Defence data hack puts cyber security in the spotlight

The data stolen in a 2016 breach included technical information on the multi-billion dollar F-35A Joint Strike Fighter program smart bombs and naval vessels

The controversial Joint Strike Fighter program has been dogged by years of delays and cost blow outs, with up to $17 billion spent to acquire 72 F-35A aircraft by 2023.

Mr Pyne said the stolen information was not classified and a major defence company had alerted the contractor and government to the breach.

ASD when they investigated the hack found a China Chopper remote shell, a backdoor commonly used by Chinese hackers, and Clarke said that ASD found that the Alf hacker had been attempting to use this exploit on a number of Australian IT companies.

"South Australia is well placed to benefit from the Government's unprecedented $200 billion Defence investment". It could be a state actor, it could be a non-state actor.

The subcontractor was reportedly a "small Australian company with contracting links to national security projects", and the hacker had been present in its systems from July 2016.

The federal minister for cybersecurity Dan Tehan revealed the breach earlier this week through the release of the Australian Cyber Security Centre's 2017 Threat Report, but provided no detail specifically about the Alf incident.

Speaking to the Australian Broadcasting Corp, the country's Defense Industry Minister Christopher Pyne said, "It could be a state actor, a non-state actor".

Investigator Mitchell Clarke, an incident response manager for the ASD, worked on the investigation and states that one of the stolen pieces of data was a wireframe diagram of "one of the navy's new ships".

"It is a very important reminder to small and medium enterprises as well as the large contractors that they will not get work in defence industry if their cyber security is not up to standard", he said.

Clarke added that hackers breached the company's IT helpdesk portal, which had default credentials - including the username/password combinations "admin/admin" and "guest/guest". The unnamed organization notified the ASD that it was hacked in November of 2016, and that outside parties gained access to its network.

"This isn't uncommon", Clarke told the audience, ZDNet reported.

Clarke told a Sydney security conference that the government contractor's software had not been updated for 12 months. The three-month period when they were unaware of the breach was dubbed "Alf's Mystery Happy Fun Time".

The reference is not to the title of the American sitcom, short for "alien life form", that launched in the mid-1980s, but rather for a domestic television obsession.

A mystery hacker codenamed after a larrikin Australian soap opera character has been revealed as stealing sensitive, high-level information about a $1.1 trillion defence project created by an alliance including Australia, the U.S, United Kingdom and Canada. "It's just a thing we do", he said.

Related news: