Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Australia Says ‘State Actor’ Hacked Parties, Parliament

Australia on Monday said a “sophisticated state actor” had hacked the country’s main political parties and parliament, just weeks before a closely fought election.

Australia on Monday said a “sophisticated state actor” had hacked the country’s main political parties and parliament, just weeks before a closely fought election.

Prime Minister Scott Morrison told lawmakers that investigators looking into a hack of parliament computer systems revealed two weeks ago “also became aware that the networks of some political parties” had been breached.

“Our cyber experts believe that a sophisticated state actor is responsible for this malicious activity,” he said.

Australian security agencies said they did not know who was behind the attack or their motives.

It is not yet clear what, if any, material was stolen during the hacks, how long the perpetrators went undetected, or whether it could make some political figures vulnerable to blackmail.

Earlier this month, Australia reported a “security incident on the parliamentary computing network”.

That forced users — including the prime minister and the cabinet — to change passwords and take other security measures.

Experts warn that attribution is time-consuming and difficult.

“I think it’s definitely too early to say,” said Fergus Hanson, a cybersecurity expert at the Australian Strategic Policy Institute.

He added, however, that there were only “one or two actors” capable of carrying out such an attack.

Hanson said he would put China “at the top” of the list of possible suspects, but “wouldn’t rule out” Russia’s involvement.

Chinese foreign ministry spokesman Geng Shuang said such speculation about Beijing was “irresponsible” and an attempt to “smear” the country.

“When investigating network breaches, there should be sufficient evidence, unreasonable guesses can’t be made,” Geng said at a regular press briefing in Beijing.

Geng urged media to “stop using so-called cyber leaks and hacking attacks to discredit China and stop compromising China’s interests and China’s bilateral relations with the countries concerned”.

Beijing and Canberra have sparred over access to natural resources, maritime claims and the use of Chinese state-backed technology companies.

Relations have recently been frayed over Canberra’s decision to ban Huawei from the country’s 5G network amid national security concerns and the expulsion of Huang Xian, a Chinese billionaire who doled out millions in Australian political donations.

– High-value target –

Australians are expected to go to the polls mid-May, raising fears that hackers could be trying to influence the outcome of the vote, or change the tenor of the debate.

Both Russia and China have used cyber operations in a bid to influence democratic votes.

Beijing’s spies are accused of targeting Taiwanese officials before the election there last year.

Dozens of Russians have been indicted for trying to tilt the 2016 US presidential election, and alleged Russian involvement in Britain’s referendum on leaving the European Union in the same year has been well documented. Moscow has denied the accusations.

As part of the Five Eyes intelligence network — which also includes Britain, Canada, New Zealand and the United States — Australia is a particularly rich target for foreign interests.

“Our political institutions represent high-value targets. But we have resilient systems in place to detect compromises and remediate them,” said Alastair MacGibbon, head of the Australian Cyber Security Centre.

Five Eyes membership also gives Australia access to a host of signals and human intelligence to back up any suspicions of state hacking.

MacGibbon said the hackers were sophisticated enough to get into the network, but “not sophisticated enough to remain undetected”.

His organisation has already briefed electoral commissions across the country and could be deployed to provide technical support to those affected.

He said it was unclear whether the attackers gained access to sensitive data or emails.

“We don’t know. These are very early days,” he said. “We genuinely do not know.”

Morrison insisted, however, “there is no evidence of any electoral interference”.

“We have put in place a number of measures to ensure the integrity of our electoral system.”

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

A newly identified threat actor tracked as NewsPenguin has been targeting military organizations in Pakistan with sophisticated malware.