‘Sophisticated state actor’ blamed for Australian government hack
A major cyber attack against Australia’s ruling and opposition parties was the work of a “sophisticated state actor,” the country’s prime minister said Monday, less than three months before a national election.
The hack, first reported in a parliamentary statement on February 8, is believed to have accessed the networks of the ruling Liberal and National coalition parties as well as the opposition Labor Party, said Australian Prime Minister Scott Morrison.
“Our security agencies have detected this activity and acted decisively to confront it. They are securing the systems and protecting users,” he said.
“I do not propose to go into the details of these operational matters but our cyber experts believe that a sophisticated state actor is responsible for this malicious activity.”
Morrison said there was no evidence of electoral interference, but didn’t elaborate on when the attack had occurred or what information if any had been accessed. A national election is due by May.
The original statement from parliament had claimed there was “no evidence” of data access, but added that investigations were ongoing.
Labor Party leader Bill Shorten said on February 8 the attack on parliament should be a “wake up call.”
“What happened today in parliament is all part of a bigger picture,” Shorten told reporters.
“The internet’s fantastic, but there are people out there in the cyber world who want to do Australians, and Australian business, and Australian security, harm.”
In a statement after Monday’s announcement, cybersecurity firm FireEye said it was not surprising that parliament had been targeted by a state actor ahead of the polls.
“Significant elections nearly always draw the interest of advanced attackers. Other nation-states are interested to learn what’s happening behind the scenes, who is talking with whom, how policies are formed, and so on,” the firm’s Asia Pacific Chief Technology Officer Steve Ledzian said in the statement.
Ledzian said Australia should consider whether keeping the identity of the likely attacker out of the public domain was a sensible decision. “Disclosure alone helps raise awareness, but offers little deterrence for attackers,” he said.