Mike Burgess, Director-General of the Australian Security Intelligence Organisation (ASIO), recently issued a stark warning, noting that Australia is increasingly facing the risk of “high-impact disruption” from hackers linked to the Chinese government and military. He emphasized that unprecedented espionage and cyberattacks signal that over the next five years, the threat of “cyber-driven disruption” will continue to escalate. Burgess’ remarks not only reveal the direct challenges to Australia’s national security but also reflect the Chinese Communist Party’s increasingly aggressive espionage and cyber infiltration strategies worldwide, posing serious tests to international order and national sovereignty.
At a business forum in Melbourne, Burgess openly stated that “a certain country—not hard to guess which—is repeatedly attempting to probe and infiltrate critical infrastructure in Australia and its allies.” He made clear that these targeted systems include Australia’s water, transport, telecommunications, and energy networks, with potential destructive power far beyond ordinary cybercrime. These attacks on national lifelines are not just about stealing information but are designed to pre-position capabilities for future conflict, constituting a strategic threat at the national level.
He specifically named two hacker groups linked to Chinese government intelligence agencies and the military—Salt Typhoon and Volt Typhoon. Their operational patterns reveal the dual purpose of China’s cyber strategy. Salt Typhoon primarily focuses on espionage, aiming to steal sensitive information and has already infiltrated U.S. telecommunications networks. Burgess confirmed that the group is also actively probing Australia’s telecom networks, attempting to access sensitive data and establish long-term covert channels. This intelligence-gathering is intended to give China commercial, military, and political advantages while undermining the competitiveness and defense capabilities of Australia and its allies.
Volt Typhoon a more direct and destructive threat
In contrast, Volt Typhoon poses a more direct and destructive threat. Its operations aim to cause disruption; the group has successfully infiltrated critical infrastructure networks in the U.S. and prepared for potential future sabotage. Burgess explicitly stated, “Yes, we are also seeing Chinese hackers probing our critical infrastructure.” This means that Australia’s power systems, water supply networks, transport hubs, and communications backbone may already have been mapped and implanted with malicious software by these state-level hacker groups, capable of being remotely shut down or paralyzed at any time, causing social chaos and significant damage.
Burgess stressed that authoritarian regimes are increasingly willing to “disrupt and destroy,” with multiple objectives. First, they aim to “impede decision-making” by paralyzing critical infrastructure, making it difficult for adversary governments to respond effectively in crises. Second, such attacks can “impact the economy,” causing massive financial losses and social panic, weakening national strength. Third, attacking critical infrastructure can “weaken combat power,” particularly during war or quasi-war, as disabling communication, energy, and transport systems directly affects military operations and logistics. Finally, these disruptive actions can “sow social discord,” undermining societal stability and public confidence in the government.
Success
You are now signed up for our newsletter
Success
Check your email to complete sign up
To illustrate the seriousness of the threat, Burgess cited several alarming examples. He noted that even brief telecom outages unrelated to foreign interference have already caused widespread societal disruption. For instance, a past telecom network outage in Australia, lasting less than a day, resulted in substantial inconvenience and losses. He further envisioned more catastrophic scenarios: “Imagine if a country shut down all networks? Or cut power during a heatwave? Or contaminated drinking water? Or paralyzed financial systems?” These scenarios are not exaggerations but based on the demonstrated capabilities and intentions of these hacker groups. He warned, “I don’t think we—all of us—truly understand how destructive and devastating this could be.” His words highlight the public’s limited awareness of this new form of warfare and the challenges national security agencies face in raising crisis awareness.
Burgess also pointed out that espionage is “expanding its intelligence-gathering scope,” no longer confined to traditional government or military targets. Hackers actively target private sector projects, negotiations, and investments to give foreign enterprises commercial advantages. This means Australia’s innovative technologies, trade secrets, and intellectual property are prime targets of Chinese espionage. They also target customer data, not only violating individual privacy but potentially enabling phishing, ransomware, or other malicious activities. Conservative estimates indicate that espionage alone cost Australia up to AUD 12.5 billion (~USD 8.2 billion; GBP 6.2 billion) in 2023–24, including around USD 2 billion in stolen commercial secrets and intellectual property in a single year. These staggering figures illustrate the enormous economic damage caused by Chinese espionage.
Burgess described the capabilities of these hacker groups as “highly sophisticated, using cutting-edge technology to locate your networks, test vulnerabilities, attack digital gates, and examine digital locks.” They are not only technically skilled but also extremely patient and covert. “Once they penetrate your network, they actively map systems and seek continuous, undetected access, so they can strike at a chosen time and place.” This “dormant” strategy makes prevention and detection extremely difficult, allowing adversaries to launch “precision strikes” at critical moments for maximum damage.
