[BreachExchange] Perth airport security plans stolen by Vietnamese hacker

Audrey McNeil audrey at riskbasedsecurity.com
Mon Dec 11 19:24:30 EST 2017


http://www.computerweekly.com/news/450431587/Perth-airport-
security-plans-stolen-by-Vietnamese-hacker

A Vietnamese hacker stole a “significant amount” of sensitive security
information about Perth International Airport, including building plans,
Australian authorities have revealed.

However, Alastair MacGibbon, the cyber security advisor to Australian prime
minister Malcolm Turnbull, said radar systems and systems involving
aircraft operations and passengers were not affected.

The news comes just over a month after Heathrow Airport began a “very
urgent” internal investigation after an unprotected USB stick containing
2.5GB of security information was found on a street in West London. The
device contained security information such as maps, videos and documents,
including details of measures used to protect the Queen and the route she
takes when she uses the airport.

The Perth Airport hacker has been identified as 31-year-old Duc Hoang Hai,
who used the credentials of a third-party contractor to access the
airport’s systems in March 2016, The West Australian reports.

MacGibbon said the breach underlined the need for big companies to demand
contractors use strong security with two-factor identification procedures.

Perth Airport reported the hack to the Australian Cyber Security Centre and
the Australian Federal Police, who contacted the police in Vietnam after
the hack had been traced to the country.

Vietnamese authorities arrested Hai after carrying out an investigation. He
was convicted in a Vietnamese military court in the first week of December
2017 and sentenced to four years in jail.

Australian authorities said there was no indication Hai was working with a
larger group and no suggestion he had on-sold the material he stole from
Perth Airport.

MacGibbon said the case showed how the Australian police and government
have developed strong links with Vietnam. “This is a sign of the type of
work we are going to be doing a lot more of in the future,” he said.

Hai has a history of targeting critical infrastructure, having compromised
the websites of Vietnamese telecommunications firms, banks and a military
newspaper, but Perth Airport is believed to be his only target in Australia.

Based on evidence gathered by the Australian Federal Police, Perth Airport
CEO Kevin Brown said in a statement to Nine.com.au that Hai’s motive for
hack was credit card theft, but added that no personal data of members of
the public, such as details of credit card numbers, had been accessed.

Brown said the airport has completed a full risk assessment of the data
stolen and concluded there was no threat or risk to the travelling public.

“At no time was the safety or security of the airport, its staff,
passengers or partners compromised,” he said, but added that Perth Airport
has since invested $2m [AUD] in additional security measures.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20171211/d0536f5d/attachment.html>


More information about the BreachExchange mailing list