Hacker codenamed 'Alf' from Home and Away stole data from defence subcontractor

The data stolen in a 2016 breach included technical information on the multi-billion dollar F-35A Joint Strike Fighter program smart bombs and naval vessels

The breach occurred in July 2016 and the Australian Signals Directorate found out about it from "a partner organisation", in November that year.

A hacker group codenamed "Alf" after the Home and Away character has broken into a defence contractor and stolen sensitive data on military projects.

In addition to the F-35A program, the attacker obtained restricted technical data on the P-8 Poseidon spy aircraft, the C-130 transport plane, the Joint Direct Attack Munition smart bomb and a number of Australian naval vessels.

Clarke said the information hacked on the new navy ships included a diagram in which you could zoom in down to the captain's chair and see that it was one metre away from the navigation chair.

A manager at the Australian Signals Directorate - the government's main national security cyber spies - told a conference in Sydney on Wednesday that the hackers stole 30 gigabytes of data including on the defence projects.

Clarke described the hack as "a very good exfil [exfiltration] for the actor".

A spokesperson for the Australian Cyber Security Centre, for which Clarke works, said the data was commercially sensitive but was not classified.

The 50-person aerospace engineering firm subcontracts to the Defence Department and had one person managing its IT functions. Dan Tehan, the Minister Assisting the Prime Minister for Cyber Security, had on Tuesday highlighted the case as a significant breach, though he did not provide details.

Clarke said the attackers used a tool called China Chopper, which is said to be widely used by Chinese malicious attackers.

Mr Clarke said the hack was "extensive and extreme" and took advantage of "sloppy" security at the contractor.

The company had used default logins and passwords such as "admin" and "guest" and had only one person working on IT. The company rang both the ASD and CERT hotlines but both organisations said they were not aware that their representatives were approaching the company.



Otras noticias