CyberCrimeGovernement-ITRegulationSecuritySecurity Management

F35 Fighter Data Stolen In Hack On Australian Contractor

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

30GB of data on next generation joint strike fighter jet stolen in damaging hacking operation down under

The Australian defence industry minister has confirmed on Thursday that top secret data about the Joint Strike Fighter programme and other military hardware has been stolen.

It is reported that 30GB of data was stolen, after the network of a small Australian defence contractor was breached.

Cyber campaigns against defence contractors are nothing new. Earlier this month for example, similar firms in the US and South Korea were targetted by the FormBook malware distribution campaign.

eurofighter eads military aircraft plane defence © Micha Klootwijk Shutterstock

Australian Hack

Australia’s admission of the damaging data breach in July 2016 was included as part of the 2017 Threat Report from the Australian Cyber Security Centre (ACSC).

“In November 2016, the ACSC became aware that a malicious cyber adversary had successfully compromised the network of a small Australian company with contracting links to national security projects,” the report stated.

“ACSC analysis confirmed that the adversary had sustained access to the network for an extended period of time and had stolen a significant amount of data,” it added. “The adversary remained active on the network at the time.”

“Analysis showed that the adversary gained access to the victim network by exploiting an internet-facing server, then using administrative credentials to move laterally within the network, where they were able to install multiple webshells – a script that can be uploaded to a webserver to enable remote administration of the machine – throughout the network to gain and maintain further access,” it stated.

Australian cyber security officials have apparently dubbed the mystery hacker as “Alf”, named after a character on the Aussie TV soap Home and Away.

ASD incident response manager Mitchell Clarke was quoted by ABC.net as telling a Sydney conference on Wednesday “the compromise was extensive and extreme”.

“A significant amount of data was stolen from them, and most of the data was defence related,” he told the Australian Information Security Association.

It is understood that among the 30GB of data stolen was information about Australia’s £10bn Joint Strike Fighter program, and the P-8 Poseidon maritime patrol aircraft.

Also stolen was information about the Collins Class submarines and Australia’s largest warships HMAS Canberra and HMAS Adelaide.

Australia is in the process of buying 72 Joint Strike Fighter planes from US defence contractor Lockheed Martin Corp.

These aircraft also used by the United States and United Kingdom, and will be used on Britain’s forthcoming aircraft carriers for example when they enter active service in a few years time.

Cyber Attacks

Cyber attacks against defence contractors are all too common. In 2011 for example, a major Japanese defence contractor was hacked.

But US contractors have also been hit including Lockheed Martin, L-3 Communications and Northrop Grumman.

That attack stole classified information about a top-secret weapons system, and US Deputy Defence Secretary William Lynn at the time blamed a foreign intelligence agency for the attack.

Do you know all about security in 2017? Try our quiz!