Secret Info On F-35, Australian Naval Vessels Stolen In Cyber Hack

A hacker group codenamed'Alf after the Home and Away character has broken into a defence contractor and stolen sensitive data on military projects

Secret Info On F-35, Australian Naval Vessels Stolen In Cyber Hack

A mystery hacker has stolen information about Australia's warplanes from a defence subcontractor.

ASD staff codenamed the hacker "Alf", after a long-running character on the television drama Home & Away, with the period between July and November referred to as "Alf's mystery happy fun time".

Mr Clarke said the hack was "extensive and extreme" and took advantage of "sloppy" security at the contractor.

The firm was subcontracted four levels down from defence contracts and had only one IT person.

In a presentation to a conference in Sydney, an official from the Australian Signals Directorate (ASD) intelligence agency said technical information on smart bombs, the Joint Strike Fighter, the Poseidon maritime patrol aircraft and several naval vessels was stolen.

The federal minister for cybersecurity Dan Tehan revealed the breach earlier this week through the release of the Australian Cyber Security Centre's 2017 Threat Report, but provided no detail specifically about the Alf incident.

Mr Tehan said it was unclear who launched the incursion, but the Government was not ruling out a foreign government. One document was a wireframe diagram of "one of the navy's new ships".

The Poseidon is a spy plane which Australia has bought.

Clarke described the hack as "a very good exfil [exfiltration] for the actor".

"It could have been a state actor, it could have been cyber criminals, and that's why it was taken so seriously".

Defence industry minister Christopher Pyne told the ABC on Thursday he does not know who the hacker is and indicated he would not tell if he knew, "It could be a state actor, a non-state actor".

Clarke said the attackers used a tool called China Chopper, which is said to be widely used by Chinese malicious attackers.

"There's no way this one IT person could have done everything perfectly across the whole domain".

The small aerospace engineering firm was also using default passwords, he said.

The hack was discovered by a major Defence contractor.

The secret information was restricted under the International Traffic in Arms Regulations (ITAR), the United States system created to regulate the export of defence and military-related technologies, according to Mitchell Clarke, an incident response manager at the ASD who worked on the case.

The breach began in July a year ago, but the Australian Signals Directorate (ASD) was not alerted until months later in November.

Latest News