cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

6 Australian senators, MPs confirm being targeted by APT31 in IPAC cyber attack

Until this point, the senators and MPs affected had been kept in the dark.

user icon Daniel Croft
Tue, 07 May 2024
6 Australian senators, MPs confirm being targeted by APT31 in IPAC cyber attack
expand image

A number of Australian senators and members of parliament (MPs) have confirmed that they were targeted in a 2021 attack conducted by Chinese state-sponsored hackers, despite Australian authorities failing to notify them of the incident after finding out almost three years ago.

Chinese state-sponsored hacking group APT31 launched an attack on the Inter-Parliamentary Alliance on China (IPAC) in 2021, sending a number of pixel tracking emails to high-profile politicians, including shadow cyber security and home affairs minister James Paterson.

“APT31 sent a large number of pixel tracking emails to the parliamentary emails of Australian MPs and senators from a domain masquerading as a news outlet,” the affected IPAC members said in a statement.


“The apparent intention was to garner sufficient information to mount more sophisticated follow-on attacks, escalating in severity.”

As reported by The Nightly yesterday (6 May), the FBI notified Australian agencies in mid-2021 that the breach had occurred, and again in June 2022, adding that APT31 was behind the breach. However, the agencies did not inform the government or the affected MPs.

Twenty MPs who were members of IPAC only found out in April, when the US issued an indictment against seven APT31 hackers.

“Last week, we were made aware that at least six Australian legislators were targeted by the PRC state-controlled hacking group APT31 in January 2021,” the Australian IPAC members said.

“Those targeted included Senator James Paterson, Senator Claire Chandler, Senator Alex Antic, David Smith MP, Daniel Mulino MP, and Tim Wilson MP.”

“While we have no evidence to suggest that these attacks were successful in Australia, it is now undeniable that Australian legislators were targeted by a foreign power in an unacceptable attempted infringement of Australian sovereignty.

“We were not informed by Australian agencies at any time since 2021 about this targeting.”

The targeted IPAC members added that as the attack was not on any single party or House of Parliament, but on a number of MPs who have “dared to exercise their legitimate democratic right to criticise Beijing”, the attack was on Australian Parliament “as a whole and demands a robust and proportionate response”.

Both the US and the UK have imposed sanctions on APT31 and actors connected to the group in the past, as they did in March 2024 for a cyber espionage campaign on UK parliamentarians and US senators.

Australia and New Zealand both joined the US and UK in attributing the attacks to APT31.

“The Australian government joins the United Kingdom and other international partners in expressing serious concerns about malicious cyber activities by China state-backed actors targeting UK democratic institutions and parliamentarians,” a joint statement by Cyber Security Minister Clare O’Neil and Foreign Minister Penny Wong said.

“The persistent targeting of democratic institutions and processes has implications for democratic and open societies like Australia. This behaviour is unacceptable and must stop.

“Australia calls on all states to act responsibly in cyber space.”

Additionally, Paterson called for Australia to join the US and UK in imposing sanctions on APT31 back in March.

“Now I’ve just seen … that the Foreign Minister has issued a statement of rhetorical support for that. But the question that Penny Wong needs to answer today is, will she use the powers under the Magnitsky legislation that the Parliament gave her, to also join our allies in sanctioning these individuals so there is real costs and real consequences for their behaviour?” he said.

For context, the Magnitsky legislation refers to laws that allow the introduction of sanctions on nations that have committed human rights violations or corruptive activity.

“It is shockingly malign behaviour to attack members of parliament and to attack electoral systems in democracies,” Paterson said.

“That is not the act of a friend. And yet it appears that Chinese state-sponsored hackers have been doing that in the case of the UK and New Zealand.

“It wouldn’t shock me at all to learn that they had done the same here in Australia, although that has not been publicly announced today.”

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.