Secret files on Jets and Navy ships were stolen from an Australian defence contractor.
The hackers had full access for the information for four months in 2016 before the Australian Signals Directorate was tipped about the breach last November.
Mitchl Clark, the Australian Signals Directorate incident response manager, told a conference in Sydney on Wednesday that the hackers targeted a small aerospace engineering “mom and dad type business” of about 50 employees last year.
“He said that the firm was subcontracted four levels down from defence contracts”, reported the Guardian.
— Security News (@SecurityNews_io) October 12, 2017
“The compromise was extensive and extreme,” he told the Australian Information Security Association national conference in audio obtained by a freelance journalist called Stilgherrian.
“It included information on the [F-35] joint strike fighter, C130 [Hercules aircraft], the P-8 Poseidon [surveillance aircraft], joint direct attack munition [JDAM smart bomb kits] and a few naval vessels.”
Clarke described the security breach as “sloppy admin”. The organisation targeted was a small aerospace engineering firm with dozens of employees. It had a number of defence contracts, but only one IT staff member.
The conference heard the hackers could have been state-sponsored, or a criminal group. The hackers had used a tool called China Chopper, favoured by Chinese hackers.
Alastair MacGibbon, the special adviser to the prime minister on cybersecurity, also stressed that the stolen secret files were only commercially sensitive.
“Unfortunately, there are a range of ways that the attacker could have got in, including default passwords on certain key parts of the IT infrastructure of the target company,” he told the ABC on Thursday.
According to the Guardian, Alastair wouldn’t says if the Australian government had requirements for contractors to change their passwords from default values.
“They weren’t directly contracted to the department,” he said. “It is an important distinction. My understanding is that they were actually working for a larger defence contractor.
“This is a supply chain issue. It is a third-party supply chain issue. This is something I’ve been speaking about for several years and it is important”.
The news are not as big as the NSA embarrassing hack and the impact seems to be less negative than the NSA’s!