Australian weather bureau hacked by foreign spies, report says

PUBLISHED : Wednesday, 12 October, 2016, 5:13pm
UPDATED : Wednesday, 12 October, 2016, 11:05pm

Foreign spies installed malicious software on an Australian government agency’s computer system, stealing an unknown number of documents, an official report revealed on Wednesday, stopping short of naming the country involved.

The security breach on the Bureau of Meteorology’s system, which has connections to the defence department, was detected in 2015 and initial media reports linked it to China.

China has previously been accused of hacking websites run by the US government and by private firms. In 2013 Chinese hackers were accused of stealing the top-secret blueprints of Australia’s new intelligence agency headquarters.

We don’t narrow it down to specific countries, and we do that deliberately
Dan Tehan

The government’s Australian Cyber Security Centre report released on Wednesday attributed “the primary compromise to a foreign intelligence service” but did not name any country as responsible.

Australia’s ‘never been hacked’ census website shut down by cyberattackers

“We don’t narrow it down to specific countries, and we do that deliberately,” said Dan Tehan, who assists Prime Minister Malcolm Turnbull on cybersecurity.

“But what we have indicated is that cyberespionage is alive and well,” he told the Australian Broadcasting Corporation.

The report said the national cyber security agency, Australian Signals Directorate (ASD), had identified the presence of Remote Access Tool (RAT) malware “popular with state-sponsored cyber adversaries” and other malware associated with cyber crime on the weather bureau’s system in 2015.

Australia launches cybersecurity campaign with budget of A$230 million

“The RAT had also been used to compromise other Australian government networks,” it said.

“ASD identified evidence of the adversary searching for and copying an unknown quantity of documents from the Bureau’s network. This information is likely to have been stolen by the adversary.”

The report also said while the threat of a cyberattack against Australia’s government, infrastructure and industry had grown in recent years, the risk from terrorist groups was low for now.

“Apart from demonstrating a savvy understanding of social media and exploiting the internet for propaganda purposes, terrorist cyber capabilities generally remain rudimentary and show few signs of improving significantly in the near future,” it said.