Monday, 18 December 2017
Latest news
Main » Hackers steal Joint Strike Fighter plans during cyber attack

Hackers steal Joint Strike Fighter plans during cyber attack

12 October 2017

A mystery hacker codenamed after a larrikin Australian soap opera character has been revealed as stealing sensitive, high-level information about a $1.1 trillion defence project created by an alliance including Australia, the U.S, United Kingdom and Canada.

It included information about Australia's new A$17bn (£10bn; $13bn) F-35 Joint Strike Fighter programme, C130 transport plane and P-8 Poseidon surveillance aircraft, as well as "a few" naval vessels, he said.

The federal minister for cybersecurity Dan Tehan revealed the breach earlier this week through the release of the Australian Cyber Security Centre's 2017 Threat Report, but provided no detail specifically about the Alf incident.

"Fortunately the data that has been taken is commercial data, not military data.it's not classified information", Defence Industry Minister Christopher Pyne told Australian Broadcasting Corporation (ABC) Radio.

The company, which had only one IT person, was subcontracted four levels down from defence contracts.

More news: Virginia governor candidates face off in final debate

"The compromise was extensive and extreme", Mr Clarke told the Australian Information Security Association national conference in audio obtained by a freelance journalist called Stilgherrian.

Clarke also didn't rule out that a foreign government was behind the incident.

"We found one document [that] was like a Y-diagram of one of the Navy's new ships and you could zoom in down the captain's chair and see that it's one metre away from the nav [navigation] chair and that sort of thing".

The Poseidon is a spy plane which Australia has bought.

"Alf" used a tool named China Chopper, popular with Chinese hackers, but the group responsible could be a criminal group or state-sponsored, said Mr Clarke.

More news: GIC IPO subscribed 0.75 times

Australian authorities criticised the defence contractor for "sloppy admin" and it turns out nearly anybody could have penetrated the company's network.

"I don't know who did it".

The username and password combination used to access the company's system was the default "admin" and "guest".

At a cyber security conference in Sydney yesterday Australian Signals Directorate incident manager Mitchell Clarke said that ASD was tipped off in November 2016 that a hacker had infiltrated the network of an engineering sub-contractor for the Defence Department. The company rang both the ASD and CERT hotlines but both organisations said they were not aware that their representatives were approaching the company.

Clarke said the incident response team was "getting busier and busier as time goes on and we have less and less people so it's getting hard for us and we're seeing I guess a really large workload".

More news: Taiwan monopoly regulator fines Qualcomm more than $770M

Hackers steal Joint Strike Fighter plans during cyber attack