| TechCrunch
techcrunch.com
Zack Whittaker
4:47 AM PST · November 12, 2025
Australia's intelligence chief warned that Chinese hackers are trying to break into its networks, sometimes successfully, to "pre-position" for sabotage ahead of an anticipated invasion of Taiwan.
Australia’s intelligence head Mike Burgess has warned that China-backed hackers are “probing” the country’s critical infrastructure, and in some cases have gained access.
Burgess, who heads the country’s main intelligence agency, the Australian Security Intelligence Organisation, said that at least two China government-backed hacking groups are pre-positioning for sabotage and espionage.
The comments, made during a conference speech in Melbourne on Wednesday, echo similar remarks by the U.S. government, which has warned that the ongoing hacking campaigns may pose risks of economic and societal disruption.
According to Burgess, a hacker group known as Volt Typhoon is trying to break into critical infrastructure networks such as power, water, and transportation systems. Burgess warned that successful hacks could affect energy and water supplies, and cause widespread outages.
The U.S. has previously said that the Chinese hackers have spent years planting malware on critical infrastructure systems that are capable of causing disruptive cyberattacks when activated. U.S. officials said that Volt Typhoon’s goals are to hamper the U.S.’ response to China’s anticipated future invasion of Taiwan.
“I do not think we — and I mean all of us — truly appreciate how disruptive, how devastating, this could be,” said Burgess, speaking about the threat. He said that once the hackers have access, what happens next is a “matter of intent, not capability.”
Burgess also warned that another China-backed hacking group dubbed Salt Typhoon, known for hacking into the networks of phone and internet companies to steal call records and other sensitive data, was also targeting the country’s telecoms infrastructure.
Salt Typhoon has hacked more than 200 phone and internet companies, according to the FBI, including AT&T, Verizon and Lumen, along with several other cloud and data center providers. The hacks prompted the FBI to urge Americans to switch to end-to-end encrypted messaging apps to avoid having their calls and text messages accessed by the hackers.
The Canadian government also confirmed earlier this year that its telcos were breached as part of China-linked attacks.
China has long denied the hacking allegations.
Chinese government cyberspies Volt Typhoon reportedly breached Singapore Telecommunications over the summer as part of their ongoing attacks against critical infrastructure operators.
The digital break-in was discovered in June, according to Bloomberg, citing "two people familiar with the matter" who told the news outlet that the Singtel breach was "a test run by China for further hacks against US telecommunications companies."
The U.S. government in recent months launched an operation to fight a pervasive Chinese hacking operation that successfully compromised thousands of internet-connected devices, according to two Western security officials and one person familiar with the matter.
The Justice Department and Federal Bureau of Investigation sought and received legal authorization to remotely disable aspects of the Chinese hacking campaign, the sources told Reuters.
SecurityScorecard has discovered the threat actor group Volt Typhoon has compromised 30% of Cisco RV320/325 Devices in 37 Days. Learn more.
Affected Platforms: FortiOS
Impacted Users: Targeted at government, manufacturing, and critical infrastructure
Impact: Data loss and OS and file corruption
Severity Level: Critical
Today, Fortinet published a CVSS Critical PSIRT Advisory (FG-IR-23-097 / CVE-2023-27997) along with several other SSL-VPN related fixes. This blog adds context to that advisory, providing our customers with additional details to help them make informed, risk-based decisions, and provides our perspective relative to recent events involving malicious actor activity.
