We’ve had another busy month, with cyber issues continuing to gain more traction in the news. From an attack on a major Australian shipbuilder to the PM calling out Russia for its involvement in international attacks, the information security of Australia seems to be riding to the forefront of the national conversation.
Shipbuilding Company Austal Suffers an Attack
Austal announced to the Australian Stock Exchange that it has suffered an attack that led to the theft of ship drawings as well as employee mobile phone numbers and email addresses. The news actually broke on the first of November, but the company probably discovered the attack at an earlier date, so we’ll bend the rules and include it in this month’s round up.
In the company’s statement, it claims that the attacker–whose identity is still unknown at this stage–attempted to use the information to extort money, and even “purported to offer certain materials for sale on the internet”.
Austal claims that nothing classified was involved in the breach, nor will it’s operations in the U.S. or Australia be affected. The staff members who had their data stolen have also been informed.
Due to the company’s work in defence and other major projects, a number of agencies have become involved in the investigation. These include the Australian Federal Police, the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and the Department of Defence.
The Prime Minister also chimed in, telling SBS reporters, “I think it’s a reminder of why it has been so important to continue to invest so strongly in Australia’s cyber security.”
“It’s a constant reminder of the need for vigilance,” he added.
If you’re worried about your organisation’s security, or just want to embrace the PM’s caution, contact the team at Gridware for advice on the best ways to secure your business.
PM Scott Morrison Seems to Be Taking Infosec Seriously
In addition to calling for vigilance over the Austal attack, Scott Morrison has released a joint statement with the UK’s Foreign Affairs Minister, Marise Payne, denouncing Russian hacking activities.
According to ZDNet, the statement blamed the GRU, a Russia Intelligence agency, for attacks against a UK TV station in 2015, a data breach involving the World Anti-Doping Agency, hacking the US Democratic National Committee in 2016 and releasing 2017’s BadRabbit ransomware.
“Cyberspace is not the Wild West,” the statement said. “The International Community–including Russia–has agreed that international law and norms of responsible state behaviour apply in cyberspace.
“By embarking on a pattern of malicious cyber behaviour, Russia has shown a total disregard for the agreements it helped to negotiate.”
New Electoral Systems Will Be Rolled Out to Protect Australia’s Democracy
In some positive news, the Australian Electoral Commission (AEC) seems to be starting to take cyber threats seriously. According to itnews, the AEC will be embarking on an Election Systems Modernisation program, which will occur in two overlapping stages, one from 2019 to 2020, and another from 2022 to 2025.
The AEC has indicated that the upgrade was prompted by increasing international attacks that may threaten our electoral systems. The upgrade will cover a range of aspects, including cyber security, resilience, the electoral roll, vote counting, candidate management and voter management systems.