The 50-person aerospace engineering firm was compromised in July last year but the national cyber security agency, the Australian Signals Directorate (ASD), only became aware of the breach in November, technology website ZDNet Australia reported.
Some 30GB of “sensitive data” subjected to restricted access under the US government’s International Traffic in Arms Regulations rules were stolen, ASD’s Mitchell Clarke told a security conference Wednesday according to ZDNet.
Clarke, who worked on the case and did not name the subcontractor, said information about the F-35, the US’ latest generation of fighter jets, as well as the P8, an advanced submarine hunter and surveillance craft, were lifted.
Another document was a wireframe diagram of one of the Australian navy’s new ships, where a viewer could “zoom in down to the captain’s chair”.
The hackers used a tool called “China Chopper” which according to security experts is widely used by Chinese actors, and had gained access via an internet-facing server, he said.
In other parts of the network, the subcontractor also used internet-facing services that still had their default passwords “admin” and “guest”.
Those brought in to assess the attack nicknamed the hacker Alf after a character on the popular Australian soap “Home and Away”, Clarke said. The three month period where they were unaware of the breach they dubbed “Alf’s Mystery Happy Fun Time”.
Defence Industry Minister Christopher Pyne told reporters in Adelaide “the information they have breached is commercial”.
“It is not classified and it is not dangerous in terms of the military,” he said.
Pyne added that Australia was increasingly a target for cyber criminals as it was undertaking a massive Aus$50 billion (US$39 billion) submarine project which he described as the world’s largest.
The nation has also committed to buy 72 F-35A aircraft for Aus$17 billion.
He would not comment who might be behind the breach, only stating that the government was spending billions of dollars on cyber security.
Western governments have long accused hackers in China of plundering industrial, corporate and military secrets.
The revelations came just days after Assistant Minister for Cyber Security Dan Tehan said there were 47,000 cyber incidents in the last 12 months, a 15 percent jump from the previous year.
A key worry was 734 attacks that hit private sector national interest and critical infrastructure providers during the period, Tehan said.
Last year, the government’s Cyber Security Centre revealed that foreign spies installed malicious software on the Bureau of Meteorology’s system and stole an unknown number of documents. DM
Watch Pauli van Wyk’s Cat Play The Piano Here!
No, not really. But now that we have your attention, we wanted to tell you a little bit about what happened at SARS.
Tom Moyane and his cronies bequeathed South Africa with a R48-billion tax shortfall, as of February 2018. It's the only thing that grew under Moyane's tenure... the year before, the hole had been R30.7-billion. And to fund those shortfalls, you know who has to cough up? You - the South African taxpayer.
It was the sterling work of a team of investigative journalists, Scorpio’s Pauli van Wyk and Marianne Thamm along with our great friends at amaBhungane, that caused the SARS capturers to be finally flushed out of the system. Moyane, Makwakwa… the lot of them... gone.
But our job is not yet done. We need more readers to become Maverick Insiders, the friends who will help ensure that many more investigations will come. Contributions go directly towards growing our editorial team and ensuring that Daily Maverick and Scorpio have a sustainable future. We can’t rely on advertising and don't want to restrict access to only those who can afford a paywall subscription. Membership is about more than just contributing financially – it is about how we Defend Truth, together.
So, if you feel so inclined, and would like a way to support the cause, please join our community of Maverick Insiders.... you could view it as the opposite of a sin tax. And if you are already Maverick Insider, tell your mother, call a friend, whisper to your loved one, shout at your boss, write to a stranger, announce it on your social network. The battle for the future of South Africa is on, and you can be part of it.
A lightning bolt is 5 times hotter than the sun's surface.