The Australian government believes that an unnamed state actor penetrated the networks of the Liberal, National and Labor parties, Prime Minister Scott Morrison said today.
The Department of Parliamentary Services (DPS) earlier this month reset the passwords of MPs and staff after the Australian Cyber Security Centre (ACSC) identified what the PM described as a “malicious intrusion into the Australian Parliament House computer network.”
During the investigation of that intrusion — which the government believes was conducted by a state-backed hacker — the ACSC “became aware that the networks of some political parties – Liberal, Labor and Nationals – have also been affected,” Morrison said.
“Our security agencies have detected this activity and acted decisively to confront it,” the PM told parliament. “They are securing these systems and protecting users.”
Morrison said that he would not “go into the detail of these operational matters”, but that experts believed a “sophisticated state actor is responsible for this malicious activity”.
The federal government in January 2017 said that the Australian Signals Directorate (ASD) would conduct security briefings for major political parties following allegations Russia sponsored the hacking of the Democratic National Committee in the US.
The prime minister said there was no evidence of any electoral interference, but that the ACSC has briefed Australia's electoral commissions as well as those responsible for cyber security within state and territory governments.
“I have instructed the Australian Cyber Security Centre to be ready to provide any political party or electoral body in Australia with immediate support, including making their technical experts available,” Morrison said.
He added that the ACSC had also been working with “global antivirus companies to ensure Australia’s friends and allies have the capacity to detect this malicious activity.”
Opposition leader Bill Shorten said that the attempted hacking of the parliament house network “is a source of grave concern to us all”.
“Australia is not exempt or immune from the kind of malicious activity that we’ve seen elsewhere,” the Labor leader said.
Shorten said that political parties “perhaps are more vulnerable” than government institutions when it comes to cyber security.
“Political parties are small organisations with only a few full-time staff, yet they collect store and use large amounts of information about voters and communities,” Shorten said.
“These institutions can be a soft target and our national approach to cyber security needs to pay more attention to non-government organisations. Our agencies shouldn’t just be providing advice to political parties but actively assisting in their defence.”
Shorten said that the Commonwealth national cyber security advisor, Alastair MacGibbon, is “dual-hatted” in his policy role, reporting to the secretary of the Department of Home Affairs but also, as operational head of the Australian Cyber Security Centre, reporting the director-general of the Australian Signals Directorate.
“Some are concerned that this dual-hatting creates fragmentation and stove-piping,” Shorten said. “We need a cohesive national approach through the Cyber Security Centre as a single entity responsible for managing the cyber mission in totality and reporting up through a single chain.
“We perhaps need to consider whether the Australian Cyber Security Centre needs to be the single point of contact and accountability for all cyber-related communication, reporting, incident response, crisis communication, management of threat intelligence capability, operations and policy.
"This centre should remain based in the defence portfolio and continue to report to the director-general of the Australian Signals Directorate."
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.