讀後心得

In July 2024, the Australian government revealed that the APT40 hacker group, funded by the Chinese Communist Party, had launched cyber attacks against it and announced the introduction of the "Sea-Pac" program to assist countries in the Indo-Pacific region in enhancing their cybersecurity. The program emphasizes information sharing and public-private cooperation, which will improve the cybersecurity capabilities and policy-making of various nations. Additionally, Australia discovered that the cyber espionage activities of this hacker group could pose a serious threat to critical infrastructure. Therefore, Australia will work with its allies to strengthen cybersecurity defenses and jointly address the continuously evolving cyber threats.

• Diagram of a cyber attack. In July 2024, the Australian government revealed its responsibilities along with other member countries of the "Five Eyes" alliance, stating that the Chinese government-funded hacker group "Advanced Persistent Threat 40 (APT40)" launched cyber attacks against Australia. In response to this severe challenge, Australia will launch the "Sea-Pac" program targeting Indo-Pacific countries to enhance the cybersecurity levels of other nations in the region. Scholars point out that the key to cybersecurity lies in information sharing and urge businesses of all sizes in various countries to cooperate in response.

• Following the United States, the United Kingdom, and New Zealand, the Australian Cyber Security Centre announced last year that malicious cyber operation techniques related to the Chinese Ministry of State Security and hacker groups like APT40 have been long-term funded. Investigations show that APT40 is assigned by the National Security Department of Hainan Province in China, and the techniques they utilize have posed a threat to Australia.

• Recently, officials from Australia's Department of Foreign Trade shared observed situations, including cyber espionage activities and information gathering, and mentioned that the "pre-deployment" carried out on critical infrastructure networks poses a high-level threat that could affect telecommunications, electricity, and healthcare infrastructure.

• Watson stated that the "Sea-Pac (Southeast Asia Pacific Cyber Program)" will officially launch in 2025 to meet the needs of partner countries, adopting a public-private partnership approach, collaborating on technology to respond to cyber attacks. The program will last until 2027 or 2028, focusing on capacity building, response to cyber attacks, and developing policies and standards.

• Watson cited that if a country seeks assistance, industry experts and government representatives will form a team to dispatch a technical team to help assess the impact of the attack and develop remedial measures. This mechanism does not solely rely on internet and phone communication, but it has already achieved good results since its initial operation.

• Prior to this, the Australian government released the revised "National Cyber Security Strategy" in 2023, aiming to enhance public and corporate awareness of cybersecurity and promote businesses to take action to protect their systems. In the future, it will consider requiring businesses to report cyber incidents and hopes to promote this throughout the Indo-Pacific region.

• Watson also mentioned that Australia holds the "Pacific Cyber Capability Building Conference" every two years, aiming to bring together regional countries to discuss the need to enhance cybersecurity. Responding to cyber attacks has become a current international trend.

• Researchers pointed out that the key to cybersecurity lies in intelligence sharing and emphasized the broad participation of both public and private sectors. She mentioned that ASEAN has initiated relevant cooperation, and Western allies are showing a strong interest in tracing the origins of cyber attacks.

• However, misunderstandings often exist between the government and industry, with each believing that the other holds the necessary information, which hinders cooperation. For example, Taiwan's close ties between the semiconductor industry and national security make it challenging to engage small and medium enterprises in cybersecurity cooperation in the future.

• Additionally, Watson mentioned the rampant nature of global ransomware, stating that Australia's telecommunications and health insurance institutions have suffered data breaches in the past two years. The government has frozen assets related to these entities and issued travel bans.

• Faced with the ongoing threats from hacker groups like APT40, Australia is working with allies and regional partners to strengthen capacity building, promote public-private cooperation, implement cyber sanctions, and enhance international collaboration to jointly establish a solid cybersecurity defense line, improving cyber resilience from both technical and policy perspectives, ensuring each country's cybersecurity autonomy in the region, and effectively responding to the evolving cyber threats.