Australian F-35 fighter jets & navy data stolen in massive hacking operation

Australian F-35 fighter jets & navy data stolen in massive hacking operation

A hacker group codenamed "Alf" after the Home and Away character has broken into a defence contractor and stolen sensitive data on military projects.

Australian Signals Directorate incident response manager Mitchell Clarke revealed to a conference on Wednesday an aerospace engineering company with about 50 employees was compromised past year. The identity of the hacker is still unknown.

"It could have been a state actor, it could have been cyber criminals, and that's why it was taken so seriously".

"Today, while presenting at a conference in Sydney, an ASD official (who works for the ACSC) disclosed information about the theft of data from an Australian company", the spokesperson said.

While talking to the Australian Broadcasting Corp, Mr. Pyne said that he had been assured the stolen information was not a risk to national security.

The hack was discovered by a major Defence contractor.

According to Mitchell Clarke, an ASD incident response manager, the stolen documents for a Navy ship could let a viewer, "zoom in down to the captain's chair and see that it's, you know, one metre away from nav chair".

Hackers initially gained access by exploiting a 12-month-old vulnerability in the company's IT helpdesk portal but they could have just walked in the front door.

More news: Chinese women detained at South Korean airport after plastic surgery
More news: Spanish PM rejects any mediation to resolve Catalonia crisis
More news: Texas Tech student accused of killing campus police officer

"Once again, the latest cyber-attack on the Australian defence programme highlights fundamental flaws in current security models". This is not rocket science but does require resources.

"The Government does not intend to discuss further the details of this cyber incident".

Australian Strategic Policy Institute head of cyber policy Fergus Hanson said Canberra had to be demanding on companies entrusted with secret data like defence contractors.

"Su Bin admitted to playing an important role in a conspiracy, originating in China, to illegally access sensitive military data, including data relating to military aircraft that are indispensable in keeping our military personnel safe", John P. Carlin, then the US assistant attorney general for national security, said at the time.

However, he added that the incident was a "salutary reminder" about cyber security. "Breach detection times are not reducing and with it taking between 120 and 150 days to be identify a threat, organisations need a way to limit the damage in the meantime".

That attack stole classified information about a top-secret weapons system, and US Deputy Defence Secretary William Lynn at the time blamed a foreign intelligence agency for the attack.

But he said the small business's IT infrastructure was now secure.