Cyber attacks breach Australian government networks

12:48 pm on 29 August 2016

Computer hackers based in China are suspected over sensitive Australian government and corporate computer network breaches over the past five years.

A hand enters account details on a laptop (file)

Photo: TEK IMAGE / SCIENCE PHOTO LIBRARY / ABO / Science Photo Library

Several Australian networks carrying military communications have had significant cyber infiltrations in recent years.

Austrade, the Australian government's trade commission for exporters, and the Defence Department's elite research division now named the Defence Science Technology Group both suffered significant cyber infiltrations in the past five years by hackers allegedly based in China.

Also attacked was the now-failed Australian satellite-building company Newsat, which was working with the US electronic spying division, the National Security Agency (NSA).

A former executive at the satellite company said it was one of the worst cases of malicious network infiltration Australian intelligence officials had ever seen.

Former Newsat staff said it was the company's confidential designs for next-generation satellites that made it a target for foreign spies.

The Newsat breach three years ago was so comprehensive its entire network had to be rebuilt in secret.

Newsat's former IT manager Daryl Peter said the real target for the cyber infiltration was its plans for a Lockheed Martin-designed satellite dubbed Jabiru-1.

Mr Peter was first told about the hack of the company in 2013 at a top-level meeting with the Australian Signals Directorate (ASD) - an intelligence agency in the Australian Government Department of Defence.

The issue had come to a head because of Newsat's advanced plans to employ a restricted encryption tool for use with the new satellite designed by the NSA.

"They actually said to us that we were the worst," Mr Peter said.

"What came out of that meeting was we had a serious breach on our network and it wasn't just for a small period of time, they'd been inside our network for a long period, so maybe about two years. And the way it was described to us was they are so deep inside out network it's like we had someone sitting over our shoulder for anything we did."

A spokesman for the Chinese Embassy in Canberra denied China had conducted any cyber espionage against Australian interests, calling such allegations "totally groundless" and "false cliches".

"Like other countries, China suffers from serious cyber attacks and is one of the major victims of hacking attacks in the world," he said.

Australian Prime Minister Malcolm Turnbull's cyber security adviser, Alastair MacGibbon, said the Australian government was "attacked on a daily basis".

"We don't talk about all the breaches that occur," he said.

The revelation of those hacks followed official confirmation this year of a hack on Australia's Bureau of Meteorology.

That attack was also attributed to China.

Government and industry sources said the true targets for the cyber attack may have been defence assets linked to the BoM, but the attack failed to reach them.

One was the Australian Geospatial-Intelligence Organisation, an intelligence agency within the Department of Defence which provides highly-detailed mapping information for military and espionage purposes.

The other was the Jindalee Operational Radar Network (JORN), a high-tech over-the-horizon radar run by the Royal Australian Air Force, which provides 24-hour military surveillance of the northern and western approaches to Australia.

It is used for civilian weather forecasting as well as defensive purposes.

Get the RNZ app

for ad-free news and current affairs