Jet fighter, warship data stolen in major defence hack

A hacker group codenamed "Alf" after the Home and Away character has broken into a defence contractor and stolen sensitive data on military projects.

Australian Signals Directorate incident response manager Mitchell Clarke told a conference in Sydney on Wednesday the hackers targeted a small "mum and dad type business" - an aerospace engineering company with about 50 employees in July past year.

"It included information on the (F-35) Joint Strike Fighter, C130 (Hercules aircraft), the P-8 Poseidon (surveillance aircraft), joint direct attack munition (JDAM smart bomb kits) and a few naval vessels". The ASD appears to have a sense of humor about the breach, dubbing the three months when the hacker had unfettered and unknown access to the network "Alf's Mystery Happy Fun Time".

ASD has dubbed the hacker in the case "APT ALF", which sadly isn't named after the cat-eating Alien from '80s U.S. TV, but after a character in an Australian soap called "Home and Away".

Clarke indicated that the attack was "nation state espionage". Some of the files related to the US International Traffic in Arms Regulations (ITAR), which control the transfer of military-use technology and verify defense exports.

The ASD official noted that they "found one document [that] was like a Y-diagram of one of the Navy's new ships and you could zoom in down the captain's chair and see that it's one meter away from the nav [navigation] chair and that sort of thing". Clarke said that this would have made it easier for the hacker to access all the sensitive data on the firm's servers, because the firm used common username and passwords on every machine in the firm, and once it had the initial passwords, that was all it needed.

That attack stole classified information about a top-secret weapons system, and US Deputy Defence Secretary William Lynn at the time blamed a foreign intelligence agency for the attack.

Comment has been sought from Mr Tehan and the Defence department.

About 30 gigabytes of data was stolen in the cyber attack, including details of the Joint Strike Fighter warplane and P-8 Poseidon surveillance plane, according to a presentation on the hack by a government official.

Defence Industry Minister Christopher Pyne told reporters in Adelaide "the information they have breached is commercial".

"It's not classified information".

"I don't know who did it".

"It could have been a state actor, it could have been cyber criminals, and that's why it was taken so seriously". "It could somebody working for another company".

Vanessa Coleman

Comments