April 23, 2018

Defence responds to cyber attack incident

13 October 2017, 12:53 | Franklin Nunez

Hacker group codenamed 'Alf' after famous Home and Away character steals sensitive information about Australia's multi-billion dollar fighter jet program

F-35 and naval vessels information stolen in cyber hack

"The contractor could well have been working for a prime (major contractor) which is why we have been saying relentlessly, for certainly since I have been the Minister and since Dan Tehan has been the minister for cyber security, that businesses need to take this very seriously".

Australian authorities criticised the defence contractor for "sloppy admin" and it turns out nearly anybody could have penetrated the company's network.

The network reportedly had no protective DMZ, no regular patch schedule, and common local admin passwords on all servers and the hosts had internet-facing services. The hacker was code named "Apt Alf" after a popular Australian TV character. The three-month period when they were unaware of the breach was dubbed "Alf's Mystery Happy Fun Time".

The F-35 Lightning, the Joint Strike Fighter.

The company, which had only one IT person, was subcontracted four levels down from defence contracts.

The Australian Cyber Security Centre's 2017 threat report has released information about this attack which took place in November 2016, when it was first identified that a breach had taken place.

The data that was stolen in the hack contained information that is protected under the International Traffic in Arms Regulations (ITAR) and included details on the F-35 Lightning II fighter, P-8 Poseidon maritime patrol aircraft, C-130 transport aircraft, Joint Direct Attack Munition (JDAM) smart bomb kit and information on some Australian naval vessels.

Showers move out with some sun returning late Columbus Day
Showers will persist in the area through this evening before sliding south and east overnight. For outdoor interests and events on Columbus Day, I would plan on bringing the rain gear.

Another document was a wireframe diagram of one of the Australian navy's new ships, where a viewer could "zoom in down to the captain's chair".

Stephen Burke, founder and CEO at Cyber Risk Aware, commenting on the news, said: "Yet again another example of "IT Admin" not carrying out IT Security best practices but more importantly other large firms not carrying out adequate third-party risk assessments".

'There's no way this one IT person could have done everything perfectly across the whole domain, ' said Mr Clarke.

A Royal Australian Air Force C130-J Hercules pilot.

"While the Australian company is a national security-linked contractor and the information disclosed was commercially sensitive, it was unclassified", a spokesperson for the ACSC told The Australian.

Mr Pyne said Australia has experienced an increase in cyberattacks at a time when it is carrying out a $39bn (€25.7bn) submarine project. The government agency is responsible for foreign signals intelligence collection, and also houses the country's Australian Cyber Security Center.

Comment has been sought from Mr Tehan and the Defence department.

Other News

Trending Now

Trump's Columbus Day proclamation makes no mention of Native Americans
Over 50 municipalities and four states - Minnesota , Vermont , Alaska and South Dakota - use the day to honor indigenous people. One option is adding statues, said Alfred Brophy, a law professor at the University of Alabama who studies historical memory.

Nadal demolishes Kyrgios to win China Open
Kyrgios was angered by a line call in the first set and his complaints eventually cost him a penalty point at the start of the eighth game.

NAFTA: Donald Trump refuses to commit to trade pact
Chamber of Commerce has warned against so-called "poison pill" proposals by the U.S., including the sunset clause. Asked during his appearance with Trudeau whether NAFTA was dead, Trump said, "We'll see what happens".

Supreme Court dismisses Trump's travel ban after it expired
There are already lawsuits in both circuits against the new executive order, but the fight is largely over, and Trump has won. The court's action suggests it also will dismiss the second case and step away from the controversy, at least for now.

Republicans to Trump and Corker: Please just stop
The Tennessee senator had asked the journalist to record their conversation and said that his staff was recording as well. The feud is odd because Corker was briefly considered as a vice president running mate during the 2016 campaign.

Colin Kaepernick Refutes Report That He'd Stand for Anthem in NFL Return
Donald Trump has attacked the players and called on the National Football League to fire them. A spokesperson for CBS sports referred CNNMoney to those tweets.

10th hurricane of 2017 season forms in Atlantic
Ophelia continues to spin in the open Atlantic Ocean, posing no threat to the United States or any other part of North America. Tropical Storm Ophelia looked like a hurricane but wasn't one quite yet, the National Hurricane Center said Wednesday morning.

Labor union files complaint against Cowboys owner for national anthem policy
Jerry Jones said telling Cowboys players to stand for the national anthem or not play is nothing new. The team and the National Football League declined comment on the filing.

11 people injured as vehicle hits pedestrians near London's Natural History Museum
No one is believed to have life-threatening or life-changing injuries, and the majority were discharged by late Saturday. The location was cordoned off Saturday by heavily armed police , the video published on social media shows.

Man Saves Missing Teen. Then, Another 'Act of Kindness'
Block was finally able to make a run for it after 29 days in captivity when her kidnappers "went to the store to get some food". He is said to have told her that he needed help with a family emergency. "He risked a lot of things and put himself in danger".