The Samoan government has accused a Chinese state-backed hacking group, APT40, of orchestrating sophisticated cyber attacks against its government and critical infrastructure systems across the Pacific, according to ABC news.
In a recent advisory, Samoa’s National Computer Emergency Response Team (CERT) described APT40 as a “serious threat” to the region. The document noted, “Recent activity… suggests the existence of campaigns specifically targeting networks hosted in the Blue Pacific.
While the advisory refrained from directly criticizing the Chinese government, it identified APT40 as a “state-sponsored cyber group.” It also referenced a previous advisory by Australia, the United States, the United Kingdom, South Korea, Japan, Germany, and Canada, which stated that APT40 conducts “malicious cyber operations for the PRC Ministry of State Security.”
The advisory provided technical insights into APT40’s methods, highlighting the use of malware designed to maintain “command and control in the network.” It warned, “These malwares are used together to avoid detection and enable the exfiltration of sensitive data from Blue Pacific networks.”
A spokesperson for Australia’s Department of Foreign Affairs and Trade (DFAT) commented on the situation, stating that Samoa’s advisory demonstrated that “malicious cyber activity is a global scourge including for the Pacific.” They added, “The Australian government is working closely with our Pacific family to bolster its cyber security in the face of malicious actors.”
China has consistently denied involvement in cyber attacks, including those linked to APT40. The Chinese Embassy in Samoa has been approached for comment but has not yet responded.
