China suspected of hacking diplomatic body for Pacific islands region

Chinese state-sponsored hackers are reportedly suspected of compromising the networks of the Pacific Islands Forum (PIF) Secretariat, a regional diplomatic body based in Fiji.

The cyberattack was first reported by ABC News, which learned that Australia’s government had sent specialists to Suva, Fiji’s capital city, after discovering the PIF’s systems had been penetrated. 

At a press conference following the Australian news report, PIF Secretary General Baron Waqa — who administrates the forum on behalf of its 18 member states, including Australia, New Zealand and Fiji — confirmed “that there was indeed a cybersecurity incident here this year.”

Waqa said the forensic report into the incident was still being finalized and as such the PIF could not confirm which threat actor was responsible, as reported by Radio Free Asia. China, which does not avow any intelligence gathering activities, dismissed ABC’s report.

The disclosure of the incident follows controversy during this year’s PIF meeting  — which Beijing contested with its largest ever delegation to the forum — over a reference to Taiwan in the communique, describing the independently governed island as a “developing partner.”

Beijing strongly contests Taiwan’s independent governance — established following the Chinese civil war —  and has repeatedly refused to discount achieving a reunification by military means. In his New Year’s message, Chinese President Xi Jinping repeated his assertion that Taiwan would “surely be reunified” with the mainland.

According to ABC, the cyber breach occurred in February, months before the meeting took place, and was “extensive,” providing the attackers with information about PIF and its operations as well as communications between the secretariat and member states.

Citing a Pacific island government source, ABC said PIF had quietly alerted member states to the breach but had not publicly disclosed the attack or attributed it to China.

The suspected Chinese campaign comes amid a surge in activity for Beijing among the country’s neighbors, including attempting, although ultimately failing in May 2022, to sign trade and security agreements with the 10 Pacific island states it has diplomatic relations with.

However, an unexpected security deal between China and the Solomon Islands announced that April provoked enormous concern — particularly over plans that would permit China to create a military base just 2,000 km (1240 miles) from Australia itself.

Following the announcement of the agreement, the Solomon Islands’ prime minister Manasseh Sogavare stressed that he would not allow a Chinese military base in the country. He said the agreement covered the contingency of “a gap” in the kinds of security that Australia can provide: “When it comes to security issues in the region, we will call on them [the Australians] first.”

The details of China’s agreement with the Solomon Islands have not been published, although a draft leaked online revealed it was offering broad access to China’s military and police.

When, in turn, Australia signed a defense and cybersecurity agreement with Vanuatu, the foreign minister stressed that the text of the agreement “will be publicly available,” because both nations are “committed to democracy, accountability and transparency.”

Australia has been an increasingly vocal regional counterpoint to China in recent years, with cybersecurity shooting up the political agenda, spurred by a series of high-profile cyberattacks against private businesses, including those affecting Optus, Medibank and MediSecure.

Alongside its membership of the Five Eyes intelligence alliance, the Australian government has committed to the REDSPICE program, an investment of around AUS $9.9 billion ($6.72 billion) into the Australian Signals Directorate by 2031.

ABC reported that Australia has deployed cyber specialists “at least half a dozen times” to other countries in the region so far this year, “although many of these missions have not been publicly advertised,” amid a series of China-linked incidents. Earlier this year, officials in the island nation of Palau said they believed a recent ransomware attack was a cover for other operations conducted by Chinese actors.