Australian Security Services Investigate Parliament Cyber Attack
 

Australian Security Services Investigate Attempted Cyber Attack on Parliament

Asio among agencies looking at hacking attempt in Canberra amid suspicion a state-based actor could be to blame for would-be data breach

The Guardian, 8 FEB 2019.


Australia’s security agencies are urgently investigating an attempt to hack the federal parliament’s computer network, with the parliament unable to rule out a foreign government being behind the attack.

In a joint statement, Scott Ryan and Tony Smith – parliament’s presiding officers – reported a “security incident on the parliamentary computing network” occurred overnight and into Friday morning.

No data breach has been reported, and they said all passwords had been reset out of “an abundance of caution”.

“Similarly, we have no evidence that this is an attempt to influence the outcome of parliamentary processes or to disrupt or influence electoral or political processes,” they said.

“The methods used by malicious actors are constantly evolving. Since 2012, DPS has made substantial strides in strengthening cyber defences for the APH IT networks.

“While there is no guaranteed approach to cyber security, best practise is the ability to detect and remediate threats quickly. The department has done this working jointly with expert agencies.”

Australia’s agencies are understood to be investigating whether China, among other state actors, was behind the attempt.

“Accurate attribution of a cyber incident takes time and investigations are being undertaken in conjunction with the relevant security agencies,” Smith and Ryan said.

“We are not in a position to provide further information publicly at this stage. Updates will be provided to members and senators and the media as required.”

The parliamentary network is used by all MPs and their staff, including to store databases and emails.

Bill Shorten was the first politician to be publicly asked about the breach, and said he had been briefed and was satisfied from what he had ben told so far, “that our security agencies and the [Senate] president and the [House] Speaker have moved in the right way” to secure the network.

But he also said it was “a wake up call”.

“It’s not just Parliament House,” he said.

“I mean Parliament, at least, has resources to protect if people try and hack into our systems.

“But what I was thinking about this morning as we see the extent of the security necessary to restore the integrity of the system is are we doing enough in this country for small and medium businesses to help protect them?

“Of course the other thing which this is a wake-up call for is data. We give a lot of our data to the big international and multinational companies. It is very important to do more to protect our data.

“Just because you can’t see who your enemy is because they’re on the internet doesn’t mean they’re not your enemy.”

Late last year Alistair MacGibbon, the head of the Australian Cyber Security Agency, which sits under the Australian Signals Directorate, joined international condemnation against an alleged plot to steal intellectual property from the west.

Two Chinese nationals were charged in the US over their alleged membership of a hacking group operating in China known in global intelligence circles as Advanced Persistent Threat 10, or APT10.

Speaking to the ABC in December, MacGibbon described that attempted hack as “audacious”.

“It is huge and it impacts potentially thousands of businesses globally,” he said.

Last July the Australian National University, a home to defence-focused research units, reported that its computer systems had come under attack.

In 2016 the Australian Cyber Security Agency concluded foreign powers were to blame for a 2015 hack of the Australian Bureau of Meteorology network, but the government would not reveal which countries were responsible.

That attack was somewhat successful, with malicious software installed and sensitive documents stolen, leading to Australian agencies undertaking a tightening of their cybersecurity systems.