Hacker named after Home and Away character steals top secret defence data

The three months during which the hackers operated undetected has been dubbed'Alf's Mystery Happy Fun Time  by the ASD

The three months during which the hackers operated undetected has been dubbed'Alf's Mystery Happy Fun Time by the ASD

The data extracted included details about new fighter planes and navy vessels.

"While the Australian company is a national security-linked contractor and the information disclosed was commercially sensitive, it was unclassified".

The breach occurred in July 2016 and the Australian Signals Directorate found out about it from "a partner organisation", in November that year.

At the moment, QinetiQ Australia has 350 specialist staff located across Australia who use their know-how to deliver value solutions to Australian defence and government organisations across air, land, sea and information domains as well as the rail and mining industries.

When asked about the incident on ABC RN Breakfast this morning, defence industry minister Christopher Pyne stressed that it was not military secrets stolen.

Clarke said the "methodical, slow and deliberate", choice of target suggested a nation-state actor could be behind the attack, according to Reuters.

The ASD codenamed the hacker "Alf", a character played by Ray Meagher on Home and Away, Mr Clarke told the Australian Information Security Association conference.

The Australian defence ministry is trying to downplay the 2016 hacking of a contractor that exposed data about Australia's Joint Strike Fighter programme.

Mr Clarke said the hack was "extensive and extreme" and took advantage of "sloppy" security at the contractor. The attacker had apparently gained and continued to have access for an extended period of time and the report says that the hacker "remained active on the network at the time". When BuzzFeed News sought a copy of the presentation directly from the department, a spokesperson for the Australian Cyber Security Centre provided a long response stating the data was not classified, without directly responding to the request.

According to Mitchell Clarke, the hacked company was rather small and was subcontracted four levels down from the defense contracts.

"I don't think you can try and sheet blame for a small enterprise having lax cyber security back to the Federal Government", he told RN Breakfast.

The admin password, to enter the company's web portal, was "admin" and the guest password was "guest".

"Fortunately, the data that was taken was commercial data, not military data, but it is still very serious and we will get to the bottom of it". "Breach detection times are not reducing and with it taking between 120 and 150 days to be identify a threat, organisations need a way to limit the damage in the meantime".

"Security thinking needs to change; organisations need to move away from the concept of owned and unowned networks or infrastructure and consider only users, applications and secure access - and the security industry must facilitate that shift".

Another Equifax hacking possible as web page taken down