been able to see what the intended staff member was writing in the Premier’s office, in real time.

WA has particularly strong ties with China through its massive iron ore mining industry, with the vast majority going to the communist nation.

Bulk carriers at Port Hedland, WA, wait to be loaded with iron ore bound for China. Picture: Getty
Bulk carriers at Port Hedland, WA, wait to be loaded with iron ore bound for China. Picture: Getty

Check Point says Aria-body can hack any computer used to open the file in which it was embedded and quickly make the computer obey the hackers’ instructions, such as setting up a secret line of communication to allow data to flow to servers used by the attackers.

According to Check Point, Naikon has also used Aria-body to hack government agencies and state-owned technology companies in Indonesia, the Philippines, Vietnam, Myanmar and Brunei.

“The Naikon group has been running a longstanding operation, during which it has updated its new cyber weapon time and time again, built an extensive offensive infrastructure and worked to penetrate many governments across Asia and the Pacific,” said Lotem Finkelstein, head of the cyberthreat intelligence group at Check Point.

Former Australian defence official Peter Jennings said: “We know that China is probably the single biggest source of cyber espionage coming into Australia by a very long way.

“People sometimes fail to see the industrial-strength capacity that China has to do this on a global scale. We’re talking about tens of thousands of people who are operating in their signals intelligence unit and Ministry of State Security.

Police gather evidence during a raid targeting hackers. Picture: AFP.
Police gather evidence during a raid targeting hackers. Picture: AFP.

“China has both the capacity and a long-demonstrated intent to do this wherever it thinks it can extract useful information.”

Beijing has maintained that it is opposed to cyber attacks of any kind and that the Chinese government and military do not engage in hacking for the theft of trade secrets.

The Times said China’s cyber espionage efforts have shown no sign of relenting globally and may be intensifying as tensions with Australia, the US and other countries have risen over trade, technology and, more recently, disputes over the coronavirus pandemic. Experts say its aim is to steal vast amounts of data from foreign governments and companies.

“This may be different in design, but these attacks all have the same purpose,” said Matthew Brazil, an American former diplomat and author of a new book on Chinese espionage, referring to Aria-body.

Experts warn China has massive capacity to launch cyber attacks. Picture: Supplied
Experts warn China has massive capacity to launch cyber attacks. Picture: Supplied

American cybersecurity company, ThreatConnect, reported in 2015 that Naikon was connected to China’s People’s Liberation Army and appeared to operate as part of the military’s Second Technical Reconnaissance Bureau, Unit 78020, based mainly in the southern city of Kunming.

Naikon is said to be responsible for China’s cyber operations and technological espionage in Southeast Asia and the South China Sea, where Beijing is embroiled in territorial disputes with its neighbours.

A report by the Kaspersky Lab, a Russian cybersecurity company, called the group one of Asia’s most active “advanced persistent threats,” a term that security experts often use to describe state-backed hackers who run long-term campaigns of intrusion.

Since early 2019, according to Check Point, Naikon has bought server space from Alibaba, the Chinese technology company, and registered domain names on GoDaddy, an American web-hosting firm.

Aria-body can attach itself as a parasite to various types of files so that it did not have a set pattern of movement. Its operators could change part of its code remotely, so that after attacking one computer, Aria-body would look different when it breached the next one. Such patterns are often telltale signs for security investigators.

Originally published as CIA believes China pressured WHO to delay life-saving coronavirus warnings

Original URL: https://www.ntnews.com.au/news/chinas-military-accused-of-using-devastating-new-cyberattack-tool-against-an-australian-state-govt-report/news-story/04da68aacf5c5c3aaaf586f0cf114803