The hackers obtained “full and unfettered access” to the data for four months last year, before the Australian Signals Directorate was known about the breach in November.
Christopher Pyne, the defense enterprise minister, has revealed he has no idea who the hackers were but has emphasized the stolen information was commercially sensible rather than “classified” military information.
“It could be one of a many of different Hackers,” Pyne told the ABC on Thursday. “It could be a state Hacker, a non-state Hacker.”
Mitchell Clarke, the Australian Signals Directorate conflict response manager, told the audience in Sydney on Wednesday the hackers had targeted a small “mum and dad type business”, an aerospace manufacturing company with about 50 employees, in July last year.
He said the firm was subcontracted four levels down from defense contracts.
“The bargaining was extensive and extreme,” he told the Australian Information Security Association national conference in audio received by a freelance journalist called Stilgherrian.
“It included data on the F-35 joint strike fighter, C130 Hercules aircraft, the P-8 Poseidon surveillance aircraft, joint direct charge munition JDAM smart bomb kits and a few naval vessels.”
He said the data hacked on the new navy ships involved a diagram in which you could zoom in down to the captain’s chair and see that it was one meter apart from the navigation chair.
Clarke explained the security breach as “sloppy admin”. The organization targeted was a small aerospace manufacturing firm with dozens of employees. It had a number of defense contracts, but only one IT staff member.
The organization heard the hackers could have been state-sponsored or a criminal group. The hackers had used a tool called China Chopper, favored by Chinese hackers.
The Australian Signals Directorate dubbed the hacker “Alf”, after a role in TV soap opera Home and Away.
Alastair MacGibbon, the special adviser to the prime minister on cybersecurity, also emphasized the stolen information was only commercially sensitive.
Latest posts by Harikrishna Mekala (see all)
- Over 30,000 Dahua DVR Passwords Exposed In Search Engine - July 17, 2018
- Two Russian Twitter accounts Suspended Over Political Fake News Allegations - July 16, 2018
- Tech Support Scammers Now Targeting Dell Computer Owners - July 16, 2018