โBy targeting US telco networks, Salt Typhoon has enabled Chinaโs Ministry of State Security to take over the lawful intercept capabilities that governments compel telcos to have,โ MacGibbon said. โThis means that the MSS can see and listen to highly sensitive interception and surveillance data meant for law enforcement and security agencies.โ
MacGibbon said one of the most concerning aspects for security professionals was how difficult such state-backed campaigns were to identify.
For decades, China has used for-hire hackers to break into computer networks and systems.Credit: Fairfax Media
Unlike ransomware gangs, nation-state actors employ so-called โliving off the landโ techniques that exploit legitimate, built-in tools within a victimโs own systems rather than deploying malware that might trigger security alerts.
โThese stealthy techniques can bypass traditional security tripwires and are much harder to detect,โ MacGibbon said. CyberCXโs most recent threat report found that espionage incidents take on average about 400 days to detect, compared to just over three weeks for financially motivated attacks perpetrated by cybercriminals.
For businesses, the stakes extend beyond espionage. Jake Hense, a research analyst at American Century, noted that cybersecurity had become fundamental to assessing whether a business can survive long-term, a factor the US Securities and Exchange Commission now requires companies to address in their disclosures.
โA sustainable business must be able to address risks, including cyberthreats that could significantly impact its ability to conduct day-to-day business,โ Hense said.
Lieutenant General Susan Coyle, Chief of Joint Capabilities, Australian Defence Force.Credit: Oscar Colman
The warning follows MacGibbonโs appearance at The Australian Financial Review Cyber Summit in September, where he cautioned that Chinese-made electric vehicles and connected devices posed similar risks as potential surveillance and disruption tools.
Lieutenant General Susan Coyle, who leads Defenceโs cyber and space operations, told the same summit that Australia was effectively already fighting in cyberspace.
โI would be naive to get up here and tell you that weโre not in conflict in the cyber domain now,โ Coyle said. โOur ships will not sail, our planes will not fly, and our missiles will miss targets if we donโt get the cyber domain right.โ
Loading
MacGibbon said Five Eyes agencies were โvery alive to the riskโ and regularly publishing joint advisories with practical guidance for critical infrastructure organisations, including reviewing network device logs for unexpected activity and employing robust change management processes.
China has consistently denied involvement in Salt Typhoon, with a spokesperson for the Chinese Embassy in Washington claiming the US intelligence community was โspreading disinformation.โ
The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.
