Hacker stole Aust mil­i­tary se­crets

Waikato Times - - World -

AUS­TRALIA: Com­mer­cially sen­si­tive in­for­ma­tion on the $14 bil­lion Joint Strike Fighter pro­gramme, Aus­tralia’s next fleet of spy planes and sev­eral of its naval war­ships have been stolen by hack­ers who breached a Depart­ment of De­fence con­trac­tor.

A man­ager at the Aus­tralian Sig­nals Direc­torate – the gov­ern­ment’s main national se­cu­rity cy­ber spies – told a con­fer­ence in Syd­ney on Wednesday that the hack­ers stole 30 gi­ga­bytes of data in­clud­ing on the De­fence projects.

ASD in­ci­dent re­sponse man­ager Mitchell Clarke told the Aus­tralian In­for­ma­tion Se­cu­rity As­so­ci­a­tion con­fer­ence that the ASD had co­de­named the hacker ‘Alf’ after the char­ac­ter played by Ray Meagher.

A spokesper­son for the Aus­tralian Cy­ber Se­cu­rity Cen­tre, for which Clarke works, said the data was com­mer­cially sen­si­tive but was not clas­si­fied.

Clarke told the con­fer­ence that ‘‘the com­pro­mise was ex­ten­sive and ex­treme’’. Dan Te­han, the Min­is­ter As­sist­ing the Prime Min­is­ter for Cy­ber Se­cu­rity, had on Tues­day high­lighted the case as a sig­nif­i­cant breach, though he did not pro­vide de­tails.

Clarke also didn’t rule out that a for­eign gov­ern­ment was be­hind the in­ci­dent.

He said the com­pany ‘‘had a sig­nif­i­cant amount of data stolen … and most of that data was de­fencere­lated’’ and that some of it re­lated to the United States In­ter­na­tional Traf­fic in Arms Reg­u­la­tions, which ver­i­fies the se­cu­rity cre­den­tials of firms deal­ing in US mil­i­tary and de­fence ex­ports.

‘‘That ITAR data in­cluded in­for­ma­tion on the the [F-35] Joint Strike Fight­ers, the C-130, the P-8 Po­sei­don, the JDAM – that’s a smart bomb – and a few Aus­tralian naval ves­sels,’’ Clarke said.

‘‘We found one doc­u­ment [that] was like a Y-di­a­gram of one of the navy’s new ships and you could zoom in down the cap­tain’s chair and see that it’s one me­tre away from the nav [nav­i­ga­tion] chair and that sort of thing.’’

The P-8 Po­sei­don is the RAAF’s soon-to-ar­rive fleet of new spy planes.

Clarke de­scribed the hack as ‘‘a very good ex­fil [ex­fil­tra­tion] for the ac­tor’’.

He in­di­cated the hack­ers could have been a crim­i­nal group or state-spon­sored hack­ers. He said they used a hack­ing tool called China Chopper, which is re­port­edly widely used by Chi­nese hack­ers.

The small aerospace en­gi­neer­ing firm of about 50 em­ploy­ees, which had con­tracts on a num­ber of De­fence projects, had just one IT staff mem­ber who had been in the job nine months, which Clarke de­scribed as ‘‘sloppy’’.

‘‘There’s no way this one IT per­son could have done ev­ery­thing per­fectly across the whole do­main.’’

The firm had used de­fault lo­gins and pass­words ‘‘ad­min’’ and ‘‘guest’’.

The hack­ers had

‘‘full and un­fet­tered ac­cess’’ to the sys­tem and read emails of the chief en­gi­neer, the fi­nance of­fi­cer and a con­tract­ing en­gi­neer.

The ASD was tipped about the breach by ‘‘a part­ner or­gan­i­sa­tion’’ in Novem­ber last year. The hack ap­par­ently oc­curred in July 2016.

He said that the com­pany didn’t be­lieve ASD and national Com­puter Emer­gency Re­sponse Team in­ves­ti­ga­tors when they ar­rived be­cause they don’t carry cre­den­tials.

Clarke also said ASD’s in­ci­dent re­sponse team was ‘‘get­ting busier and busier as time goes on and we have less and less peo­ple so it’s get­ting dif­fi­cult for us and we’re see­ing I guess a re­ally large work­load’’. –


A hacker who scooped up Aus­tralian de­fence data gained de­tails on its multi­bil­lion-dol­lar F-35 pro­ject.

Newspapers in English

Newspapers from New Zealand

© PressReader. All rights reserved.