- Exclusive
- Technology
- Information security
This was published 6 years ago
Australian IT link in Chinese hack of jet companies
By Nick McKenzie & Angus Grigg
An Australian IT company is at the centre of a major hacking case in which United States authorities have accused China of using compromised domain names to steal sophisticated aviation technology.
The technology was then used to advance China's domestic aviation industry, the US Justice Department indictment claims.
According to the indictment, Chinese hackers penetrated the computer systems of an "Australian domain name registrar", named only as "Company L" as part of a broader plan to enable the hackers to access computer systems at aviation companies in the United States and Europe.
Under direction from the Chinese Ministry of State Security, the hackers are accused of either creating fake domain names or redirecting existing domain names to malicious addresses.
"Members of the conspiracy hacked into protected computers," the indictment alleges.
It suggests the Australian domain name registrar was used as a back door into the aviation companies' systems during a hacking operation which lasted for five years until 2015.
The case forms part of Washington's escalating trade war with Beijing. Along with higher tariffs on Chinese goods, the US is seeking to stop the theft of US intellectual property by agencies such as the Ministry of State Security.
In announcing criminal charges against 10 Chinese spies, hackers and others on October 30th, US Assistant Attorney General John Demers said, "this is just the beginning".
"We will redouble our efforts to safeguard America's ingenuity and investment," he said.
It is the third time since September that hacking charges have been laid against Chinese intelligence officers and those associated with them.
The ASX-listed Arq Group, previously known as Melbourne IT, which is among the world's largest domain name registrars said via a spokesperson it had never been contacted by the Justice Department in regards to this case. The spokesperson noted there are around 30 domain name registrars in Australia.
The indictment said an unidentified domain name registrar had been "compromised" and domains diverted to malicious IP addresses. In other cases, fake email addresses and domain names were registered with the aim of facilitating spear phishing attacks, which can lead to the installation of malware on a system.
The target was a French company working in partnership with US companies to develop jet engine technology for commercial airlines. The hacking of these companies coincided with efforts by a Chinese state-owned company to develop a similar engine for its own jetliner.
Under the Trump Administration, the US has been increasingly prepared to call out instance of Chinese intellectual property theft.
On October 25, Assistant Secretary of State Christopher Ford warned China was "engaged in a state-led, industrial-policy-based, whole-of-nation competitive strategy that revolves in crucial ways around the acquisition of sensitive foreign technologies by any, and every, possible means."
"This effort takes advantage of open economies to attempt to ensure China's ability to rely on itself as a source of critical technologies," Dr Ford said.
"All of these dynamics in turn raise serious questions about China's strategic intentions – especially in light of China's own strategic writings about how it is acquiring and diverting such technologies to military applications."
Australian officials have taken a more low-key approach, preferring to highlight general cyber security threats.
In a speech on Monday night Mike Burgess, the director general of the Australia Signals Directorate said over the [ast year his agency had discovered sophisticated cyber threats affecting Australian interests.
"We have identified and dealt with hackers on government networks, across the private sector through to academia. Without our efforts, these threats would have certainly been left unchecked and caused major damage to Australian interests," he said.
- Fairfax Media is investigating cyber hacking incidents in corporate Australia. Tip off our team confidentially via this secure online system.