Federal MPs' computer network hacked in possible foreign government attack
Federal MPs' emails and data may have been compromised by a cyber attack on Parliament that is being described as "sophisticated", suggesting the involvement of a foreign government.
While sources said it was too early to say who was behind the attack, they said the fact that Parliament had significantly upgraded its cyber defences since an attack by Chinese intellience in 2011 suggested the latest hackers were highly skilled.
The Australian Signals Directorate, the government's key agency on cybersecurity, moved swifty in recent days to lock down and protect the nextwork, it is understood. The agency's Director-General, Mike Burgess, was in Parliament on Friday morning, as was Alastair MacGibbon, head of the Australian Cyber Security Centre.
The top MPs who oversee Parliament confirmed that security agencies were now investigating the incident and urgent action has been taken to protect the network, including the changing of all passwords.
All MPs, including ministers, use the parliamentary network. House Speaker Tony Smith and Senate President Scott Ryan said it was too early to say who might have been behind the attack.
“The Department of Parliamentary Services and relevant agencies are working jointly to take the necessary steps to investigate the incident, while our immediate focus has been on security of the network and protecting data and users,” Mr Smith and Senator Ryan said in a joint statement.
“There is no evidence that any data has been accessed or taken at this time, however this will remain subject to ongoing investigation.”
They said they had no evidence the hack was an effort to “influence the outcome of parliamentary processes or to disrupt or influence electoral or political processes”.
China has been responsible for several previous high-profile hacks on Australian government systems.
Chinese intelligence agencies breached Parliament’s computer network in 2011 and reportedly may have been able to read the emails of MPs and their staff for up to a month. China has also previously hacked the Bureau of Meterology’s systems.
The Australian census, run by the Australian Bureau of Statistics, was damaged by a cyber attack in 2016, though the perpetrators have not been publicly identified.
And, late last year, Australia joined other major countries in condemning China's large-scale hacking of major western software services providers, which potentially gave Chinese spies access to the data of tens of thousands of companies in Australia alone.
Mr Smith and Senator Ryan said that out of an “abundance of caution”, user passwords had been reset.
“All users have been required to change their passwords. This has occurred overnight and this morning,” they said.
They said Parliament had made “substantial strides” to strengthen cyber defences in recent years. But the investigation may take some time to identify perpetrators.
“Accurate attribution of a cyber incident takes time and investigations are being undertaken in conjunction with relevant security agencies.”