F35 Fighter Data Stolen In Hack On Australian Contractor

The Australian defence industry minister has confirmed on Thursday that top secret data about the Joint Strike Fighter programme and other military hardware has been stolen.

It is reported that 30GB of data was stolen, after the network of a small Australian defence contractor was breached.

Cyber campaigns against defence contractors are nothing new. Earlier this month for example, similar firms in the US and South Korea were targetted by the FormBook malware distribution campaign.

Australian Hack

Australia’s admission of the damaging data breach in July 2016 was included as part of the 2017 Threat Report from the Australian Cyber Security Centre (ACSC).

“In November 2016, the ACSC became aware that a malicious cyber adversary had successfully compromised the network of a small Australian company with contracting links to national security projects,” the report stated.

“ACSC analysis confirmed that the adversary had sustained access to the network for an extended period of time and had stolen a significant amount of data,” it added. “The adversary remained active on the network at the time.”

“Analysis showed that the adversary gained access to the victim network by exploiting an internet-facing server, then using administrative credentials to move laterally within the network, where they were able to install multiple webshells – a script that can be uploaded to a webserver to enable remote administration of the machine – throughout the network to gain and maintain further access,” it stated.

Australian cyber security officials have apparently dubbed the mystery hacker as “Alf”, named after a character on the Aussie TV soap Home and Away.

ASD incident response manager Mitchell Clarke was quoted by ABC.net as telling a Sydney conference on Wednesday “the compromise was extensive and extreme”.

“A significant amount of data was stolen from them, and most of the data was defence related,” he told the Australian Information Security Association.

It is understood that among the 30GB of data stolen was information about Australia’s £10bn Joint Strike Fighter program, and the P-8 Poseidon maritime patrol aircraft.

Also stolen was information about the Collins Class submarines and Australia’s largest warships HMAS Canberra and HMAS Adelaide.

Australia is in the process of buying 72 Joint Strike Fighter planes from US defence contractor Lockheed Martin Corp.

These aircraft also used by the United States and United Kingdom, and will be used on Britain’s forthcoming aircraft carriers for example when they enter active service in a few years time.

Cyber Attacks

Cyber attacks against defence contractors are all too common. In 2011 for example, a major Japanese defence contractor was hacked.

But US contractors have also been hit including Lockheed Martin, L-3 Communications and Northrop Grumman.

That attack stole classified information about a top-secret weapons system, and US Deputy Defence Secretary William Lynn at the time blamed a foreign intelligence agency for the attack.

Do you know all about security in 2017? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

2 days ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

3 days ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

3 days ago

Foldable Shipments Slow In China Amidst Global Growth Pains

Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…

3 days ago

Google Proposes Remedies After Antitrust Defeat

Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal

3 days ago

Sega Considers Starting Own Game Subscription Service

Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…

3 days ago