Subscribe

Hacking Down Under —

With elections weeks away, someone “sophisticated” hacked Australia’s politicians

Hacks come on heels of attack on Parliament House network earlier in February.

-

Just over a week after the announcement of a cyber-attack on Australia's Parliament House, the government now says three Australian political parties weer also attacked by a "sophisticated state actor."
Enlarge / Just over a week after the announcement of a cyber-attack on Australia's Parliament House, the government now says three Australian political parties weer also attacked by a "sophisticated state actor."
Getty Images

With elections just three months away, Australian Prime Minister Scott Morrison announced on February 18 that the networks of the three major national political parties had been breached by what Australian security officials described as a "sophisticated state actor."

The Sydney Morning Herald reports that while the attack bears hallmarks of tools and techniques used by China-sponsored hacking groups in the past, security officials were concerned that the attackers may have used such approaches as part of a "false-flag" attack—like what is believed to have occurred in the case of the "Olympic Destroyer" attack on last year's Winter Olympics in South Korea.

Further Reading

Pyeongchang Winter Olympics opening disrupted by malware attack

Morrison said that the Australian government had made moves to "ensure the integrity of our electoral system," including instructing the Australian Cyber Security Centre "to be ready to provide any political party or electoral body in Australia with immediate support, including making their technical experts available." Electoral commissions and state and territory security agencies have been briefed on the attacks, and the Cyber Security Centre has also passed along malware samples and other information to "global anti-virus companies," the Prime Minister noted.

The attacks apparently were in tandem with an attack on the network of Australia's Parliament House in Canberra, announced February 8. Parliament leaders House Speaker Tony Smith and Senate President Scott Ryan issued a joint statement at that time, saying that there was no evidence of data theft in the attack. But Alastair MacGibbon, head of the Australian Cyber Security Centre, indicated that the attack on Parliament's network had established a foothold—and that the government would continue to follow up on the breach. The party network breaches were discovered in the process of that investigation.

In 2011, an intrusion of the Australian Parliament's network attributed to China was detected after the attackers had been on the network for as long as a year. In that attack, several thousand emails belonging to members of Parliament and their staff and advisors were stolen.

Sean Gallagher Sean was previously Ars Technica's IT and National Security Editor, and is now a Principal Threat Researcher at SophosLabs. A former Navy officer, systems administrator, and network systems integrator with 20 years of IT journalism experience, he lives and works in Baltimore, Maryland.

Channel Ars Technica

Related Stories

    Today on Ars