Hacker codenamed 'Alf' from Home and Away stole data from defence subcontractor

Share

The breached Department of Defence contractor is an aerospace engineering firm with 50 employees.

"From those visitors overseas to Australia, Alf is Alf Stewart from an horrific Australia soap opera called Home & Away".

"Alf" used a tool named China Chopper, popular with Chinese hackers, but the group responsible could be a criminal group or state-sponsored, said Mr Clarke.

Clarke indicated that the attack was "nation state espionage".

Some of the sensitive data was linked to the International Traffic in Arms Regulations, a U.S. regulatory regime, The Sydney Morning Herald reported.

The hack included information on the F-35 Joint Strike Fighter, C130 Hercules aircraft and the P-8 Poseidon surveillance aircraft. One document was a wireframe diagram of "one of the navy's new ships".

"We see this all the time".

The Australian Defence Department appears to be in a scramble after Clarke's presentation.

Fifa bans Pakistan from worldwide football
FIFA has suspended the Pakistan Football Federation (PFF) with immediate effect as a result of "undue third-party interference". The row between the two organisations has plunged Pakistani football into chaos and ended up in the legal courts.

Clarke gave a presentation at the Australian Information Security Association (AISA), revealing ASD was alerted to the hack of the defence contractor by a "partner organisation".

"While presenting at a conference in Sydney, an ASD official (who works for the ACSC) disclosed information about the theft of data from an Australian company", the statement said.

The federal minister for cybersecurity Dan Tehan revealed the breach earlier this week through the release of the Australian Cyber Security Centre's 2017 Threat Report, but provided no detail specifically about the Alf incident.

The P-8 Poseidon maritime patrol aircraft, the C-130 transport aircraft and the Joint Direct Attack Munition (JDAM) smart bomb kit were also among the sensitive data stolen from a small Australian defence contractor in 2016, ZDNet reports. "It could be a state actor, a non-state actor", Mr Pyne told ABC radio on Thursday.

"Fortunately the data that has been taken is commercial data, not military data", he said.

"It's not classified information".

Pyne said that while the government's public line is they know little about the alleged attacker - whom the ASD has dubbed APT Alf - they may have developed an understanding of who was behind the breach.

The company had used default logins and passwords such as "admin" and "guest" and had only one person working on IT.

Share