Highly confidential data on Australia’s new fighter jet, surveillance aircraft and navy vessels have been stolen after a defense subcontractor was hacked last year, the national cyber security agency revealed according to media reports on Thursday.
About 30 gigabytes of restricted technical information on the F-35 joint strike stealth fighter, the P-8 Poseidon submarine hunters, the C-130 transport aircraft, the joint direct attack munition (JDAM) smart bomb kit and "a few Australian naval vessels" were among the sensitive data stolen, the reports said.
A screenshot of a tweet from freelance journalist Stilgherrian, who first reported the defense hack on technology website ZDNet Australia.
The 50-person aerospace engineering firm was compromised in July last year but the national cyber security agency, the Australian Signals Directorate (ASD), only became aware of the breach in November, said technology website ZDNet Australia, which was the first to report the hack.
Australian cyber security officials dubbed the mystery hacker "Alf", after a character on the show "Home and Away." “The ASD referred to the period – between July and November 2016 – as "Alf’s Mystery Happy Fun Time", reported The Australian newspaper.
ASD employee Mitchell Clarke provided details of the hack to the defense department at a security conference in Sydney on Wednesday.
"That… archive contained about 30 gigabytes of defense and other commercially sensitive data. A lot of the data was ITAR, ITAR is the US International Traffic in Arms Regulations," Clarke was quoted as saying by The Australian, which cited an audio provided by freelance journalist Stilgherrian who first reported the hack on ZDNet Australia.
A photo of the slide from the presentation by Australian Cyber Security Centre that sums up the lessons learned from the hacking incident, at a conference in Sydney on October 10, 2017.
A spokesman for the Australian Cyber Security Centre denied that the information disclosed by Clarke was “top secret” or “secret”.
"While the Australian company is a national-security linked contractor and the information disclosed was commercially sensitive, it was unclassified. The government does not intend to discuss further the details of this cyber incident," he said.
Australian Minister of Defense and Industry Christopher Pyne reiterated that "the information they have breached is commercial." "It is not classified and it is not dangerous in terms of the military," he said.
Questions about the identity of the hacker, who has been given the codename "Alf", has drawn varied responses from Australian officials.
Australian Minister of Defense and Industry Christopher Pyne.
The minister of defense and industry said he wasn’t sure who might be behind the breach. "It could be one of a number of different actors," Pyne told the Australian Broadcasting Corp on Thursday. "It could be a state actor, [or] a non-state actor. It could be someone who was working for another company."
On the other hand, the federal minister responsible for cyber security, Dan Tehan, claimed earlier this week that a hacker "understood to be based in China" had stolen significant data from an Australian defense contractor, The Australian reported.
AFP reported that a tool called “China Chopper” was allegedly used by "Alf" in the hack, which according to security experts is widely used by Chinese hackers but also by other groups.
It is not confirmed if Tehan's statement has anything to do with the latest incident.
Pyne added that Australia was increasingly a target for international cyber criminals as it was undertaking a massive 39 billion US dollar submarine project which he described as the world's largest.
Australia has also committed to buy 72 F-35A aircrafts in a deal worth 13 billion US dollars. He asserted that the government was spending billions of dollars on cyber security.
Tehan revealed there were 47,000 cyber incidents in the last 12 months, a 15 percent jump from the previous year. A key worry was 734 attacks that hit private sector national interest and critical infrastructure providers during the period, he said.
Meanwhile, opposition leader Bill Shorten said the government led by Prime Minister Malcolm Turnbull should be demanding answers, rather than “making excuses” over the hacking incident, The Australian reported.
Australia's opposition leader Bill Shorten.
"I think Australians reasonably expect sensitive defence information to be protected,” Shorten said.
“Clearly it hasn’t been in this case. I think that if the government needs more resources to protect material, we should expend those resources,” he added, stressing that the government should be taking the matter more seriously.
Asked whether there needed to be tighter rules for subcontractors, Shorten said the whole chain of command needed to be tightened up.
"This shouldn’t happen. To be honest I’m a bit lost for words that you’ve got the government sort of just airily dismissing the hacking of defence information,” he said, adding, "the very fact that people who shouldn’t have had access to this information got access should ring alarm bells in the government, but they don’t appear to have woken up to this being a problem."
"If we got lucky this time, and it was only sensitive information, not even more significant information, we need to make sure there is no next time, the government needs to wake up to itself, start taking its responsibility seriously and start protecting sensitive defence information,” Shorten said.