ABC fingers China over cyber attacks

The ABC's Four Corners program has aired an investigation in which it claimed that the IT systems of Rio Tinto, BHP Billiton and Fortescue Metals were all hacked in attacks originating in China in the lead up to the sentencing of former Rio Tinto mining executive, Stern Hu.

In a documentary titled 'Chinese Whispers' - aired last night by journalist Marian Wilkinson - sources from within all three iron ore companies claimed that their IT systems were hacked, none willing to go on the record.

All three companies were alleged to have upgraded IT security in response to the attacks.

Rio Tinto had reportedly discovered that an intruder launched a hacking attack which impacted Rio's Perth office and forced it to "take its Singapore office offline for three days to upgrade security" during the Stern Hu arrest.

Fortescue, meanwhile, had reportedly uncovered "sophisticated" attacks on its network targeting key employees, resulting in a "serious upgrade" to IT security and a set of new policies for employees travelling to and working from China.

Executives travelling to China are told to remove their Blackberry's battery to prevent interception, to encrypt all communication and not take laptops with sensitive data into the country.

The ABC was unable to speak to any Rio Tinto, BHP or Fortescue Metals staff on the record to verify the allegations. 

The documentary nonetheless linked these attacks with allegations of attacks on companies such as Google sourced from within China, the subject of intense scrutiny in the American press and Congress.

The Australian Government would also not comment, the ABC said, so as not to impact its lucrative trade with China.

The program was told that it was "a long standing practice for the Australian Government not to comment on matters of intelligence and security."

The program was also unable to pinpoint where in China the alleged attacks came from and therefore had no evidence of whether the Chinese State was involved.

But implications were ever present - with academics interviewed on the program levelling that the Chinese Government "has seen opportunities to improve its competitive advantage" in both the commercial and political spheres under a "conscious strategic policy."

Former ICANN chief Paul Twomey was interviewed and said that the finger can be pointed at those parties that would gain the most from the attack, suggesting that the Chinese Government is able to achieve results via the promotion of "Chinese national champion companies".

Daniel Slane, chairman of the US-China commission alleged that China's People's Liberation Army employs 40,000 - 50,000 hackers within its signals intelligence area, targeting defence agencies and defence contractors in foreign countries. This effort was alleged to have gleaned information on the F-35 fighter jet being developed by the United States with its allies, Slane told Four Corners.

Slane recommended that more companies take Google's approach and make public statements around attacks being levelled at their networks.

Australia's Attorney General Robert McClelland refused to comment for the program, so the ABC fell back to a speech by Defence Minister John Faulkner during the opening of a cyber-security centre in January

"Cyberspace is a battlefield itself," Faulkner said at the time. "Cyber intrusions on Government, critical infrastructure and other networks are a real threat to Australia's national security and national interests."

The Australian Government was said to be updating its IT security systems and briefing Australian businesses on an ad hoc basis "quietly" - and that its concerns are not being made public because of "sensitivities in its relationship with China."

Professor Alan Dupont of Internet Security Studies at Sydney University told the program that the "Australian Government is going to have to do something."

"The Australian Government has been quite silent on this and I think the time has really come for Australia to actually start upping the ante and having some serious discussion with China about this," he told the program.

Have your systems been compromised in attacks originating from China? Contact us.