Australian intelligence has determined China was responsible for a cyber-attack on Parliament and three largest political parties before the general election in May, five people with direct knowledge of the matter have told Reuters.
Australia’s cyber intelligence agency – the Australian Signals Directorate – concluded in March that China’s Ministry of State Security was responsible for the attack, the five people with direct knowledge of the findings of the investigation told Reuters.
The sources declined to be identified due to the sensitivity of the issue. Reuters has not reviewed the classified report.
The report, which also included input from the Department of Foreign Affairs, recommended keeping the findings secret to avoid disrupting trade relations with Beijing, two of the people said.
The Australian government has not disclosed who it believes was behind the attack, nor any details of the report.
EXCLUSIVE: Australia determined that China was responsible for a cyber-attack on its national parliament and three largest political parties, but decided not to go public with the findings. More here: https://t.co/1bmllW7qLp by @Colpackham pic.twitter.com/5m2pTPZrfY
— Reuters Top News (@Reuters) September 15, 2019
In response to questions from Reuters, Prime Minister Scott Morrison’s office declined to comment on the attack, the report’s findings or whether Australia had privately raised the hack with China. The ASD also declined to comment.
China’s Foreign Ministry denied involvement in any sort of hacking attacks and said the internet was full of theories that were hard to trace.
“When investigating and determining the nature of online incidents there must be full proof of the facts, otherwise it’s just creating rumours and smearing others, pinning labels on people indiscriminately. We would like to stress that China is also a victim of internet attacks,” the ministry told Reuters.
“China hopes that Australia can meet China halfway, and do more to benefit mutual trust and cooperation between the two countries.”
China is Australia’s largest trading partner, dominating the purchase of Australian iron ore, coal and agricultural goods, buying more than one-third of the country’s total exports and sending more than a million tourists and students there each year.
Australian authorities felt there was a “very real prospect of damaging the economy” if it were to publicly accuse China over the attack, one of the people said.
Australia in February revealed hackers had breached the network of the national parliament.
Mr Morrison said at the time that the attack was “sophisticated” and probably carried out by a foreign government. He did not name any government suspected of being involved.
When the hack was discovered, Australian politicians and their staff were told by the Speaker of the House of Representatives and the President of the Senate to urgently change their passwords, according to a parliamentary statement at the time.
The ASD investigation quickly established that the hackers had also accessed the networks of the Liberal Party, its coalition partner the Nationals, and the opposition Labor Party, two of the sources said.
The ALP did not respond to a request for comment.
The attack on the political parties gave the perpetrators access to policy papers on topics such as tax and foreign policy, and private email correspondence between MPs, their staff and other citizens, two sources said.
Independent members of parliament and other political parties were not affected, one of those sources said.
Australian investigators found the attacker used code and techniques known to have been used by China in the past, according to the two sources.
Australian intelligence also determined that the country’s political parties were a target of Beijing spying, they added, without specifying any other incidents.
The attackers used sophisticated techniques to try to conceal their access and their identity, one of the people said, without providing details.
The findings were also shared with at least two allies, the US and Britain, four people familiar with the investigation said.
Britain sent a small team of cyber experts to Canberra to help investigate the attack, three of those people said.
The US and Britain both declined to comment.