F35 Fighter Data Stolen In Hack On Australian Contractor

F35 Fighter Data Stolen In Hack On Australian Contractor

F35 Fighter Data Stolen In Hack On Australian Contractor

"Given that hackers were able to roam the network long enough to siphon off 30GB of sensitive data, it highlights that there is a fundamental element of cyber security missing".

Mr Pyne said the stolen information was not classified and a major defence company had alerted the contractor and government to the breach.

The security breach began in July previous year, but the Australian Signals Directorates (ASD) was not notified until the November.

At the moment, QinetiQ Australia has 350 specialist staff located across Australia who use their know-how to deliver value solutions to Australian defence and government organisations across air, land, sea and information domains as well as the rail and mining industries.

The Australian defence industry minister has confirmed on Thursday that top secret data about the Joint Strike Fighter programme and other military hardware has been stolen. It could be a state actor or a non-state actor.

"While the Australian company is a national-security linked contractor and the information disclosed was commercially sensitive, it was unclassified", they said in a statement on Wednesday evening.

He added that the "compromise was extensive and extreme". The time period between July and November when the contractor was unaware of the hack is being called "Alf's Mystery Happy Fun Time".

Richard Branson To Invest In Elon Musk's Hyperloop One
Branson said he was "looking forward to helping turn this cutting edge engineering into a global passenger service", he added. Branson said the company was working on "exciting projects" around the world but no lines have been confirmed as yet.

The theft of the data in the hack was reported publicly as part of the 2017 Threat Report issued by the Australian Cyber Security Centre (ACSC).

The firm was subcontracted four levels down from defence contracts and hacked by a person or group dubbed "ALF" after the character in TV soap opera Home and Away by authorities, he said.

"Moreover, with trust built on the users and applications - rather than the infrastructure - it becomes possible for organisations to embrace a security model built on breach containment, rather than prevention and detection alone", said German.

Even without this exploit, the company still had used the default username and passwords for many of its logins. The government agency is responsible for foreign signals intelligence collection, and also houses the country's Australian Cyber Security Center.

"Fortunately the data that has been taken is commercial data, not military data", he said. Breach detection times are not reducing.

He faced little resistance, and gained access through a security vulnerability in the company's Helpdesk portal, says the report. "Which means that, in the inevitability of a breach occurring, the data to which hackers can gain access is constrained".

Related news