According to the Australian Broadcasting Corp (ABC), earlier this
The attack took place on January 31, 2019, when the Australian security agencies discovered the intrusion and monitored it for a week before shutting down the network in the attempt of hunting the threat actors. The incident was revealed by Senate President Scott Ryan that informed the parliamentary committee of the intrusion, according to the ABC.
“A small number of users visited a legitimate external website that had been compromised,” Senate President Scott Ryan told a parliamentary committee. “This caused malware to be injected into the parliamentary computer network.”
“They shut the system down on February 8, after two senators and a small number of lower house members had “non-sensitive” data stolen.”
According to the Australian Broadcasting Corp, hackers accessed “non-sensitive” data stolen belonging to two senators and a small number of lower house members.
The security staff at the Parliament notified the incident to the users, as a precautionary measure the experts shut down the Parliament’s IT system in order to reset user’s password.
The Australian government did not provide further details about the hack, it is only known that a malware infected some computers after users visited a legitimate external website that was previously compromised.
Personnel and users at the Parliament were not temporarily blocked from accessing personal email accounts like Gmail.
Australia disclosed the attacks in February, at the time experts speculated the involvement of a nation-date actor without attributing the attacks to a specific threat actor.
In September, Australia’s intelligence announced it has evidence that the attacks that hit its parliament and political parties were orchestrated by China. Anyway the Australian government decided to not publicly accuse it to preserve trade relations with Beijing.
Reuters cited five sources within the Australian intelligence that attributed the attacks on its national parliament and three largest political parties before the general election in May to China-linked hackers.
“The cyber intelligence agency, the Australian Signals Directorate, concluded in March that China’s Ministry of State Security was responsible for the attack but recommended keeping the findings secret to avoid disrupting trade relations with Beijing” states the Reuters.
(SecurityAffairs – Australian Parliament, hacking)