Australian Parliament Reports Cyberattack On Its Computer Network
SYDNEY, Australia — The Australian Parliament said on Friday that hackers had tried to break into its computer network, which includes lawmakers’ email archives, but that so far there were no indications that data had been stolen.
“Following a security incident on the parliamentary computing network, a number of measures have been implemented to protect the network and its users,” Parliament’s presiding officers, Tony Smith and Scott Ryan, said in a joint statement. “All users have been required to change their passwords. This has occurred overnight and this morning.”
“There is no evidence that any data has been accessed or taken at this time, however this will remain subject to ongoing investigation,” the statement read.
Australian news outlets reported that security agencies were investigating the possibility that a foreign government was behind the attack, possibly China’s.
The nature of the attack “suggests a state actor because it’s hard to make money from breaching a parliamentary system,” said Fergus Hanson, head of the International Cyber Policy Center at the Australian Strategic Policy Institute.
China’s attempts to influence Australian politics have become a major issue here, and Mr. Hanson said that for Australia, “obviously China is the No. 1 threat-actor when it comes to cyberattacks.” But he added that Iranian, North Korean and Russian hackers would also be possible suspects in the latest attack.
It comes as Australia is preparing for national elections that are likely to be held in May. Given that, Mr. Hanson said, the attack on a system that houses lawmakers’ official email accounts was concerning, in light of well-known recent attempts to influence elections through cyberattacks — most notoriously, the Russian interference in the American presidential election in 2016, which involved the theft of emails.
“It would be the location where you’d find compromising emails or emails showing disputes, who was in agreement on certain policies and who wasn’t,” Mr. Hanson said of Parliament’s network.
But in their statement, Mr. Ryan and Mr. Smith said there was “no evidence that this is an attempt to influence the outcome of parliamentary processes or to disrupt or influence electoral or political processes.”
Some analysts were skeptical that China would be officially blamed for the attack, even if evidence of its involvement emerged.
“There’s been a lot of political reluctance to attribute attacks to China,” said Alex Joske, a researcher at the International Cyber Policy Center. “It’s been seen by some people as not offering many benefits while drawing a lot of criticism and anger from the Chinese government.”
Australia joined the United States last December in condemning a Chinese state-backed hacking group for trying to steal intellectual property. But the government has not publicly held China responsible for other cyberattacks that national security experts said seemed to bear its fingerprints.
Last year, security experts said that tools commonly used by Chinese hackers had been deployed in attacks on the Defense Department and the Australian National University. In 2013, the theft of classified blueprints for the Australian Security Intelligence Organization’s new headquarters was also reported to have been linked to China.
“More information will come out, but probably no official attribution,” Mr. Hanson said of the attack on Parliament’s system. “At the end of the day, that just encourages bad behavior.”