• Montane PS Staff

APT10 and "Cloud Hopper"


Welcome to our latest ProSec Blog.


Given the recent media reporting around suspected state sponsored cyber attacks against Australian government and business entities, we though we would compile various pieces of news and information regarding the attacks and identified threat groups - specifically APT10.

What are Advanced Persistent Threats?

An advanced persistent threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time. The intention of an APT attack is usually to monitor network activity and steal data rather than to cause damage to the network or organisation.


APT is a military term adapted into the information security context that refers to attacks carried out by nation-states. APT-related threat enablers (malware, social engineering tactics, and intelligence gathering etc) are created by a group of dedicated in-house personnel using high-end tools and methods not usually employed by cybercriminals or located within normal underground channels - namely the Dark Web.


APT attacks typically target organisations in sectors such as national defence, manufacturing and the financial industry, as those companies deal with high-value information, including intellectual property, military plans, and other data from governments and commercial entities.


Advanced Persistent Threat 10 (APT10)

APT10 is a Chinese cyber espionage group that FireEye has tracked since 2009. They have historically targeted construction and engineering, aerospace, and telecom firms, and governments in the United States, Europe, and Japan.


We believe that the targeting of these industries has been in support of Chinese national security goals, including acquiring valuable military and intelligence information as well as the theft of confidential business data to support Chinese corporations. Read more

Operation Cloud Hopper: What You Need to Know

Security researchers recently uncovered a pervasive cyberespionage campaign by a group known as “APT10” (a.k.a. MenuPass, POTASSIUM, Stone Panda, Red Apollo, and CVNX).


The attacks were leveled against managed IT service providers, which the group used as intermediaries to get their hands on their target’s corporate assets and trade secrets. Read more

China uses the cloud to step up spying on Australian businesses

20 November 2018


China’s peak security agency has directed a surge in cyber attacks on Australian companies over the past year, breaching an agreement struck between Premier Li Keqiang and former Prime Minister Malcolm Turnbull to not steal each other’s commercial secrets.


A Fairfax Media/Nine News investigation has confirmed that China’s Ministry of State Security is responsible for what is known in cyber circles as “Operation Cloud Hopper”, a wave of attacks detected by Australia and its partners in the Five Eyes intelligence sharing alliance. Read more

Chinese spies responsible for surge in cyber hacking

20 November 2018

China's peak security agency has directed a surge in cyber attacks on Australian companies over the past year, breaching an agreement struck between Premier Li Keqiang and former Prime Minister Malcolm Turnbull to not steal each other's commercial secrets.


An investigation by The Australian Financial Review and Nine News has confirmed China's Ministry of State Security (MSS), is responsible for what is known in cyber circles as "Operation Cloud Hopper", a wave of attacks detected by Australia and its partners in the Five Eyes intelligence sharing alliance.


A senior Australian government source described China's activity as "a constant, significant effort to steal our intellectual property". Read more

GCSB not confirming report China responsible for surge in cyber espionage

20 November 2018

The Government Communications Security Bureau is not confirming a report that China is behind espionage attacks on Australian businesses and other "Five Eyes" countries.


Australian media companies Fairfax Media and Nine Entertainment reported China's Ministry of State Security was responsible for "Operation Cloud Hopper" and a surge in cyber espionage against Australian companies over the past year.


Fairfax Media, which is the parent of Stuff, quoted unnamed Australian officials as claiming the activity breached an agreement between Chinese premier Li Keqiang and former Australian prime minister Malcolm Turnbull "to not steal each other's commercial secrets". Read more

76 views0 comments

Recent Posts

See All
Montane Protective Security

Follow us for the latest news and information:

+61 (0)2 8002 1387

Nexus Norwest, Level 5, 4 Columbia Court

Baulkham Hills NSW 2153

Sydney Australia

  • White LinkedIn Icon

Master License: 000102410

Information and Cyber Security     Risk Assessments     Protective Security     Resilience     Response and Recovery

Montane Protective Security 2020    

Master License Number: 00102410                             ABN 21 640 793 296