Australian Defence Contractor Hit By Ransomware

Some personal details of Australian military personnel may have been stolen by hackers in a ransomware attack on a private contractor, the Australian Department of Defence fears, according to a report by the Australian Broadcasting Corporation.

The attackers targeted ForceNet, a communications service operated by an external contractor, with ransomware, the Defence Department said on Monday.

ForceNet initially told the department no data of current or former personnel had been compromised, but an unnamed source told the ABC the department believed some details such as dates of birth and enlistment dates may have been taken.

String of attacks

The country’s defence secretary and defence chief told staff in an email the attack was being taken “very seriously”.

The attack is the latest high-profile cyber incident to strike Australia, following breaches at the largest Australian health insurer Medibank last week and the second-largest telecoms provider Optus a month ago.

The attack on Medibank gave hackers access to the data of at least 4 million customers, including health claims, with the Optus hack exposing data on 10 million Australians and significant data stolen from 2.8 million of those.

The attacks take place amidst a skills shortage that has left organisations without sufficient staff to fend off hackers, industry experts have said.

‘Concerned’

ForceNet held details on up to 40,000 people, according to Australian Minister for Defence Personnel Matt Keogh.

He said Australians and the government were “quite concerned” about such attacks.

The defence secretary and defence chief said in their email they were examining records from 2018 that were exposed to hackers.

“If you had a ForceNet account in 2018, we urge you to be vigilant but not alarmed,” they wrote.

Ongoing probe

“Initial discussions with the service provider indicate there is no evidence that the data of current and former APS staff and ADF personnel has been compromised.

“We are nevertheless examining the contents of the 2018 ForceNet dataset and what personal information it contains.”

Assistant Minister for Defence Matt Thistlethwaite said the Australian Defence Force was in the process of contacting personnel and suggesting they change their passwords.

But he said there was currently “no evidence” of personal data having been breached.