Australia’s major political parties have been targeted by a “sophisticated state actor”, according to Scott Morrison, as part of a breach of the Parliament House computer network.
The head of the Australian Cyber Security Centre, Alastair MacGibbon, says agencies were unsure what material had been taken in the incident because the rapid remediation efforts had removed some of the forensic evidence.
The prime minister confirmed the state-sponsored intrusion in a statement to parliament on Monday, but said there was no evidence of electoral interference and measures had been put in place to “ensure the integrity of our electoral system”.
Morrison said he had instructed the Australian Cyber Security Centre “to be ready to provide any political party or electoral body in Australia with immediate support, including making their technical experts available”.
He said the federal and state electoral commissions and cybersecurity agencies in the states had been briefed and the cybersecurity centre in Canberra had also worked with global anti-virus companies “so the world can detect this malicious activity”.
MacGibbon told reporters he was not able to answer whether data had been taken because agencies were “acting extraordinarily quickly and very openly, so we are piecing together all of the events”.
“These are very early days, and the decision was made, the right decision was made, to go public and to take overt actions to secure these systems in order to risk manage the exercise,” he said.
Responding to the statement, the Labor leader, Bill Shorten, told parliament that government institutions, such as electoral commissions, were generally well protected, “but our party political structures perhaps are more vulnerable”.
He noted that in comparable attacks overseas “it is progressive parties that are more likely to be targeted by ultra-rightwing organisations”.
Shorten said political parties were small organisations with only a few full-time staff, but they were in the business of collecting, storing and using “large amounts of information about voters and communities”.
“These institutions can be a soft target and our national approach to cybersecurity needs to pay more attention to non-government organisations,” he said. “Our agencies shouldn’t just be providing advice to political parties, but actively assisting in their defence.”
Morrison said the intrusion into the networks of political parties had been detected by agencies investigating the attack on the Parliament House network. He said security agencies had “acted decisively” to confront the incursion and were “securing these systems and protecting users”.
The prime minister did not say which country was behind the intrusion and told parliament he did not intend to go into detail about operational matters.
Morrison told parliament Australia’s democratic process “is our greatest asset” and “our most critical piece of national infrastructure”.
“Public confidence in the integrity of our democratic processes is an essential element of Australian sovereignty and governance,” he said. “While we will vigorously argue over many issues, we are all united in our commitment to democratic principles.”
Shorten said Labor had confidence and “trust” in Australia’s security agencies, but he said perhaps the organisational structures needed adjusting given the scale of the threats.
“I would say that I have great trust in our security agencies and their professionalism to do all that they can to protect our nation against cyber threats, but we constantly need to be asking ourselves if our settings are right,” he said.
Shorten suggested the Australian cyber security centre should be the single point of contact to manage both crisis communication and threat management. “This centre should remain based in the defence portfolio and continue to report to the director-general of the Australian Signals Directorate”.