Australia Took Military System Offline Over Hack FearsDefense Department Says No Data Was Compromised
Australia took a sensitive military recruiting database offline for 10 days in February following concerns it may have been compromised, according to the ABC local news report.
See Also: Case Study: The Road to Zero Trust
The database contains medical exam data, psychological records and summaries of interview with recruits, the ABC reports. The database is maintained under contract by a private company, ManpowerGroup.
The Defense Department says in a statement that some elements of the database, called the Defense Force Recruiting Network, were “proactively” taken offline on Feb. 2. Normal operations resumed on Feb. 12, it says.
“An investigation did not identify any evidence to suggest a compromise of information had occurred,” according to a Defense Department spokesperson. The department says “the security of information systems and personnel data is of paramount importance.” No further information was released.
Call for Investigation
An anonymous source tells the ABC that the first suspicions were raised before Christmas. Meetings were held twice a day over the Christmas holidays to address the situation, according to the news report.
As a result, email systems between DFRN computers and the department’s protected network were suspended, the ABC reports.
"An investigation did not identify any evidence to suggest a compromise of information had occurred."
—Australian Department of Defense
ManpowerGroup, a large U.S. based company, tells Information Security Media Group it had been aware of a potential issue and that the DFRN had been restored to full operations.
Two Australian lawmakers in the House of Representatives, Andrew Hastie and Luke Gosling, expressed concern over the development.
Hastie, who served in Afghanistan, says that no breach can be considered too small and that the length of time the database was offline suggests a sophisticated actor was involved. Gosling, who served in the Australian Army for 11 years, called for a “thorough investigation,” according to the ABC.
Under Attack Before
Australia has had several major cybersecurity incidents over the last several years that have raised concerns.
In February 2019, it was revealed attackers had breached the email system of the Australian Parliament. An investigation concluded no information had been taken (see: Hack Attack Breaches Australian Parliament Network).
It was revealed later in the year that a watering-hole attack led to the compromise. A legitimate external website was compromised, Sen. Scott Ryan said at the time, which “caused malware to be injected into the Parliamentary Computing Network” (see: Compromised Website Led to Australia Parliament Hack).
Reuters reported in September 2019 that Australia’s intelligence agencies believed China’s Ministry of State Security was involved in the attack against Parliament as well attacks against three political parties before a general election in May 2019. China disputed the allegation.
Also last year, Australian National University reported a data breach affecting staff and student data stretching back 19 years. The data included names, addresses, birth dates, phone numbers, personal email addresses, emergency contact details, tax file numbers, payroll information, bank account details, passport details and student academic records (see: Australian National University: 19 Years of Data Copied).
The university is an attractive target because it runs the National Security College, a graduate school focused on defense studies run in cooperation with the Australian government.