Sunday, 19 August 2018
Latest news
Main » Australia jet and navy data stolen in 'extensive' hack

Australia jet and navy data stolen in 'extensive' hack

12 October 2017

Commercially sensitive information on Australia's A$14 billion Joint Strike Fighter programme, its next fleet of spy planes and several of its naval warships have been stolen by hackers who breached a Australia Department of Defence contractor.

A mystery hacker has stolen information about Australia's warplanes from a defence subcontractor.

Australian authorities criticised the defence contractor for "sloppy admin" and it turns out nearly anybody could have penetrated the company's network.

"While awareness of cyber-crime is certainly on the rise, so too is the threat that it poses, with the report claiming 47,000 cyber incidents took place in the past 12 months alone".

The investigation by Australian Signals Directorate (ASD) found the company had not changed its default passwords on its internet facing services.

ASD is not ruling out a foreign state power as being behind the hack.

Australian cyber security officials dubbed the mystery hacker "Alf", after a character on TV soap Home and Away.

ASD officials began repairing the system in December.

Clarke also said ASD's incident response team was "getting busier and busier as time goes on and we have less and less people so it's getting hard for us and we're seeing I guess a really large workload".

The F-35 Lightning, the Joint Strike Fighter.

Mr Pyne said he had been assured the theft was not a risk to national security.

"It included information on the (F-35) Joint Strike Fighter, C130 (Hercules aircraft), the P-8 Poseidon (surveillance aircraft), joint direct attack munition (JDAM smart bomb kits) and a few naval vessels". One document was a wireframe diagram of "one of the navy's new ships".

Mr Clarke described the security breach as "sloppy admin".

'There's no way this one IT person could have done everything perfectly across the whole domain, ' said Mr Clarke.

A spokesman for the Australian Cyber Security Centre (ACSC), a government agency, said the government would not release further details about the cyber attack.

But Defence Industry Minister Christopher Pyne insists the data obtained from an Adelaide defence contractor was only commercially sensitive, not "classified" military information.

"I don't think you can try and sheet blame for a small enterprise having lax cyber security back to the Federal Government", he told RN Breakfast.