This article is from the source 'guardian' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at https://www.theguardian.com/australia-news/2017/oct/12/secret-files-on-jets-and-navy-ships-stolen-in-extensive-and-extreme-hack

The article has changed 6 times. There is an RSS feed of changes available.

Version 1 Version 2
Secret files on jets and navy ships stolen in 'extensive and extreme' hack Secret files on jets and navy ships stolen in 'extensive and extreme' hack
(35 minutes later)
Secret information about new fighter jets, navy vessels and surveillance aircraft has been stolen from an Australian defence contractor.Secret information about new fighter jets, navy vessels and surveillance aircraft has been stolen from an Australian defence contractor.
Dan Tehan, the minister in charge of cybersecurity, on Tuesday confirmed the hacking of an unnamed contractor but did not reveal specific details. The hackers had “full and unfettered access” to the information for four months last year, before the Australian Signals Directorate was tipped about the breach in November.
Australian Signals Directorate incident response manager Mitchell Clarke told a conference in Sydney on Wednesday the hackers targeted a small “mum and dad type business”, an aerospace engineering company with about 50 employees, in July last year. He said the firm was subcontracted four levels down from defence contracts. Christopher Pyne, the defence industry minister, has admitted he has no idea who the hackers were, but has stressed the stolen information was commercially sensitive - not “classified” military information.
“The compromise was extensive and extreme,” Clarke told the Australian Information Security Association national conference in audio obtained by a freelance journalist called Stilgherrian. “It included information on the [F-35] joint strike fighter, C130 [Hercules aircraft], the P-8 Poseidon [surveillance aircraft], joint direct attack munition [JDAM smart bomb kits] and a few naval vessels.” “It could be one of a number of different actors,” Pyne told the ABC on Thursday. “It could be a state actor, a non-state actor”.
Clarke said the information hacked on the new navy ships included a diagram in which you could zoom in down to the captain’s chair and see that it was one metre away from the navigation chair. Mitchell Clarke, the Australian Signals Directorate incident response manager, told a conference in Sydney on Wednesday the hackers had targeted a small “mum and dad type business”, an aerospace engineering company with about 50 employees, in July last year.
Clarke described the security breach as “sloppy admin”. He said the organisation only had one IT person. He said the firm was subcontracted four levels down from defence contracts.
“The compromise was extensive and extreme,” he told the Australian Information Security Association national conference in audio obtained by a freelance journalist called Stilgherrian.
“It included information on the [F-35] joint strike fighter, C130 [Hercules aircraft], the P-8 Poseidon [surveillance aircraft], joint direct attack munition [JDAM smart bomb kits] and a few naval vessels.”
He said the information hacked on the new navy ships included a diagram in which you could zoom in down to the captain’s chair and see that it was one metre away from the navigation chair.
Clarke described the security breach as “sloppy admin”. The organisation targeted was a small aerospace engineering firm with dozens of employees. It had a number of defence contracts, but only one IT staff member.
The conference heard the hackers could have been state-sponsored, or a criminal group. The hackers had used a tool called China Chopper, favoured by Chinese hackers.
The Australian Signals Directorate dubbed the hacker “Alf”, after a character in TV soap opera Home and Away.The Australian Signals Directorate dubbed the hacker “Alf”, after a character in TV soap opera Home and Away.
An Australian Cyber Security Centre spokesperson said the information released by the ASD staffer, who works for the centre, was commercially sensitive but unclassified. Alastair MacGibbon, the special adviser to the prime minister on cyber security, also stressed the stolen information was only commercially sensitive.
“While the Australian company is a national security linked contractor and the information disclosed was commercially sensitive, it was unclassified,” they said in a statement on Wednesday evening. “The government does not intend to discuss further the details of this cyber incident.” “Unfortunately, there are a range of ways that the attacker could have got in, including default passwords on certain key parts of the IT infrastructure of the target company,” he told the ABC on Thursday.
On Thursday Christopher Pyne, the defence industry minister, said the data was commercially sensitive not “classified” military information. He would not say if the government had formal requirements for contractors that passwords are not set to default.
“I don’t know who did it it could be one of a number of different actors. It could be a state actor, a non-state actor,” he told ABC radio. “They weren’t directly contracted to the department,” he said. “It is an important distinction. My understanding is that they were actually working for a larger defence contractor.
“This is a supply chain issue. It is a third-party supply chain issue. This is something I’ve been speaking about for several years and it is important”.