Thursday, 12 October 2017
On 01:23 by admin No comments
Hackers stole sensitive and restricted technical data about F-35
stealth fighter and P-8 surveillance aircraft programmes in Australia
when a defence subcontractor’s network was breached. Officials said on Thursday that the tool used to gain access was widely used by Chinese cybercriminals.
Acc. to report, that some of the information stolen was restricted under the
International Traffic in Arms Regulations (ITAR), “the US system
designed to control the export of defence- and military-related
technologies.”
Investigators are calling this hacker “Alf” after a character on Australian soap “Home and Away” that’s quite popular in the country. The time period between July and November when the contractor was unaware of the hack is being called “Alf’s Mystery Happy Fun Time.” The tool used by hackers is being dubbed “China Chopper,” which the security experts say has been widely used by Chinese attackers. The attacker(s) also gained access to some parts of the networks thanks to the military subcontractor’s use of default login credentials like “admin” and “guest” as passwords.
While the tools may have been widely used by Chinese, attribution isn’t usually that easy. “It could be one of a number of different actors,” Christopher Pyne, the defence industry minister, said. “It could be a state actor, a non-state actor.”
The latest disclosure comes just a day after Dan Tehan, the minister for cybersecurity, revealed that the country is facing a growth in cyberattacks, saying that cybersecurity needs to be relevant for “mums and dads” and communities.
The targeted contractor had a number of defence contracts but just one IT staff member on its team. Mitchell Clarke, an incident response manager who worked on the case, warned that the Australian government needs to “find a way to start to be a little bit more granular in our contracting to mandate what type of security controls are required” by the contractors.
Joint Strike Fighter plans stolen in a cyberattack in Australia
The breach happened in July 2016 but the Australian Signals Directorate (ASD) was only alerted by an unnamed “partner organization” in November that an attacker had gained access to the network of a 50-person aerospace engineering firm, a contractor of the Department of Defence. The data stolen included classified information on the F-35 Joint Strike Fighter, the P-8 Poseidon maritime patrol aircraft, the C-130 transport aircraft, the Joint Direct Attack Munition (JDAM) smart bomb kit, and a few Australian naval vessels.Investigators are calling this hacker “Alf” after a character on Australian soap “Home and Away” that’s quite popular in the country. The time period between July and November when the contractor was unaware of the hack is being called “Alf’s Mystery Happy Fun Time.” The tool used by hackers is being dubbed “China Chopper,” which the security experts say has been widely used by Chinese attackers. The attacker(s) also gained access to some parts of the networks thanks to the military subcontractor’s use of default login credentials like “admin” and “guest” as passwords.
While the tools may have been widely used by Chinese, attribution isn’t usually that easy. “It could be one of a number of different actors,” Christopher Pyne, the defence industry minister, said. “It could be a state actor, a non-state actor.”
The latest disclosure comes just a day after Dan Tehan, the minister for cybersecurity, revealed that the country is facing a growth in cyberattacks, saying that cybersecurity needs to be relevant for “mums and dads” and communities.
The targeted contractor had a number of defence contracts but just one IT staff member on its team. Mitchell Clarke, an incident response manager who worked on the case, warned that the Australian government needs to “find a way to start to be a little bit more granular in our contracting to mandate what type of security controls are required” by the contractors.
Subscribe to:
Post Comments (Atom)
Search
Featured post
27 good hacker documentary
In the eyes of most people, a group of hackers usually extremely boring nothing interesting people, and that if only the computer code in ...

0 comments:
Post a comment