Australia cyber hack raises privacy concerns
Australia’s Parliament House computer network suffered a “malicious intrusion” on Feb. 8, according to Prime Minister Scott Morrison; on Feb. 18, he revealed before the House of Representatives that a number of specific political parties were hacked as part of that intrusion, among them his own Liberal party, the opposition Labor party and the National party. The attack, he said, was perpetrated by a “sophisticated state actor,” though he added that there was no electoral interference.
He did not provide details on what information was stolen in the breach.
Speculation began almost immediately that China may have been responsible, with senior intelligence sources telling the Sydney Morning Herald that the malware used in the attack suggests the work of China or Russia. China is believed to be responsible for previous hacks against Australia’s government networks in 2011 and 2015.
At a Feb. 18 media briefing, Chinese foreign ministry spokesman Geng Shuang warned that, “Irresponsible reporting, accusation, pressure and sanctions will only aggravate the tension and confrontation in cyberspace and poison the environment of cooperation.” He made similar comments later in the week, stressing that “a sound and stable China-Australia relationship serves the common interests of both countries and peoples.”
That relationship was strained last week when China abruptly stopped accepting coal imports at a key port in Dalian, in northern China. Reports noted that other countries’ coal exports to China were not affected.
The hack raises a number of privacy concerns, ranging from Australian citizens’ personal information and voting records being hacked to the possibility of private emails being leaked. “Political parties are small organizations with only a few full-time staff, yet they collect, store and use large amounts of information about voters and communities,” said opposition leader Bill Shorten. “These institutions can be a soft target, and our national approach to cybersecurity needs to pay more attention to non-government organizations.”
When asked about some of these concerns, a spokesman for the Australian Cyber Security Center, the government agency in charge of investigating the breach, said the ACSC “is not in a position to provide further information at this time” and “does not comment on ongoing investigations or operations.” The spokesman did link to a Sky News interview with ACSC chief Alastair MacGibbon, in which MacGibbon stresses the preliminary nature of the investigation and notes, “I don’t even know the extent of their activity in those last three [Liberal, Labor and National] networks.”
So what can ordinary Australians do to protect themselves from state actors stealing their data as part of a global game of cyber spycraft?
“In practice, very little,” said Dr. Bruce Baer Arnold, the Juris Doctor program director at the University of Canberra’s School of Law and Justice, as well as vice chair of the nonprofit Australian Privacy Foundation.
“A certain degree of openness is the price we pay for democracy. The salience of that unauthorized access depends very much on what data has been accessed — typically it won’t include health or financial data — and how it might be misused.”
Arnold said Australians could demand better cybersecurity protections and a national Bill of Rights enshrining privacy, something he said is not present in Australia’s constitution.
Steve Ledzian, vice president and Chief Technology Officer of cybersecurity firm FireEye’s Asia Pacific division, said the fact that the hack occurred mere months before the upcoming federal election in May should not be overlooked.
“Significant elections nearly always draw the interest of advanced attackers,”he said. “Other nation-states are interested to learn what’s happening behind the scenes, who is talking with whom, how policies are formed, and so on. This information is increasingly collected through cyber espionage because it’s incredibly effective, economical, low risk and offers plausible deniability.
“A big question for Australian leadership is when will they start publicly attributing targeted cyberattacks. Disclosure alone helps raise awareness but offers little deterrence for attackers.”
While many Americans are familiar with Russia’s interference in the 2016 presidential election, in which over 150,000 private Democratic emails were released, state actors hacking into each others’ systems is commonplace, according to Jacob Furst, director of DePaul’s School of Computing.
“It happens all the time,” he said. “And only in fairly rare cases does it reach this scale and success.
“The interesting thing about a state actor potentially being behind this is that identity fraud is probably not a very likely outcome. The Russian government is not interested, probably, in filing false Australian tax returns.”
Furst said blackmail or vote rigging might be possible motives for the hack, though he said the true motive might ultimately be more benign.
“If it is a state agent, they’re just trying to gather information about the Australians that might be helpful or useful in international negotiations — the kind of spying that’s been done for as long as there have been states, but enabled in a new technological way,” he said.
So is the theft of citizens’ supposedly private data by malicious actors the “new normal” going forward?
“It is absolutely the new normal. This is what the cybersecurity landscape looks like right now,” Furst said. “Organized crime and nation states perpetuating hacks either to get money or to, probably, influence diplomacy in some kind or another and gain advantage for the nation.”
Arnold, of the Australian Privacy Foundation, said that in Australia the government should implement “greater monitoring, tougher sanctions, better network design and a coherent national data protection — including privacy — regime through systemic reform of law at the national and state-territory level.”
“We assume, of course,” he added, “that the NSA is having fun mining our telecommunications.”