News Hub

China suspected in cyber attack on Australian political parties

Written by Mon 18 Feb 2019

The IT systems of the Australian government have been targeted by a “sophisticated” state-sponsored cyber attack, the Australian Prime Minister Scott Morrison revealed

The networks of all three of Australia’s major political parties – the Liberals, Labor and Nationals – were hit in an attack that forced the password reset of all users of the Australian Parliament House network and their staff.

On Monday morning, Morrison said that while the attacker’s motives were unclear there is no evidence of electoral interference, adding that all authorities responsible for cybersecurity have been contacted.

“The Australian government will continue to take a proactive and coordinated approach to protecting Australia’s sovereignty, our economy, and our national security,” Morrison said. “Our political system and our democracy remains strong, vibrant and is protected.”

Scant information about the attack has been revealed and concerns are mounting that the vast and sensitive information on Australian voters in the government’s possession might have been compromised. Australian political parties do not have to comply with the Australian Privacy Act and disclose when citizens’ data is breached.

‘Sophisticated state actor’

Suspicion is mounting that China was behind the attack, that intelligence officials said was the most sophisticated Australia has faced in years.

Australian Financial Review claims its security sources told them the techniques and signatures used by the attackers had not been seen before by either Australian investigators, the Five Eyes intelligence sharing members or other western spy agencies.

Whoever was responsible placed malware in the parties’ servers using new software and went to great lengths to disguise their activities, the sources told Australian Financial Review, qualifying that “all fingers point to China”.

Hackers began attempting to break into the parties’ servers in mid-November but their efforts accelerated in recent days.

Last week it was revealed Chinese state hacking group APT10 was behind a Cloudhopper cyberattack against Norwegian cloud software provider Visma. No client data was reported affected.

Written by Mon 18 Feb 2019


Australia China cyber attack
Send us a correction Send us a news tip