Prime Minister Scott Morrison Monday said a “sophisticated state actor” was behind a cyber attack on the Australian Parliament’s computing network earlier this month and the “malicious intrusion” also hit the networks of some political parties.
Morrison’s comments follow an investigation into the hacking attempt, which was first thought to involve only the Parliament’s servers. ”During the course of this work, we also became aware that the networks of some political parties – Liberal, Labor and the Nationals – have also been affected,” he said.
Morrison said that there was “no evidence of any electoral interference”. Australia is expected to hold elections in mid-May, raising concerns that hackers could be trying to influence the outcome of the vote. ‘Our security agencies have detected this activity and acted decisively to confront it. They are securing these systems and protecting users,” he told Parliamentarians.
He said the cyber experts believed that a sophisticated state actor was responsible for the “malicious activity”. Morrison , however, did not name any country. The parliament hack on February 8 had forced MPs and staff members to reset their computer passwords as a precaution. At the time, the Australian Signals Directorate had confirmed it was working with parliament in response to the breach, a move that indicated possible involvement of sophisticated actors.
“The Australian Government will continue to take a proactive and coordinated approach to protecting Australia’s sovereignty, our economy and our national security,” Morrison said. ”Our political system and our democracy remains strong, vibrant and is protected. We stand united in the protection of our values and our sovereignty,” he said.
Australia’s chief cyber security adviser Alistair MacGibbon said it was too early to tell what information the hackers had accessed. “We know that this state actor has been interacting with those networks,” he said. “These are very early days and a decision was made, I believe rightly in terms of risk management, to go public with this issue before we knew the full extent.”
Politicians and their staff lost access to their emails as security agencies reset passwords when the breach was detected. Ministers and their offices were not affected in the suspected hack because they operate on different computer servers. MacGibbon said while the hacker’s identity remained unknown, the list of suspects was small.
“The sophistication of their methodology to operate in those systems gives us the confidence to say it is a state actor,” he said. “There are a limited number of countries but we have low confidence at being able to publicly state who we think it is.”
Opposition Leader Bill Shorten said Labor and the Coalition had a “joint obligation” to protect Australia’s democracy and national security. In the wake of the breach, cyber security experts warned an attack on a foreign parliament would be the “crown jewels” for state-sanctioned hackers.
The Australian government has faced a number of cyber-attacks in recent years, some of which have been attributed in local media to nations such as China. In 2015 and 2016, there were high-profile attacks on the government’s weather and statistics agencies. In 2011, senior Australian ministers also had their email systems breached.