[BreachExchange] ‘Sophisticated state actor’ hacks Australia’s political parties months before election

Destry Winant destry at riskbasedsecurity.com
Wed Feb 20 09:24:31 EST 2019


https://www.theverge.com/2019/2/18/18229206/australia-election-hack-political-parties-sophisticated-state-actor

Australia’s three largest political parties have been hit by a
cyberattack from a “sophisticated state actor,” the country’s prime
minister Scott Morrison announced to Parliament this morning. As
reported by The Guardian, hackers are believed to have accessed the
networks of the Labor, Liberal, and Nationals parties, though it’s not
clear if any data was taken.

The news comes just three months before Australian parliamentary
elections are due to take place, and there are similarities with hacks
that were conducted against political parties in the US in 2016 and
France in 2017 prior to national elections in both countries. However,
while a single party was targeted in both of these cases, as many as
three Australian parties have been hit from across the political
spectrum.

The hack, which was discovered by the Australian Cyber Security Centre
(ACSC) while it was investigating a previous attempted breach of
Parliament, is not currently believed to involve electoral
interference.

In his statement to Parliament, Morrison said that “[Australia’s]
political system and our democracy remains strong, vibrant, and is
protected.” He said that the government was determined to defend its
democratic system and that the ACSC has been instructed to offer
cybersecurity assistance to both political parties and electoral
bodies.

The head of the ACSC, Alastair MacGibbon, said he was unable to
confirm whether any data had been stolen as part of the hack. However,
when contacted for comment by The Guardian, the leader of the Labor
Party, Bill Shorten, said that political parties were currently in the
process of collecting “large amounts of information about voters and
communities” ahead of the upcoming election.

Although Morrison declined to confirm who was behind the attacks, The
Sydney Morning Herald is reporting that the attacks carry the digital
fingerprints of Chinese agents. However, this doesn’t confirm that the
country is responsible since another organization could have
deliberately left such evidence behind as a diversion. The publication
adds that just four states — China, Russia, Israel, and the United
States — have the capability to perform such an attack.


More information about the BreachExchange mailing list