Australia’s main political parties have been hacked by a “sophisticated state actor” just months before the country’s election, the government said on Monday.
The disclosure comes just 10 days after the Australian parliament revealed its computer networks were the subject of a “malicious intrusion”, prompting the government to order an investigation and bolster cyber security.
Scott Morrison, Australia’s prime minister, told parliament the country’s cyber security agencies have moved decisively to confront the hackers and believed a state actor was responsible for the attacks. He said there was no evidence of electoral interference and the government had put in place measures to ensure the integrity of the electoral system.
“Members will be aware that the Australian Cyber Security Centre recently identified a malicious intrusion into the Australian Parliament House computer network,” he said.
“During the course of this work, we also became aware that the networks of some political parties — Liberal, Labor and the Nationals — have also been affected.”
Mr Morrison did not accuse any individual country, although cyber security experts have said China or Russia are the most likely state actors to engage in that sort of attack ahead of an election.
“There was until now some hope that Australia’s elections would not be on the radar of state actors such as China or Russia,” said Fergus Hanson, head of cyber security at the Australian Strategic Policy Institute, a Canberra-based think-tank. “This is a big wake-up call that Australia is no longer on the periphery of these issues.”
Australia’s government has said it will probably call an election in May and the cyber attacks have raised fears the campaign may be subject to the same type of electoral meddling seen in the 2016 US presidential election. US intelligence agencies concluded Russian agents hacked the Democratic National Committee and leaked sensitive information about Hillary Clinton, the Democratic candidate, during that campaign.
“That Australian political parties were attacked in the run-up to a national election should surprise no one,” said Steve Ledzian, chief technology officer for Asia-Pacific at FireEye, a cyber security company.
“Other nation-states are interested to learn what’s happening behind the scenes, who is talking with whom, how policies are formed, and so on.”
Mr Ledzian added that this type of information was increasingly collected through cyber espionage because it was effective, economical, low risk and offered plausible deniability.
Australian state agencies and universities, including the Bureau of Meteorology and Australian National University, have been victims of cyber attacks in the past, leading to reports that China was responsible. Beijing has denied these claims.
Last week, a spokeswoman for China’s ministry of foreign affairs rejected suggestions published in Australia that Beijing was responsible for the recent cyber attack on the parliament in Canberra, saying these were part of a “smear campaign”.
