Cyber attack on Australia: The Army's information has been stolen

Faith Castro
October 13, 2017

He said the attacks included a serious breach of a defence contractor's computer system in November 2016, which saw a significant amount of data stolen.

The breach began in July of a year ago, but the (ASD) was not alerted until November, hence the hacker might had access to the information for four months.

The Australian government says it does not know who perpetrated the hack.

Australia's defence industry minister, Christopher Pyne, told ABC Radio: "Fortunately the data that has been taken is commercial data, not military's not classified information".

Clarke said the "methodical, slow and deliberate", choice of target suggested a nation-state actor could be behind the attack, according to Reuters.

"Of course, the same rule applies for companies who carry sensitive data because it is not a question of "if" but "when" you will be breached, and I don't accept making it easy either", he said.

Mr Pyne said Australia has experienced an increase in cyberattacks at a time when it is carrying out a $39bn (€25.7bn) submarine project.

More news: Court clears way for 6-game suspension of Cowboys' Elliott

The hack was discovered by a major Defence contractor.

Describing the breach, the official claimed it was "extensive and extreme,"ABC reports". But he said the attackers gained entry by exploiting a 12-month-old vulnerability in the software that the contractor had failed to patch.

Australia experienced 47,000 cyber security incidents over the year to June 30, half of which involved online scams or fraud, according to the Australian Cyber Security Centre's 2017 Threat Report. This is not rocket science but does require resources.

As cyber security experts backed the minister's call, Mr Pyne deflected blame from the government, arguing ultimate responsibility lies with the company that was breached.

"Su Bin admitted to playing an important role in a conspiracy, originating in China, to illegally access sensitive military data, including data relating to military aircraft that are indispensable in keeping our military personnel safe", John P. Carlin, then the US assistant attorney general for national security, said at the time.

"We need to decouple security from infrastructure and adopt a "zero trust" security model: to achieve access, a user needs to both see an application and be permitted to use it".

Mitchell Clark, response manager of the Australian Signals Directorate, told a conference Wednesday in Sydney, Australia, the targeted company was a small "mum and dad type business" - an aerospace engineering company with about 50 employees. On 22 March 2018, the event will come to the United States for the first time, taking place in one of the world's most prominent business cities: NY.

Other reports by LeisureTravelAid

Discuss This Article