Australia government cyber attack came from foreign intelligence service: report

SYDNEY (Reuters) - A malware attack against Australia’s Bureau of Meteorology which might have spread into other government networks originated from a foreign intelligence service, an official report by the country’s cyber defense agency said on Wednesday.

A padlock is displayed at the Alert Logic booth during the 2016 Black Hat cyber-security conference in Las Vegas, Nevada, U.S. August 3, 2016. REUTERS/David Becker

The Australian Cyber Security Centre’s (ACSC) first public report did not say which foreign power authorized the December 2015 attack but it will add credibility to warnings from independent cyber security experts who have blamed countries like China and Russia for malicious online attacks.

When the national government revealed the attack took place last year, it did not specify the suspected source. Local media said at the time that internal security sources blamed China, charges the Chinese foreign ministry dismissed.

In the report, the ACSC said it “attributed the primary compromise to a foreign intelligence service”, and noted that “security controls in place were insufficient to protect the network from more common threats associated with cybercrime”.

The center “identified the presence of particular Remote Access Tool malware popular with state-sponsored cyber adversaries, amongst other malware associated with cybercrime”, the report said, adding that the same malware had been used to compromise other unspecified government networks.

In the 18 months to June 30, the ACSC responded to 1,095 cyber security incidents on Australian government systems which were deemed “serious enough to warrant operational responses” the report said.

In a telephone interview, the prime minister’s cyber security adviser, Alastair MacGibbon, declined to name the country behind the attack but said “we’ve been very open in saying that it was a foreign government, and a foreign intelligence service, at that”.

The report did not name a motive for the attack. MacGibbon said he was unaware of a motive but added that “there’s been a suggestion that it was moving laterally among other networks”.

China is Australia’s top trading partner, with two-way trade of about A$150 billion ($114 billion) in 2013. The countries began a free trade agreement in December last year, the same month of the Bureau of Meteorology attack.

In June, U.S. officials blamed Chinese hackers for compromising the records of up to four million current and former government employees.

China called the U.S. comments irresponsible, while President Barack Obama vowed that the United States would aggressively bolster its cyber defenses.

Reporting by Byron Kaye; Editing by Michael Perry