Australian defence and government networks breached by suspected Chinese state-sponsored hackers
An Australian satellite company's network had to be secretly rebuilt after it was comprehensively penetrated.
Australia's defence research division, the Defence Science Technology Group and Austrade, the Australian trade commission and others are believed to have been targeted by China-based hackers. Both Austrade and Australian defence networks are also believed to have sustained significant cyber penetrations over the past five years.
According to a report by ABC, unnamed intelligence sources believe the cyberattacks to be the work of Chinese state-sponsored hackers. Additionally, the now defunct Newsat Ltd, an Australian satellite company's network, had to be secretly rebuilt after it was comprehensively penetrated by hackers in 2013.
"Given we were up against China, state-sponsored, a lot of money behind them and a lot of resources and we were only a very small IT team, it certainly wasn't a fair fight for us," Newsat's former IT manager Daryl Peter said.
However, these attacks appear to be only the tip of the iceberg in relation to the cyberwar mounted by hackers against the Australian government and businesses. According to the Australian prime minister's cybersecurity adviser, Alastair Mac Gibbon, the government was "attacked on a daily basis", but the breaches occurred are not disclosed.
"I would say to you that people who compromise systems will usually try to find a way to move laterally through it. If that means through a third party that's what they'll try to do," he said.
Australian authorities also believe that the recent Bureau of Meteorology (BoM) hack, which was confirmed by Prime Minister Malcolm Turnbull, may have been breached by hackers with the aim of going after defence secrets. It is believed that the real targets of the cyberattacks may have been specific departments, like the Australian Geospatial-Intelligence Organisation, which functions within the department of defence and provides comprehensive mapping data for military and espionage operations, and the Jindalee Operational Radar Network (JORN), which is run by the Royal Australian Air Force and provides 24-hour military surveillance of northern and western aerial points of entry to the nation.
ABC's report indicates that the BoM cyberattack was sandboxed or contained within its network and thus was not allowed to reach the sensitive networks of these organisations.
Former CIA head Michael Hayden said China's aim to target Australia appeared to be primarily focused on "the theft of information, and really by and large the theft of information for commercial profit", activities which he said go beyond acceptable state-on-state espionage.
An unnamed former high-ranking intelligence officer indicated that the Australian defence department itself had critical cyber-security issues that are still unresolved and had "to look at itself". He also confirmed that the Defence Science Technology Organisation had been hacked successfully by China-based state-sponsored hackers around 2011 but refrained from providing further details about the incident citing national security concerns.
A spokesman for the Defence Science Technology Group said: "Defence policy is to not comment on matters of national security."
A spokesperson for the Chinese embassy in Canberra dismissed the allegations of China having conducted cyberespionage operations against Australia as "totally groundless" and "false clichés". He added: "Like other countries, China suffers from serious cyberattacks and is one of the major victims of hacking attacks in the world."
© Copyright IBTimes 2024. All rights reserved.