With elections just three months away, Australian Prime Minister Scott Morrison announced on February 18 that the networks of the three major national political parties had been breached by what Australian security officials described as a “sophisticated state actor.”
The Sydney Morning Herald reports that while the attack bears hallmarks of tools and techniques used by China-sponsored hacking groups in the past, security officials were concerned that the attackers may have used such approaches as part of a “false-flag” attack—like what is believed to have occurred in the case of the “Olympic Destroyer” attack on last year’s Winter Olympics in South Korea.
Morrison said that the Australian government had made moves to “ensure the integrity of our electoral system,” including instructing the Australian Cyber Security Centre “to be ready to provide any political party or electoral body in Australia with immediate support, including making their technical experts available.” Electoral commissions and state and territory security agencies have been briefed on the attacks, and the Cyber Security Centre has also passed along malware samples and other information to “global anti-virus companies,” the Prime Minister noted.
The attacks apparently were in tandem with an attack on the network of Australia’s Parliament House in Canberra, announced February 8. Parliament leaders House Speaker Tony Smith and Senate President Scott Ryan issued a joint statement at that time, saying that there was no evidence of data theft in the attack. But Alastair MacGibbon, head of the Australian Cyber Security Centre, indicated that the attack on Parliament’s network had established a foothold—and that the government would continue to follow up on the breach. The party network breaches were discovered in the process of that investigation.
In 2011, an intrusion of the Australian Parliament’s network attributed to China was detected after the attackers had been on the network for as long as a year. In that attack, several thousand emails belonging to members of Parliament and their staff and advisors were stolen.