Au­dit push after de­fence hack lasts for three months


Nick Xenophon has called for Aus­tralian in­tel­li­gence agen­cies to launch an au­dit of all Aus­tralian de­fence con­trac­tors after a ma­jor se­cu­rity breach.

Aus­tralian Sig­nals Direc­torate in­ci­dent re­sponse man­ager Mitchell Clarke this week re­vealed that a hacker ac­cessed about 30 gi­ga­bytes of re­stricted information on the F-35 Joint Strike Fighter, the P-8 Po­sei­don sub­ma­rine hunters and Aus­tralian naval ves­sels.

The hacker, thought to have been China-based, had ac­cess to the data for three months be­fore the ASD be­came aware of it.

The ASD re­ferred to the pe­riod — be­tween July and Novem­ber 2016 — as “Alf’s Mys­tery Happy Fun Time”, in a ref­er­ence to a Home and Away char­ac­ter.

The Turnbull gov­ern­ment yes­ter­day went into dam­age con­trol over the rev­e­la­tions, and De­fence In­dus­try Min­is­ter Christo­pher Pyne said the gov­ern­ment could not be blamed for the breach.

“I don’t think you can try and sheet the blame for a small en­ter­prise hav­ing lax cy­ber­se­cu­rity back to the fed­eral gov­ern­ment. I mean, that is a stretch,” Mr Pyne said. He sug­gested the com­pany was a sub­con­trac­tor. “The con­trac­tor could well have been work­ing for a prime (a ma­jor de­fence con­trac­tor),” he said.

Ac­cord­ing to a re­cent threat re­port, dur­ing 2016-17 the gov­ern­ment re­sponded to 734 cy­ber in­ci­dents af­fect­ing pri­vate sec­tor sys­tems of na­tional in­ter­est and crit­i­cal in­fra­struc­ture providers.

Sen­a­tor Xenophon said it was “very much in the na­tional in­ter­est” to find out which other de­fence con­trac­tors or sub­con­trac­tors had poor cy­ber se­cu­rity.

“The information could paint a mosaic which could com­pro­mise our de­fence,” Sen­a­tor Xenophon told The Aus­tralian.

“This high­lights the need for there to be an au­dit by ASD as to whether the cy­ber­se­cu­rity ar­range­ments in­volv­ing the con­trac­tors are ad­e­quate or not.”

Op­po­si­tion Leader Bill Shorten said the Turnbull gov­ern­ment should be de­mand­ing an­swers, rather than “mak­ing ex­cuses”.

“I think Aus­tralians rea­son­ably ex­pect sen­si­tive de­fence information to be pro­tected,” Mr Shorten said. “Clearly it hasn’t been in this case. I think that if the gov­ern­ment needs more re­sources to pro­tect ma­te­rial, we should ex­pend those re­sources.”

Alas­tair MacGib­bon, the spe­cial ad­viser to the Prime Min­is­ter on cy­ber­se­cu­rity, said the stolen information did not com­pro­mise na­tional se­cu­rity.

Mr MacGib­bon said it was a “les­son” for de­fence con­trac­tors.

“My un­der­stand­ing is that they were ac­tu­ally work­ing for a larger de­fence con­trac­tor. This is a sup­ply-chain is­sue. It is a third-party sup­ply-chain is­sue,” he told the ABC.

Richard Buck­land, a pro­fes­sor in cy­ber­crime at the Univer­sity of NSW, said this was a “ca­nary in a coalmine. Even the cur­rent stan­dards are not suf­fi­cient and even if they were, we don’t com­ply with them. Au­dits show lots of agen­cies are not com­pli­ant.”

La­bor cy­ber­se­cu­rity spokes­woman Gai Brodt­mann said the hack was “very con­cern­ing”.

“We’ve been call­ing on the gov­ern­ment to take the cy­ber­se­cu­rity of gov­ern­ment agen­cies se­ri­ously since the re­lease of the 2014 au­dit of cy­ber re­silience,” she said.

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.