Australia Now a Cyberattack Hotbed With Defence Department the Latest Target

Australia Now a Cyberattack Hotbed With Defence Department the Latest Target

By Victoria Kelly-Clark and Daniel Y. Teng

The Australian Defence Force has become the latest target in a spate of ongoing cyberattacks against major organisations in the country, with the Defence Department’s internal communication platform, Forcenet, targeted in the ransomware attack.

The platform is used for communication between serving defence members, Australian public service personnel and their families and contains data from 2018.

A spokesperson from the department of defence told The Epoch Times in an email that the hack affected a 2018 ForceNet dataset containing personal information of current and former Australian Defence Force Members and Australian Public Servants may have been part of a ransomware attack on an external ICT service provider.

“Defence is taking this matter very seriously and is working with the provider to determine the extent of the attack,” the spokesperson said.

Matt Keogh, the minister for defence personnel, said there was no evidence personnel information had been taken.

“We haven’t seen any evidence of that information being made available to anyone as a result of that attack, but we just want to make sure that all Defence staff and personnel remain vigilant, and we’re working with that external contractor now to make sure we get the best picture of what has occurred,” he said in a press conference on Oct. 31

Keogh also stressed that defence systems were not affected or attacked.  

“But it is always important, as it is for all Australians, to ensure that people remain vigilant about protecting their personal data,’ he said.

“We have seen these sorts of cyber activities with a number of organisations across Australia now, that people remain particularly vigilant around these issues, and we’re connecting Defence personnel with an external provider to support them as well if they need assistance in protecting their ID documents or their personal information.”

Assistant Minister for Defence Matt Thistlethwaite also said the Defence Department suggested all users of the Forcenet consider changing passwords and moving to two-factor authentication.

The attack occurred in early October.

News of the incident comes after several cyber incidents which targeted major public companies like Medibank, Australia’s larger health insurer, Optus, the second largest telecommunications company, and EnergyAustralia, one of the three largest energy companies.

Other companies targeted include Vinomofo, Woolworths’ MyDeal, and Medlab.

Cyber Minister Criticised for Slow Response

The federal Cybersecurity Minister Clare O’Neil has faced scrutiny over the government’s response to the attacks with Shadow Minister for Cyber Security James Paterson questioning the time it’s taken the minister to respond to the first incident involving Medibank.

“Ms. O’Neil should explain why she accepted the company’s initial denial; this was serious, delaying government engagement by a week,” Paterson said in a statement.

“In a cyber attack, time is of the essence. Early engagement by the government allows the facts to be established, data theft to potentially be disrupted, and gives customers time to take any necessary steps to mitigate the consequences of the breach.”

Statement on Medibank attack: https://t.co/UQwvAcUT7H pic.twitter.com/6mYQbsXmjl

— James Paterson (@SenPaterson) October 24, 2022

He also called on the federal government to release a timeline of the actions they have taken.

“Medibank victims have every right to know what steps the Albanese government took and when,” Paterson said.

To Counteract Cyberattacks, Labor Ups Regulation

The government has responded to the increasing cyberattacks by introducing an amendment to the Privacy Bill on Oct. 26.

The amendment will significantly increase penalties to organisations for serious or repeated privacy breaches, a move the Labor government hopes can compel businesses to do more on cybersecurity.

It will also strengthen the Notifiable Data Breaches scheme to ensure the Information Commissioner has knowledge of an incident and the data compromised.

“These amendments are targeted and measured,” Attorney General Richard Dreyfuss said. “They respond to the most pressing issues arising from the Optus data breach and other recent cyber incidents.”

Yet business expert, Rob Nicholls, of the University of New South Wales has previously warned against simply increasing red tape for businesses, saying a part of the problem is the amount of data companies are required to obtain under law.

“The real problem with keeping it is that it creates what’s called in cyber-attacks, a honeypot. The value of the data in a breach is higher because it has more items which actually identify the people involved,” he previously told The Epoch Times.

He said companies were required to obtain identity documents under the Know Your Customer guidelines that includes birth certificates, driver’s licenses, or passport numbers.