China’s growing global espionage activities
Burgess’ warning is not an isolated incident but reflects the Chinese Communist Party’s expanding global intelligence and influence operations. For years, China has been accused of conducting extensive and sophisticated espionage worldwide, targeting economic, military, political, and technological domains. The scale and complexity of these activities have grown exponentially in recent years, posing widespread threats to national security, economic interests, and democratic institutions globally.
China’s intelligence work has deep historical roots, but modern espionage combines traditional human intelligence (HUMINT) with advanced cyber intelligence (CYBINT) techniques. Over the past decades, as China’s economy and military power have grown, its intelligence priorities shifted from ideological struggles to supporting national development and military modernization. Under Xi Jinping, the “civil-military integration” strategy has further incorporated civilian technology and corporate resources into the national security system, making intelligence collection more diverse and covert. In this “whole-of-nation” system, nearly everyone and every entity interacting with China could potentially be part of its intelligence network.
China’s espionage motivations are multifaceted and interconnected. Economic and technological advantage is a primary driver. The CCP has long sought to accelerate industrial upgrading and achieve rapid technological gains by stealing foreign intellectual property, trade secrets, advanced technology, and R&D results—from aerospace, AI, semiconductors, to biotech. The USD 2 billion in annual stolen trade secrets cited by Burgess represents just the tip of the iceberg.
China’s military modernization relies on foreign military technology. Through espionage, China has obtained designs, performance data, operational theory, and training methods for Western weapons systems, enabling faster development of its own advanced platforms and enhancing regional and global military influence.
China also engages in political infiltration and influence operations globally, targeting foreign government officials, think tanks, media, and academia to shape policies, manipulate public opinion, and neutralize critical voices. Information warfare, including spreading disinformation and manipulating social media, aims to divide Western societies and weaken adversary cohesion.
As Burgess warned, infiltration of critical infrastructure is not merely for intelligence collection but to pre-position destructive capabilities for potential future conflicts. Such capabilities could strike key facilities in adversary countries during wartime or crises, causing societal paralysis and achieving strategic objectives without direct conflict.
Diverse methods of Chinese espionage
China employs a wide range of evolving espionage methods:
- Cyber espionage: Currently the most prominent and far-reaching method, carried out by state-backed Advanced Persistent Threat (APT) groups like APT1, APT10, and APT41. They use phishing, malware, zero-day exploits, and supply chain attacks on governments, defense contractors, tech giants, universities, and research institutions. These groups are highly skilled and stealthy, capable of long-term undetected network infiltration.
- Human intelligence (HUMINT): Traditional espionage remains important. This includes recruiting foreign nationals, leveraging students, visiting scholars, businesspeople, and diplomats for intelligence. Tactics exploit financial, ideological, or emotional vulnerabilities, including traditional “honey trap” schemes.
- Technical intelligence (TECHINT): Gathering technical information via public sources, reverse engineering, or stealing physical devices.
- Open-source intelligence (OSINT): Using big data analytics, social media monitoring, and publicly available information to extract valuable intelligence.
- Corporate and academic exploitation: China coerces foreign companies to transfer technology, steals know-how through joint ventures, and uses academic or research collaborations to access sensitive information. Tech companies linked to the Chinese government, such as Huawei and TikTok, face scrutiny in the West due to potential data security risks and links to intelligence operations.
Global impact and international response
Chinese espionage affects not only Australia. The U.S., U.K., Canada, Germany, France, Japan, and many other countries have publicly accused China of large-scale cyberattacks and espionage. The U.S. Department of Justice has repeatedly prosecuted hackers and spies linked to Chinese military and intelligence, accusing them of stealing trade secrets and defense information. MI5 has issued public warnings about the growing threat posed by Chinese espionage to the U.K.
In response, governments worldwide are taking multiple measures. Public warnings like Burgess’ aim to raise awareness among governments, businesses, and citizens. Intelligence-sharing mechanisms, such as the Five Eyes alliance (U.S., U.K., Canada, Australia, New Zealand), play a key role. Security agreements like AUKUS (Australia, U.K., U.S.) demonstrate the West’s commitment to strengthening military and intelligence cooperation.
Governments and businesses are investing in cybersecurity for critical infrastructure, enhancing threat detection and response capabilities. Laws are being updated to better combat foreign interference and espionage. Legal actions and sanctions are taken against individuals and entities involved in espionage.
To reduce reliance on Chinese technology and supply chains, some countries are promoting “decoupling” or diversifying supply chains to lower the risk of technological leakage.
Mike Burgess’ warning clearly depicts the harsh reality of cyber threats facing Australia and its allies. These challenges are not merely technical but strategic. China’s increasingly aggressive global espionage—whether stealing secrets via cyber means or influencing decisions through human infiltration—aims to achieve national strategic objectives and could inflict substantive harm on other countries’ societal stability, economic development, and sovereignty through “high-impact disruption.”
By Yang Tianzi
