Foreign spies hacked Australian agency, report says
Sydney (AFP) – Foreign spies installed malicious software on an Australian government agency’s computer system, stealing an unknown number of documents, an official report revealed Wednesday, stopping short of naming the country involved.
The security breach on the Bureau of Meteorology’s system, which has connections to the defence department, was detected in 2015 and initial media reports linked it to China.
China has previously been accused of hacking websites run by the US government and by private firms. In 2013 Chinese hackers were accused of stealing the top-secret blueprints of Australia’s new intelligence agency headquarters.
The government’s Australian Cyber Security Centre report released Wednesday attributed “the primary compromise to a foreign intelligence service” but did not name any country as responsible.
“We don’t narrow it down to specific countries, and we do that deliberately,” said Dan Tehan, who assists Prime Minister Malcolm Turnbull on cyber security.
“But what we have indicated is that cyber espionage is alive and well,” he told the Australian Broadcasting Corporation.
The report said the national cyber security agency, Australian Signals Directorate (ASD), had identified the presence of Remote Access Tool (RAT) malware “popular with state-sponsored cyber adversaries” and other malware associated with cyber crime on the weather bureau’s system in 2015.
“The RAT had also been used to compromise other Australian government networks,” it said.
“ASD identified evidence of the adversary searching for and copying an unknown quantity of documents from the Bureau’s network. This information is likely to have been stolen by the adversary.”
The report also said while the threat of a cyber attack against Australia’s government, infrastructure and industry had grown in recent years, the risk from terrorist groups was low for now.
“Apart from demonstrating a savvy understanding of social media and exploiting the internet for propaganda purposes, terrorist cyber capabilities generally remain rudimentary and show few signs of improving significantly in the near future,” it said.