The Mole in the Wires: Australia's cyber hack


The data that was stolen in the hack contained information that is protected under the International Traffic in Arms Regulations (ITAR) and included details on the F-35 Lightning II fighter, P-8 Poseidon maritime patrol aircraft, C-130 transport aircraft, Joint Direct Attack Munition (JDAM) smart bomb kit and information on some Australian naval vessels.

According to the report, the company is a small, 50-person strong contractor with links to security projects. "It's just a thing we do", Clarke told the audience, BuzzFeed reports.

"They were reaching the chief engineers emails, they were reading the finance person's emails, and they were reading a contracting person's emails", he said.

Australian cyber-security officials have revealed that "commercially sensitive" data about the country's new fighter jets, navy vessels and surveillance aircraft programs have been stolen from an Australian defense contractor in what they described as an "extensive and extreme" hacking attack. Clarke said someone looking at the diagram could, "zoom in down to the captain's chair and see that it's, you know, 1 metre away from nav chair".

Even without this exploit, the company still had used the default username and passwords for many of its logins.

Apt Alf's access to the files were made easy because the defence contractor had used login IDs and passwords that were basic and it had a common local administrator account password on all servers, says the report.

That attack stole classified information about a top-secret weapons system, and US Deputy Defence Secretary William Lynn at the time blamed a foreign intelligence agency for the attack.

Comment has been sought from Mr Tehan and the Defence department. The incident, Pyne concluded, was a "salutary reminder" about cyber security.

"While the Australian company is a national security-linked contractor and the information disclosed was commercially sensitive, it was unclassified".

Australian cyber security officials have apparently dubbed the mystery hacker as "Alf", named after a character on the Aussie TV soap Home and Away.

"It could be one of a number of different actors", Christopher Pyne, the defence industry minister, said.

"Su Bin admitted to playing an important role in a conspiracy, originating in China, to illegally access sensitive military data, including data relating to military aircraft that are indispensable in keeping our military personnel safe", John P. Carlin, then the US assistant attorney general for national security, said at the time.

"It could have been a state actor, it could have been cyber criminals, and that's why it was taken so seriously".