Parties' networks compromised by suspected state actor

The computer networks of both major political parties have all been compromised by a sophisticated cyber attack believed to have been orchestrated by a foreign state actor.

An investigation by the Australian Cyber Security Centre (ACSC) into the malicious intrusion into the Australian Parliament House network has revealed that the networks of the Labor, Liberal and National parties were also affected, Prime Minister Scott Morrison announced in parliament yesterday.

Investigations into the Parliament House attack — which was first disclosed earlier this month — are ongoing.

Morrison said there is still no evidence of any electoral interference, and Australia’s security agencies are acting to secure the compromised systems and protect users. The government has also put in place a number of measures designed to ensure the integrity of Australia’s electoral system.

“I have instructed the Australian Cyber Security Centre to be ready to provide any political party or electoral body in Australia with immediate support, including making their technical experts available,” he said.

“They have already briefed the Electoral Commissions and those responsible for cybersecurity for all states and territories. They have also worked with global antivirus companies to ensure Australia’s friends and allies have the capacity to detect this malicious activity.”

While Morrison did not name the foreign actor involved in the attack, China and Russia are widely believed to be the most likely culprits. China has already been blamed for previous cyber attacks on Australian Government systems.

Investigations have yet to determine what, if any, data was accessed during the attack and the possible motive.

But while the government has been quick to characterise the attack as sophisticated, Joseph Carson, Chief Security Scientist & Advisory CISO of privileged account management solutions provider Thycotic, said the assertion of nation state involvement raises more questions than answers.

“Most nation state cyber attacks are typically stealthier than this one, which was a very noisy cyber attack using techniques such as phishing to target politicians’ email accounts. A nation state’s primary goal is to not be detected and this one did not appear to have that priority,” he said.

“This was clearly not a sophisticated cyber attack as suggested, unless we are going to learn that the recent cyber attacks lead to another one being uncovered, lurking within the networks, which would be a more likely scenario. We typically find, when investigating a cyber attack, that when you are focused on gathering evidence you might find more than one cyber attacker on your network when you are really looking at it in more detail.”

Image credit: ©stock.adobe.com/au/r-o-x-o-r

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.